python.pycryptodome.security.mode-without-authentication.crypto-mode-without-authentication

profile photo of semgrepsemgrep
Author
unknown
Download Count*
LGPL Commons Clause
License

An encryption mode of operation is being used without proper message authentication. This can potentially result in the encrypted content to be decrypted by an attacker. Consider instead use an AEAD mode of operation like GCM.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: crypto-mode-without-authentication
    message: "An encryption mode of operation is being used without proper message
      authentication. This can potentially result in the encrypted content to be
      decrypted by an attacker. Consider instead use an AEAD mode of operation
      like GCM. "
    languages:
      - python
    severity: ERROR
    metadata:
      category: security
      technology:
        - cryptography
      cwe:
        - "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
      owasp:
        - A03:2017 - Sensitive Data Exposure
        - A02:2021 - Cryptographic Failures
      references:
        - https://owasp.org/Top10/A02_2021-Cryptographic_Failures
      subcategory:
        - vuln
      likelihood: LOW
      impact: MEDIUM
      confidence: MEDIUM
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
      vulnerability_class:
        - Cryptographic Issues
    patterns:
      - pattern-either:
          - patterns:
              - pattern-either:
                  - pattern: |
                      AES.new(..., $PYCRYPTODOME_MODE)
              - pattern-not-inside: |
                  AES.new(..., $PYCRYPTODOME_MODE)
                  ...
                  HMAC.new
              - metavariable-pattern:
                  metavariable: $PYCRYPTODOME_MODE
                  patterns:
                    - pattern-either:
                        - pattern: AES.MODE_CBC
                        - pattern: AES.MODE_CTR
                        - pattern: AES.MODE_CFB
                        - pattern: AES.MODE_OFB

Examples

mode-without-authentication.py

from Crypto.Random import get_random_bytes
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
from base64 import b64encode
from Crypto.Hash import HMAC, SHA256


def example1():
  # AES CBC, no mac
  sensitive_data = b"ALIENS DO EXIST!!!!"
  key = get_random_bytes(16)
  # ruleid: crypto-mode-without-authentication
  cipher = AES.new(key, AES.MODE_CBC)
  ciphertext = cipher.encrypt(pad(sensitive_data, AES.block_size))


def example2():
  # AES CBC with HMAC

  key = get_random_bytes(16)
  # ok: crypto-mode-without-authentication
  cipher = AES.new(key, AES.MODE_CBC)
  iv = b64encode(cipher.iv).decode('utf-8')
  sensitive_data = b"ALIENS DO EXIST!!!!"
  encrypted_bytes = cipher.encrypt(pad("data_to_encrypt", AES.block_size))

  hmac = HMAC.new(get_random_bytes(16), digestmod=SHA256)
  hmac.update(encrypted_bytes)
  mac_bytes = hmac.digest()