python.pycryptodome.security.mode-without-authentication.crypto-mode-without-authentication
semgrep
Author
unknown
Download Count*
License
An encryption mode of operation is being used without proper message authentication. This can potentially result in the encrypted content to be decrypted by an attacker. Consider instead use an AEAD mode of operation like GCM.
Run Locally
Run in CI
Defintion
rules:
- id: crypto-mode-without-authentication
message: "An encryption mode of operation is being used without proper message
authentication. This can potentially result in the encrypted content to be
decrypted by an attacker. Consider instead use an AEAD mode of operation
like GCM. "
languages:
- python
severity: ERROR
metadata:
category: security
technology:
- cryptography
cwe:
- "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
owasp:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
references:
- https://owasp.org/Top10/A02_2021-Cryptographic_Failures
subcategory:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
vulnerability_class:
- Cryptographic Issues
patterns:
- pattern-either:
- patterns:
- pattern-either:
- pattern: |
AES.new(..., $PYCRYPTODOME_MODE)
- pattern-not-inside: |
AES.new(..., $PYCRYPTODOME_MODE)
...
HMAC.new
- metavariable-pattern:
metavariable: $PYCRYPTODOME_MODE
patterns:
- pattern-either:
- pattern: AES.MODE_CBC
- pattern: AES.MODE_CTR
- pattern: AES.MODE_CFB
- pattern: AES.MODE_OFB
Examples
mode-without-authentication.py
from Crypto.Random import get_random_bytes
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
from base64 import b64encode
from Crypto.Hash import HMAC, SHA256
def example1():
# AES CBC, no mac
sensitive_data = b"ALIENS DO EXIST!!!!"
key = get_random_bytes(16)
# ruleid: crypto-mode-without-authentication
cipher = AES.new(key, AES.MODE_CBC)
ciphertext = cipher.encrypt(pad(sensitive_data, AES.block_size))
def example2():
# AES CBC with HMAC
key = get_random_bytes(16)
# ok: crypto-mode-without-authentication
cipher = AES.new(key, AES.MODE_CBC)
iv = b64encode(cipher.iv).decode('utf-8')
sensitive_data = b"ALIENS DO EXIST!!!!"
encrypted_bytes = cipher.encrypt(pad("data_to_encrypt", AES.block_size))
hmac = HMAC.new(get_random_bytes(16), digestmod=SHA256)
hmac.update(encrypted_bytes)
mac_bytes = hmac.digest()
Short Link: https://sg.run/k1K1