feat: add Java Padding Oracle encryption vulnerability rule (#93)

Co-authored-by: David Roe <[email protected]>
Bearer · Jun 12, 2023 · eeb7b18 · eeb7b18
1 parent eed03bf
commit eeb7b18
Show file tree

Hide file tree

Showing 7 changed files with 120 additions and 0 deletions.
diff --git a/java/lang/padding_oracle_encryption_vulnerability.yml b/java/lang/padding_oracle_encryption_vulnerability.yml
@@ -0,0 +1,40 @@
+patterns:
+  - pattern: $<CIPHER>.getInstance($<PADDING_ORACLE>)
+    filters:
+      - variable: CIPHER
+        regex: ^(javax.)?(crypto.)?Cipher
+      - variable: PADDING_ORACLE
+        string_regex: \/CBC\/PKCS5Padding\z
+      - not:
+          variable: PADDING_ORACLE
+          string_regex: \A(RSA|ECIES)
+languages:
+  - java
+metadata:
+  description: "Padding Oracle encryption vulnerability detected."
+  remediation_message: |
+    ## Description
+
+    Using a block cipher algorithm mode, such as CBC, together with a padding scheme is vulnerable to Padding Oracle attacks.
+
+    ## Remediations
+
+    ❌  Do not use CBC (Cipher Block Chaining) mode with padding
+
+    ```java
+      Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
+    ```
+
+    ✅ Prefer GCM (Galois/Counter Mode) instead
+
+    ```java
+      Cipher c = Cipher.getInstance("AES/GCM/PKCS5Padding");
+    ```
+
+    ## Resources
+    - [Java Cipher class](https://docs.oracle.com/en/java/javase/20/docs/api/java.base/javax/crypto/Cipher.html)
+    - [Java Security Standard Algorithm Names](https://docs.oracle.com/en/java/javase/20/docs/specs/security/standard-names.html)
+  cwe_id:
+    - 327
+  id: java_lang_padding_oracle_encryption_vulnerability
+  documentation_url: https://docs.bearer.com/reference/rules/java_lang_padding_oracle_encryption_vulnerability
diff --git a/java/lang/padding_oracle_encryption_vulnerability/.snapshots/block_cipher.yml b/java/lang/padding_oracle_encryption_vulnerability/.snapshots/block_cipher.yml
@@ -0,0 +1,52 @@
+low:
+    - rule:
+        cwe_ids:
+            - "327"
+        id: java_lang_padding_oracle_encryption_vulnerability
+        title: Padding Oracle encryption vulnerability detected.
+        description: |
+            ## Description
+
+            Using a block cipher algorithm mode, such as CBC, together with a padding scheme is vulnerable to Padding Oracle attacks.
+
+            ## Remediations
+
+            ❌  Do not use CBC (Cipher Block Chaining) mode with padding
+
+            ```java
+              Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            ```
+
+            ✅ Prefer GCM (Galois/Counter Mode) instead
+
+            ```java
+              Cipher c = Cipher.getInstance("AES/GCM/PKCS5Padding");
+            ```
+
+            ## Resources
+            - [Java Cipher class](https://docs.oracle.com/en/java/javase/20/docs/api/java.base/javax/crypto/Cipher.html)
+            - [Java Security Standard Algorithm Names](https://docs.oracle.com/en/java/javase/20/docs/specs/security/standard-names.html)
+        documentation_url: https://docs.bearer.com/reference/rules/java_lang_padding_oracle_encryption_vulnerability
+      line_number: 3
+      full_filename: /tmp/scan/block_cipher.java
+      filename: .
+      source:
+        location:
+            start: 3
+            end: 3
+            column:
+                start: 14
+                end: 69
+      sink:
+        location:
+            start: 3
+            end: 3
+            column:
+                start: 14
+                end: 69
+        content: javax.crypto.Cipher.getInstance("AES/CBC/PKCS5Padding")
+      parent_line_number: 3
+      snippet: javax.crypto.Cipher.getInstance("AES/CBC/PKCS5Padding")
+      fingerprint: 368142b7ce98efcf47351ef4a2c2dab7_0
+      old_fingerprint: 83661fbb9de19d845a95fe1686f115bb_0
+
diff --git a/java/lang/padding_oracle_encryption_vulnerability/.snapshots/ok_gcm.yml b/java/lang/padding_oracle_encryption_vulnerability/.snapshots/ok_gcm.yml
@@ -0,0 +1,2 @@
+{}
+
diff --git a/java/lang/padding_oracle_encryption_vulnerability/.snapshots/ok_not_a_block_cipher.yml b/java/lang/padding_oracle_encryption_vulnerability/.snapshots/ok_not_a_block_cipher.yml
@@ -0,0 +1,2 @@
+{}
+
diff --git a/java/lang/padding_oracle_encryption_vulnerability/testdata/block_cipher.java b/java/lang/padding_oracle_encryption_vulnerability/testdata/block_cipher.java
@@ -0,0 +1,8 @@
+public byte[] signToken(byte[] payload) throws GeneralSecurityException
+{
+  Cipher c = javax.crypto.Cipher.getInstance("AES/CBC/PKCS5Padding");
+
+  c.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
+
+  return c.doFinal(payload);
+}
diff --git a/java/lang/padding_oracle_encryption_vulnerability/testdata/ok_gcm.java b/java/lang/padding_oracle_encryption_vulnerability/testdata/ok_gcm.java
@@ -0,0 +1,8 @@
+public byte[] signToken(byte[] payload) throws GeneralSecurityException
+{
+  Cipher c = javax.crypto.Cipher.getInstance("AES/GCM/PKCS5Padding");
+
+  c.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
+
+  return c.doFinal(payload);
+}
diff --git a/java/lang/padding_oracle_encryption_vulnerability/testdata/ok_not_a_block_cipher.java b/java/lang/padding_oracle_encryption_vulnerability/testdata/ok_not_a_block_cipher.java
@@ -0,0 +1,8 @@
+public byte[] signToken(byte[] payload) throws GeneralSecurityException
+{
+  Cipher c = javax.crypto.Cipher.getInstance("RSA/CBC/PKCS5Padding");
+
+  c.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
+
+  return c.doFinal(payload);
+}