Skip to content

MASTG-DEMO-0012: Weak Cryptographic Key Generation

Content in BETA

This content is in beta and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).

Send Feedback

Sample

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
package org.owasp.mastestapp

import android.util.Log
import android.content.Context
import android.security.keystore.KeyProperties
import android.util.Base64
import java.security.KeyPairGenerator
import java.security.SecureRandom
import javax.crypto.KeyGenerator
import javax.crypto.SecretKey

class MastgTest (private val context: Context){

    fun mastgTest(): String {

        val generator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA)
        generator.initialize(1024, SecureRandom()) // for 1025 bit RSA Key
        val keypair = generator.genKeyPair()
        Log.d("Keypair generated RSA", Base64.encodeToString(keypair.public.encoded, Base64.DEFAULT))

        val keyGen1 = KeyGenerator.getInstance("AES")
        keyGen1.init(128) // for 128 bit AES key
        val secretKey1: SecretKey = keyGen1.generateKey()

        val keyGen2 = KeyGenerator.getInstance("AES")
        keyGen2.init(256) // for 256 bit AES key
        val secretKey2: SecretKey = keyGen2.generateKey()

        return "Generated RSA Key:\n " + Base64.encodeToString(keypair.public.encoded, Base64.DEFAULT)+"Generated AES Key1\n "+ Base64.encodeToString(secretKey1.encoded, Base64.DEFAULT)+ "Generated AES Key2\n "+ Base64.encodeToString(secretKey2.encoded, Base64.DEFAULT);

    }

}
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
package org.owasp.mastestapp;

import android.content.Context;
import android.util.Base64;
import android.util.Log;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: MastgTest.kt */
@Metadata(d1 = {"\u0000\u0018\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\b\u0007\u0018\u00002\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0006\u0010\u0005\u001a\u00020\u0006R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u0007"}, d2 = {"Lorg/owasp/mastestapp/MastgTest;", "", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", "mastgTest", "", "app_debug"}, k = 1, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes4.dex */
public final class MastgTest {
    public static final int $stable = 8;
    private final Context context;

    public MastgTest(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.context = context;
    }

    public final String mastgTest() {
        KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
        generator.initialize(1024, new SecureRandom());
        KeyPair keypair = generator.genKeyPair();
        Log.d("Keypair generated RSA", Base64.encodeToString(keypair.getPublic().getEncoded(), 0));
        KeyGenerator keyGen1 = KeyGenerator.getInstance("AES");
        keyGen1.init(128);
        SecretKey secretKey1 = keyGen1.generateKey();
        Intrinsics.checkNotNullExpressionValue(secretKey1, "generateKey(...)");
        KeyGenerator keyGen2 = KeyGenerator.getInstance("AES");
        keyGen2.init(256);
        SecretKey secretKey2 = keyGen2.generateKey();
        Intrinsics.checkNotNullExpressionValue(secretKey2, "generateKey(...)");
        return "Generated RSA Key:\n " + Base64.encodeToString(keypair.getPublic().getEncoded(), 0) + "Generated AES Key1\n " + Base64.encodeToString(secretKey1.getEncoded(), 0) + "Generated AES Key2\n " + Base64.encodeToString(secretKey2.getEncoded(), 0);
    }
}

Steps

Let's run our semgrep rule against the sample code.

../../../../rules/mastg-android-weak-key-generation.yml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
rules:
  - id: weak_key_size
    severity: WARNING
    languages:
      - java
    metadata:
      summary: This rule looks for methods that create a weak key size in encryption algorithms.
    message: "[MASVS-CRYPTO] Make sure that the key size is according to security best practices"
    pattern-either:
      - pattern: |
          $K = $G.getInstance("RSA");
          ...
          $K.initialize(1024, new SecureRandom());
      - pattern: |
          $K = $G.getInstance("RSA");
          ...
          $K.initialize(512, new SecureRandom());
      - pattern: |
          $K = $G.getInstance("AES");
          ...
          $K.init(128);
run.sh
1
NO_COLOR=true semgrep -c ../../../../rules/mastg-android-weak-key-generation.yml ./MastgTest_reversed.java --text -o output.txt

Observation

The rule has identified some instances in the code file where cryptographic keys are being generated. The specified line numbers can be located in the reverse-engineered code for further investigation and remediation.

output.txt
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
┌─────────────────┐
 2 Code Findings 
└─────────────────┘

    MastgTest_reversed.java
    ❯❱ weak_key_size
          Cryptographic implementations with insufficient key length are being used.

           27 KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
           28 generator.initialize(1024, new SecureRandom());
            ⋮┆----------------------------------------
           31 KeyGenerator keyGen1 = KeyGenerator.getInstance("AES");
           32 keyGen1.init(128);

Evaluation

The test fails because the key size of the RSA key is set to 1024 bits, and the size of the AES key is set to 128, which is considered weak in both cases.