Covered Object.deepEquals() in NotConstantTimeCryptoComparison.ql

artem-smotrakov · artem-smotrakov · commit 5dbcf1d61157 · 2021-08-01T09:47:02.000+02:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-208/NotConstantTimeCryptoComparison.ql b/java/ql/src/experimental/Security/CWE/CWE-208/NotConstantTimeCryptoComparison.ql
@@ -53,6 +53,10 @@ private class NonConstantTimeCryptoComparisonConfig extends TaintTracking::Confi
       m.hasName("equals") and
       ma.getAnArgument() = sink.asExpr()
       or
+      m.getDeclaringType().hasQualifiedName("java.util", "Objects") and
+      m.hasName("deepEquals") and
+      ma.getAnArgument() = sink.asExpr()
+      or
       m.getDeclaringType().hasQualifiedName("org.apache.commons.lang3", "StringUtils") and
       m.hasName(["equals", "equalsAny", "equalsAnyIgnoreCase", "equalsIgnoreCase"]) and
       ma.getAnArgument() = sink.asExpr()
diff --git a/java/ql/test/experimental/query-tests/security/CWE-208/NotConstantTimeCryptoComparison.expected b/java/ql/test/experimental/query-tests/security/CWE-208/NotConstantTimeCryptoComparison.expected
@@ -1,15 +1,15 @@
 edges
-| NotConstantTimeCryptoComparison.java:14:28:14:44 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:15:43:15:51 | actualMac |
-| NotConstantTimeCryptoComparison.java:30:28:30:40 | sign(...) : byte[] | NotConstantTimeCryptoComparison.java:31:40:31:48 | signature |
-| NotConstantTimeCryptoComparison.java:47:22:47:46 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:48:40:48:42 | tag |
+| NotConstantTimeCryptoComparison.java:15:28:15:44 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:16:43:16:51 | actualMac |
+| NotConstantTimeCryptoComparison.java:31:28:31:40 | sign(...) : byte[] | NotConstantTimeCryptoComparison.java:32:40:32:48 | signature |
+| NotConstantTimeCryptoComparison.java:48:22:48:46 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:49:45:49:47 | tag |
 nodes
-| NotConstantTimeCryptoComparison.java:14:28:14:44 | doFinal(...) : byte[] | semmle.label | doFinal(...) : byte[] |
-| NotConstantTimeCryptoComparison.java:15:43:15:51 | actualMac | semmle.label | actualMac |
-| NotConstantTimeCryptoComparison.java:30:28:30:40 | sign(...) : byte[] | semmle.label | sign(...) : byte[] |
-| NotConstantTimeCryptoComparison.java:31:40:31:48 | signature | semmle.label | signature |
-| NotConstantTimeCryptoComparison.java:47:22:47:46 | doFinal(...) : byte[] | semmle.label | doFinal(...) : byte[] |
-| NotConstantTimeCryptoComparison.java:48:40:48:42 | tag | semmle.label | tag |
+| NotConstantTimeCryptoComparison.java:15:28:15:44 | doFinal(...) : byte[] | semmle.label | doFinal(...) : byte[] |
+| NotConstantTimeCryptoComparison.java:16:43:16:51 | actualMac | semmle.label | actualMac |
+| NotConstantTimeCryptoComparison.java:31:28:31:40 | sign(...) : byte[] | semmle.label | sign(...) : byte[] |
+| NotConstantTimeCryptoComparison.java:32:40:32:48 | signature | semmle.label | signature |
+| NotConstantTimeCryptoComparison.java:48:22:48:46 | doFinal(...) : byte[] | semmle.label | doFinal(...) : byte[] |
+| NotConstantTimeCryptoComparison.java:49:45:49:47 | tag | semmle.label | tag |
 #select
-| NotConstantTimeCryptoComparison.java:15:43:15:51 | actualMac | NotConstantTimeCryptoComparison.java:14:28:14:44 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:15:43:15:51 | actualMac | Using a not-constant time algorithm for comparison results of a cryptographic operation. |
-| NotConstantTimeCryptoComparison.java:31:40:31:48 | signature | NotConstantTimeCryptoComparison.java:30:28:30:40 | sign(...) : byte[] | NotConstantTimeCryptoComparison.java:31:40:31:48 | signature | Using a not-constant time algorithm for comparison results of a cryptographic operation. |
-| NotConstantTimeCryptoComparison.java:48:40:48:42 | tag | NotConstantTimeCryptoComparison.java:47:22:47:46 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:48:40:48:42 | tag | Using a not-constant time algorithm for comparison results of a cryptographic operation. |
+| NotConstantTimeCryptoComparison.java:16:43:16:51 | actualMac | NotConstantTimeCryptoComparison.java:15:28:15:44 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:16:43:16:51 | actualMac | Using a non-constant time algorithm for comparing results of a cryptographic operation. |
+| NotConstantTimeCryptoComparison.java:32:40:32:48 | signature | NotConstantTimeCryptoComparison.java:31:28:31:40 | sign(...) : byte[] | NotConstantTimeCryptoComparison.java:32:40:32:48 | signature | Using a non-constant time algorithm for comparing results of a cryptographic operation. |
+| NotConstantTimeCryptoComparison.java:49:45:49:47 | tag | NotConstantTimeCryptoComparison.java:48:22:48:46 | doFinal(...) : byte[] | NotConstantTimeCryptoComparison.java:49:45:49:47 | tag | Using a non-constant time algorithm for comparing results of a cryptographic operation. |
diff --git a/java/ql/test/experimental/query-tests/security/CWE-208/NotConstantTimeCryptoComparison.java b/java/ql/test/experimental/query-tests/security/CWE-208/NotConstantTimeCryptoComparison.java
@@ -3,6 +3,7 @@
 import java.security.PrivateKey;
 import java.security.Signature;
 import java.util.Arrays;
+import java.util.Objects;
 import javax.crypto.Cipher;
 import javax.crypto.Mac;
 
@@ -45,7 +46,7 @@ public boolean unsafeCheckCustomMac(byte[] expected, byte[] plaintext, Key key)
         Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
         cipher.init(Cipher.ENCRYPT_MODE, key);
         byte[] tag = cipher.doFinal(plaintext);
-        return Arrays.equals(expected, tag);
+        return Objects.deepEquals(expected, tag);
     }
 
     // GOOD: compare ciphertexts using a constant time method
