csharp.dotnet.security.use_weak_rng_for_keygeneration.use_weak_rng_for_keygeneration

profile photo of semgrepsemgrep
Author
unknown
Download Count*

You are using an insecure random number generator (RNG) to create a cryptographic key. System.Random must never be used for cryptographic purposes. Use System.Security.Cryptography.RandomNumberGenerator instead.

Run Locally

Run in CI

Defintion

rules:
  - id: use_weak_rng_for_keygeneration
    message: You are using an insecure random number generator (RNG) to create a
      cryptographic key. System.Random must never be used for cryptographic
      purposes. Use System.Security.Cryptography.RandomNumberGenerator instead.
    severity: ERROR
    metadata:
      likelihood: HIGH
      impact: MEDIUM
      confidence: HIGH
      category: security
      cwe:
        - "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator
          (PRNG)"
      owasp:
        - A02:2021 - Cryptographic Failures
      references:
        - https://learn.microsoft.com/en-us/dotnet/api/system.random?view=net-6.0#remarks
        - https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.randomnumbergenerator?view=net-6.0
        - https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesgcm?view=net-6.0#constructors
        - https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.symmetricalgorithm.key?view=net-6.0#system-security-cryptography-symmetricalgorithm-key
      subcategory:
        - vuln
      technology:
        - .net
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
      vulnerability_class:
        - Cryptographic Issues
    languages:
      - csharp
    mode: taint
    pattern-sources:
      - patterns:
          - pattern-inside: (System.Random $RNG).NextBytes($KEY); ...
          - pattern: $KEY
    pattern-sinks:
      - pattern-either:
          - patterns:
              - pattern: ($KEYTYPE $CIPHER).Key = $SINK;
              - focus-metavariable: $SINK
              - metavariable-pattern:
                  metavariable: $KEYTYPE
                  pattern-either:
                    - pattern: SymmetricAlgorithm
                    - pattern: Aes
                    - pattern: Rijndael
                    - pattern: DES
                    - pattern: TripleDES
                    - pattern: RC2
          - pattern: new AesGcm(...)
          - pattern: new AesCcm(...)
          - pattern: new ChaCha20Poly1305(...)

Examples

use_weak_rng_for_keygeneration.cs

using System;
using System.Security.Cryptography;
					
public class Program
{	
	public void GenerateBadKey() {
		var rng = new System.Random();
		byte[] key = new byte[16];
		rng.NextBytes(key);
		SymmetricAlgorithm cipher = Aes.Create();
		// ruleid: use_weak_rng_for_keygeneration
		cipher.Key = key;
	}
	
	public void GenerateBadKeyGcm() {
		var rng = new System.Random();
		byte[] key = new byte[16];
		rng.NextBytes(key);
		// ruleid: use_weak_rng_for_keygeneration
		var cipher = new AesGcm(key);
	}
	
	public void GenerateGoodKey() {
		var rng = System.Security.Cryptography.RandomNumberGenerator.Create();
		byte[] key = new byte[16];
		rng.GetBytes(key);
		var cipher = Aes.Create();
		// ok: use_weak_rng_for_keygeneration
		cipher.Key = key;
	}

	public void GenerateGoodKeyGcm() {
		var rng = System.Security.Cryptography.RandomNumberGenerator.Create();
		byte[] key = new byte[16];
		rng.GetBytes(key);
		// ok: use_weak_rng_for_keygeneration
		var cipher = new AesGcm(key);
	}

	public void GenerateBadKeyCcm() {
		var rng = new System.Random();
		byte[] key = new byte[16];
		rng.NextBytes(key);
		// ruleid: use_weak_rng_for_keygeneration
		var cipher = new AesCcm(key);
	}

	public void GenerateGoodKeyCcm() {
		var rng = System.Security.Cryptography.RandomNumberGenerator.Create();
		byte[] key = new byte[16];
		rng.GetBytes(key);
		// ok: use_weak_rng_for_keygeneration
		var cipher = new AesCcm(key);
	}

	public void GenerateBadKeyChaCha20() {
		var rng = new System.Random();
		byte[] key = new byte[16];
		rng.NextBytes(key);
		// ruleid: use_weak_rng_for_keygeneration
		var cipher = new ChaCha20Poly1305(key);
	}

	public void GenerateGoodKeyChaCha20() {
		var rng = System.Security.Cryptography.RandomNumberGenerator.Create();
		byte[] key = new byte[16];
		rng.GetBytes(key);
		// ok: use_weak_rng_for_keygeneration
		var cipher = new ChaCha20Poly1305(key);
	}
}