update iterations threshold to most recent OWASP recommendation

karimhamdanali · karimhamdanali · commit 18dd0f650cb8 · 2022-10-25T14:01:40.000+02:00
which is at least 120,000 iterations for secure password hashing
diff --git a/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.qhelp b/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.qhelp
@@ -7,11 +7,11 @@
   </overview>
 
   <recommendation>
-    <p>Use sufficient number of iterations (that is, greater than or equal 1000) for generating password-based keys.</p>
+    <p>Use sufficient number of iterations (that is, greater than or equal 120000) for generating password-based keys.</p>
   </recommendation>
 
   <example>
-    <p>The following example shows a few cases of instantiating a password-based key. In the 'BAD' cases, the key is initialized with insufficient iterations, making it susceptible to password cracking attacks. In the 'GOOD' cases, the key is initialized with at least 1000 iterations, which protects the encrypted data against recovery.</p>
+    <p>The following example shows a few cases of instantiating a password-based key. In the 'BAD' cases, the key is initialized with insufficient iterations, making it susceptible to password cracking attacks. In the 'GOOD' cases, the key is initialized with at least 120000 iterations, which protects the encrypted data against recovery.</p>
     <sample src="InsufficientHashIterations.swift" />
   </example>
 
diff --git a/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql b/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
@@ -1,6 +1,6 @@
 /**
  * @name Insufficient hash iterations
- * @description Using hash functions with < 1000 iterations is not secure, because that scheme leads to password cracking attacks due to having an insufficient level of computational effort.
+ * @description Using hash functions with less than 120,000 iterations is not secure, because that scheme leads to password cracking attacks due to having an insufficient level of computational effort.
  * @kind path-problem
  * @problem.severity error
  * @security-severity 7.8
@@ -21,10 +21,10 @@ import DataFlow::PathGraph
 abstract class IterationsSource extends Expr { }
 
 /**
- * A literal integer that is 1000 or less is a source of taint for iterations.
+ * A literal integer that is 120,000 or less is a source of taint for iterations.
  */
 class IntLiteralSource extends IterationsSource instanceof IntegerLiteralExpr {
-  IntLiteralSource() { this.getStringValue().toInt() < 1000 }
+  IntLiteralSource() { this.getStringValue().toInt() < 120000 }
 }
 
 /**
diff --git a/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.swift b/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.swift
@@ -2,13 +2,13 @@
 func encrypt() {
 	// ...
 
-	// BAD: Using insufficient (i.e., < 1000) hash iterations keys for encryption
-	_ = try PKCS5.PBKDF1(password: getRandomArray(), salt: getRandomArray(), iterations: 900, keyLength: 0)
-	_ = try PKCS5.PBKDF2(password: getRandomArray(), salt: getRandomArray(), iterations: 900, keyLength: 0)
+	// BAD: Using insufficient (i.e., < 120,000) hash iterations keys for encryption
+	_ = try PKCS5.PBKDF1(password: getRandomArray(), salt: getRandomArray(), iterations: 90000, keyLength: 0)
+	_ = try PKCS5.PBKDF2(password: getRandomArray(), salt: getRandomArray(), iterations: 90000, keyLength: 0)
 
-	// GOOD: Using sufficient (i.e., >= 1000) hash iterations keys for encryption
-	_ = try PKCS5.PBKDF1(password: getRandomArray(), salt: getRandomArray(), iterations: 1100, keyLength: 0)
-	_ = try PKCS5.PBKDF2(password: getRandomArray(), salt: getRandomArray(), iterations: 1100, keyLength: 0)
+	// GOOD: Using sufficient (i.e., >= 120,000) hash iterations keys for encryption
+	_ = try PKCS5.PBKDF1(password: getRandomArray(), salt: getRandomArray(), iterations: 120120, keyLength: 0)
+	_ = try PKCS5.PBKDF2(password: getRandomArray(), salt: getRandomArray(), iterations: 120120, keyLength: 0)
 
