gosec/rules/tls.go

// (c) Copyright 2016 Hewlett Packard Enterprise Development LP
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package rules

import (
	"fmt"
	"go/ast"

	"github.com/GoASTScanner/gas"
)

type InsecureConfigTLS struct {
	MinVersion   int16
	MaxVersion   int16
	requiredType string
	goodCiphers  []string
}

func stringInSlice(a string, list []string) bool {
	for _, b := range list {
		if b == a {
			return true
		}
	}
	return false
}

func (t *InsecureConfigTLS) processTLSCipherSuites(n ast.Node, c *gas.Context) *gas.Issue {
	tlsConfig := gas.MatchCompLit(n, c, t.requiredType)
	if tlsConfig == nil {
		return nil
	}

	for _, expr := range tlsConfig.Elts {
		if keyvalExpr, ok := expr.(*ast.KeyValueExpr); ok {
			if keyname, ok := keyvalExpr.Key.(*ast.Ident); ok && keyname.Name == "CipherSuites" {
				if ciphers, ok := keyvalExpr.Value.(*ast.CompositeLit); ok {
					for _, cipher := range ciphers.Elts {
						if ident, ok := cipher.(*ast.SelectorExpr); ok {
							if !stringInSlice(ident.Sel.Name, t.goodCiphers) {
								str := fmt.Sprintf("TLS Bad Cipher Suite: %s", ident.Sel.Name)
								return gas.NewIssue(c, n, str, gas.High, gas.High)
							}
						}
					}
				}
			}
		}
	}
	return nil
}

func (t *InsecureConfigTLS) processTlsConfVal(n *ast.KeyValueExpr, c *gas.Context) *gas.Issue {
	if ident, ok := n.Key.(*ast.Ident); ok {
		switch ident.Name {
		case "InsecureSkipVerify":
			if node, ok := n.Value.(*ast.Ident); ok {
				if node.Name != "false" {
					return gas.NewIssue(c, n, "TLS InsecureSkipVerify set true.", gas.High, gas.High)
				}
			} else {
				// TODO(tk): symbol tab look up to get the actual value
				return gas.NewIssue(c, n, "TLS InsecureSkipVerify may be true.", gas.High, gas.Low)
			}

		case "PreferServerCipherSuites":
			if node, ok := n.Value.(*ast.Ident); ok {
				if node.Name == "false" {
					return gas.NewIssue(c, n, "TLS PreferServerCipherSuites set false.", gas.Medium, gas.High)
				}
			} else {
				// TODO(tk): symbol tab look up to get the actual value
				return gas.NewIssue(c, n, "TLS PreferServerCipherSuites may be false.", gas.Medium, gas.Low)
			}

		case "MinVersion":
			if ival, ierr := gas.GetInt(n.Value); ierr == nil {
				if (int16)(ival) < t.MinVersion {
					return gas.NewIssue(c, n, "TLS MinVersion too low.", gas.High, gas.High)
				}
				// TODO(tk): symbol tab look up to get the actual value
				return gas.NewIssue(c, n, "TLS MinVersion may be too low.", gas.High, gas.Low)
			}

		case "MaxVersion":
			if ival, ierr := gas.GetInt(n.Value); ierr == nil {
				if (int16)(ival) < t.MaxVersion {
					return gas.NewIssue(c, n, "TLS MaxVersion too low.", gas.High, gas.High)
				}
				// TODO(tk): symbol tab look up to get the actual value
				return gas.NewIssue(c, n, "TLS MaxVersion may be too low.", gas.High, gas.Low)
			}

		case "CipherSuites":
			if ret := t.processTLSCipherSuites(n, c); ret != nil {
				return ret
			}

		}

	}
	return nil
}

func (t *InsecureConfigTLS) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error) {
	if node := gas.MatchCompLit(n, c, t.requiredType); node != nil {
		for _, elt := range node.Elts {
			if kve, ok := elt.(*ast.KeyValueExpr); ok {
				gi = t.processTlsConfVal(kve, c)
				if gi != nil {
					break
				}
			}
		}
	}
	return
}

func NewModernTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) {
	// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
	return &InsecureConfigTLS{
		requiredType: "tls.Config",
		MinVersion:   0x0303, // TLS 1.2 only
		MaxVersion:   0x0303,
		goodCiphers: []string{
			"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
			"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
			"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
			"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
		},
	}, []ast.Node{(*ast.CompositeLit)(nil)}
}

func NewIntermediateTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) {
	// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
	return &InsecureConfigTLS{
		requiredType: "tls.Config",
		MinVersion:   0x0301, // TLS 1.2, 1.1, 1.0
		MaxVersion:   0x0303,
		goodCiphers: []string{
			"TLS_RSA_WITH_AES_128_CBC_SHA",
			"TLS_RSA_WITH_AES_256_CBC_SHA",
			"TLS_RSA_WITH_AES_128_GCM_SHA256",
			"TLS_RSA_WITH_AES_256_GCM_SHA384",
			"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
			"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
			"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
			"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
			"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
			"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
			"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
		},
	}, []ast.Node{(*ast.CompositeLit)(nil)}
}

func NewCompatTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) {
	// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_compatibility_.28default.29
	return &InsecureConfigTLS{
		requiredType: "tls.Config",
		MinVersion:   0x0301, // TLS 1.2, 1.1, 1.0
		MaxVersion:   0x0303,
		goodCiphers: []string{
			"TLS_RSA_WITH_RC4_128_SHA",
			"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
			"TLS_RSA_WITH_AES_128_CBC_SHA",
			"TLS_RSA_WITH_AES_256_CBC_SHA",
			"TLS_RSA_WITH_AES_128_GCM_SHA256",
			"TLS_RSA_WITH_AES_256_GCM_SHA384",
			"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
			"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
			"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
			"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
			"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
			"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
			"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
			"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
		},
	}, []ast.Node{(*ast.CompositeLit)(nil)}
}
Initial public release 2016-07-20 11:02:01 +01:00			`// (c) Copyright 2016 Hewlett Packard Enterprise Development LP`
			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

			`package rules`

			`import (`
			`"fmt"`
			`"go/ast"`

Restructure to focus on lib rather than cli 2017-04-26 16:08:46 +01:00			`"github.com/GoASTScanner/gas"`
Initial public release 2016-07-20 11:02:01 +01:00			`)`

			`type InsecureConfigTLS struct {`
Major rework of codebase - Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API 2017-07-19 22:17:00 +01:00			`MinVersion int16`
			`MaxVersion int16`
			`requiredType string`
			`goodCiphers []string`
Initial public release 2016-07-20 11:02:01 +01:00			`}`

			`func stringInSlice(a string, list []string) bool {`
			`for _, b := range list {`
			`if b == a {`
			`return true`
			`}`
			`}`
			`return false`
			`}`

Major rework of codebase - Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API 2017-07-19 22:17:00 +01:00			`func (t InsecureConfigTLS) processTLSCipherSuites(n ast.Node, c gas.Context) *gas.Issue {`
			`tlsConfig := gas.MatchCompLit(n, c, t.requiredType)`
			`if tlsConfig == nil {`
			`return nil`
			`}`

			`for _, expr := range tlsConfig.Elts {`
			`if keyvalExpr, ok := expr.(*ast.KeyValueExpr); ok {`
			`if keyname, ok := keyvalExpr.Key.(*ast.Ident); ok && keyname.Name == "CipherSuites" {`
			`if ciphers, ok := keyvalExpr.Value.(*ast.CompositeLit); ok {`
			`for _, cipher := range ciphers.Elts {`
			`if ident, ok := cipher.(*ast.SelectorExpr); ok {`
			`if !stringInSlice(ident.Sel.Name, t.goodCiphers) {`
			`str := fmt.Sprintf("TLS Bad Cipher Suite: %s", ident.Sel.Name)`
			`return gas.NewIssue(c, n, str, gas.High, gas.High)`
			`}`
			`}`
			`}`
Initial public release 2016-07-20 11:02:01 +01:00			`}`
			`}`
			`}`
			`}`
			`return nil`
			`}`

			`func (t InsecureConfigTLS) processTlsConfVal(n ast.KeyValueExpr, c gas.Context) gas.Issue {`
			`if ident, ok := n.Key.(*ast.Ident); ok {`
			`switch ident.Name {`
			`case "InsecureSkipVerify":`
			`if node, ok := n.Value.(*ast.Ident); ok {`
			`if node.Name != "false" {`
			`return gas.NewIssue(c, n, "TLS InsecureSkipVerify set true.", gas.High, gas.High)`
			`}`
			`} else {`
			`// TODO(tk): symbol tab look up to get the actual value`
			`return gas.NewIssue(c, n, "TLS InsecureSkipVerify may be true.", gas.High, gas.Low)`
			`}`