 	// ...
 }
diff --git a/swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.expected b/swift/ql/test/query-tests/Security/CWE-916/InsufficientHashIterations.expected
@@ -1,17 +1,17 @@
 edges
-| test.swift:20:45:20:45 | 999 :  | test.swift:33:22:33:43 | call to getLowIterationCount() :  |
+| test.swift:20:45:20:45 | 99999 :  | test.swift:33:22:33:43 | call to getLowIterationCount() :  |
 | test.swift:33:22:33:43 | call to getLowIterationCount() :  | test.swift:37:84:37:84 | lowIterations |
 | test.swift:33:22:33:43 | call to getLowIterationCount() :  | test.swift:44:84:44:84 | lowIterations |
 nodes
-| test.swift:20:45:20:45 | 999 :  | semmle.label | 999 :  |
+| test.swift:20:45:20:45 | 99999 :  | semmle.label | 99999 :  |
 | test.swift:33:22:33:43 | call to getLowIterationCount() :  | semmle.label | call to getLowIterationCount() :  |
 | test.swift:37:84:37:84 | lowIterations | semmle.label | lowIterations |
-| test.swift:38:84:38:84 | 800 | semmle.label | 800 |
+| test.swift:38:84:38:84 | 80000 | semmle.label | 80000 |
 | test.swift:44:84:44:84 | lowIterations | semmle.label | lowIterations |
-| test.swift:45:84:45:84 | 800 | semmle.label | 800 |
+| test.swift:45:84:45:84 | 80000 | semmle.label | 80000 |
 subpaths
 #select
-| test.swift:37:84:37:84 | lowIterations | test.swift:20:45:20:45 | 999 :  | test.swift:37:84:37:84 | lowIterations | The value '999' is an insufficient number of iterations for secure password hashing. |
-| test.swift:38:84:38:84 | 800 | test.swift:38:84:38:84 | 800 | test.swift:38:84:38:84 | 800 | The value '800' is an insufficient number of iterations for secure password hashing. |
-| test.swift:44:84:44:84 | lowIterations | test.swift:20:45:20:45 | 999 :  | test.swift:44:84:44:84 | lowIterations | The value '999' is an insufficient number of iterations for secure password hashing. |
-| test.swift:45:84:45:84 | 800 | test.swift:45:84:45:84 | 800 | test.swift:45:84:45:84 | 800 | The value '800' is an insufficient number of iterations for secure password hashing. |
+| test.swift:37:84:37:84 | lowIterations | test.swift:20:45:20:45 | 99999 :  | test.swift:37:84:37:84 | lowIterations | The value '99999' is an insufficient number of iterations for secure password hashing. |
+| test.swift:38:84:38:84 | 80000 | test.swift:38:84:38:84 | 80000 | test.swift:38:84:38:84 | 80000 | The value '80000' is an insufficient number of iterations for secure password hashing. |
+| test.swift:44:84:44:84 | lowIterations | test.swift:20:45:20:45 | 99999 :  | test.swift:44:84:44:84 | lowIterations | The value '99999' is an insufficient number of iterations for secure password hashing. |
+| test.swift:45:84:45:84 | 80000 | test.swift:45:84:45:84 | 80000 | test.swift:45:84:45:84 | 80000 | The value '80000' is an insufficient number of iterations for secure password hashing. |
diff --git a/swift/ql/test/query-tests/Security/CWE-916/test.swift b/swift/ql/test/query-tests/Security/CWE-916/test.swift
@@ -17,9 +17,9 @@ extension PKCS5 {
 }
 
 // Helper functions
-func getLowIterationCount() -> Int { return 999 }
+func getLowIterationCount() -> Int { return 99999 }
 
-func getEnoughIterationCount() -> Int { return 1000 }
+func getEnoughIterationCount() -> Int { return 120120 }
 
 func getRandomArray() -> Array<UInt8> {
 	(0..<10).map({ _ in UInt8.random(in: 0...UInt8.max) })
@@ -35,14 +35,14 @@ func test() {
 	
 	// PBKDF1 test cases
 	let pbkdf1b1 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: lowIterations, keyLength: 0) // BAD
-	let pbkdf1b2 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: 800, keyLength: 0) // BAD
+	let pbkdf1b2 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: 80000, keyLength: 0) // BAD
 	let pbkdf1g1 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: enoughIterations, keyLength: 0) // GOOD
-	let pbkdf1g2 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: 1200, keyLength: 0) // GOOD
+	let pbkdf1g2 = PKCS5.PBKDF1(password: randomArray, salt: randomArray, iterations: 120120, keyLength: 0) // GOOD
 
 
 	// PBKDF2 test cases
 	let pbkdf2b1 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: lowIterations, keyLength: 0) // BAD
-	let pbkdf2b2 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: 800, keyLength: 0) // BAD
+	let pbkdf2b2 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: 80000, keyLength: 0) // BAD
 	let pbkdf2g1 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: enoughIterations, keyLength: 0) // GOOD
-	let pbkdf2g2 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: 1200, keyLength: 0) // GOOD
+	let pbkdf2g2 = PKCS5.PBKDF2(password: randomArray, salt: randomArray, iterations: 120120, keyLength: 0) // GOOD
 }