Add a check for PreferServerCipherSuites flag of tls.Config 2017-03-15 14:05:44 +00:00			`case "PreferServerCipherSuites":`
			`if node, ok := n.Value.(*ast.Ident); ok {`
			`if node.Name == "false" {`
			`return gas.NewIssue(c, n, "TLS PreferServerCipherSuites set false.", gas.Medium, gas.High)`
			`}`
			`} else {`
			`// TODO(tk): symbol tab look up to get the actual value`
			`return gas.NewIssue(c, n, "TLS PreferServerCipherSuites may be false.", gas.Medium, gas.Low)`
			`}`

Initial public release 2016-07-20 11:02:01 +01:00			`case "MinVersion":`
			`if ival, ierr := gas.GetInt(n.Value); ierr == nil {`
			`if (int16)(ival) < t.MinVersion {`
			`return gas.NewIssue(c, n, "TLS MinVersion too low.", gas.High, gas.High)`
			`}`
			`// TODO(tk): symbol tab look up to get the actual value`
			`return gas.NewIssue(c, n, "TLS MinVersion may be too low.", gas.High, gas.Low)`
			`}`

			`case "MaxVersion":`
			`if ival, ierr := gas.GetInt(n.Value); ierr == nil {`
			`if (int16)(ival) < t.MaxVersion {`
			`return gas.NewIssue(c, n, "TLS MaxVersion too low.", gas.High, gas.High)`
			`}`
			`// TODO(tk): symbol tab look up to get the actual value`
			`return gas.NewIssue(c, n, "TLS MaxVersion may be too low.", gas.High, gas.Low)`
			`}`

			`case "CipherSuites":`
Major rework of codebase - Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API 2017-07-19 22:17:00 +01:00			`if ret := t.processTLSCipherSuites(n, c); ret != nil {`
Initial public release 2016-07-20 11:02:01 +01:00			`return ret`
			`}`
Add a check for PreferServerCipherSuites flag of tls.Config 2017-03-15 14:05:44 +00:00
Initial public release 2016-07-20 11:02:01 +01:00			`}`
Add a check for PreferServerCipherSuites flag of tls.Config 2017-03-15 14:05:44 +00:00
Initial public release 2016-07-20 11:02:01 +01:00			`}`
			`return nil`
			`}`

			`func (t InsecureConfigTLS) Match(n ast.Node, c gas.Context) (gi *gas.Issue, err error) {`
Major rework of codebase - Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API 2017-07-19 22:17:00 +01:00			`if node := gas.MatchCompLit(n, c, t.requiredType); node != nil {`
Initial public release 2016-07-20 11:02:01 +01:00			`for _, elt := range node.Elts {`
			`if kve, ok := elt.(*ast.KeyValueExpr); ok {`
			`gi = t.processTlsConfVal(kve, c)`
			`if gi != nil {`
			`break`
			`}`
			`}`
			`}`
			`}`
			`return`
			`}`

Restructure and introduce a standalone config 2017-04-28 22:46:26 +01:00			`func NewModernTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) {`
Initial public release 2016-07-20 11:02:01 +01:00			`// https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility`
Allow rules to register against multiple ast nodes Update the AddRule interface to allow rules to register interest in multiple ast.Nodes. Adds more flexibility to how rules can work, and was needed to fix the hard coded credentials test specifically. 2016-11-13 20:55:31 +00:00			`return &InsecureConfigTLS{`
Major rework of codebase - Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API 2017-07-19 22:17:00 +01:00			`requiredType: "tls.Config",`
			`MinVersion: 0x0303, // TLS 1.2 only`
			`MaxVersion: 0x0303,`
Initial public release 2016-07-20 11:02:01 +01:00			`goodCiphers: []string{`
			`"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",`
			`"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",`
			`},`
Allow rules to register against multiple ast nodes Update the AddRule interface to allow rules to register interest in multiple ast.Nodes. Adds more flexibility to how rules can work, and was needed to fix the hard coded credentials test specifically. 2016-11-13 20:55:31 +00:00			`}, []ast.Node{(*ast.CompositeLit)(nil)}`
Initial public release 2016-07-20 11:02:01 +01:00			`}`

Restructure and introduce a standalone config 2017-04-28 22:46:26 +01:00			`func NewIntermediateTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) {`
Initial public release 2016-07-20 11:02:01 +01:00			`// https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29`
Allow rules to register against multiple ast nodes Update the AddRule interface to allow rules to register interest in multiple ast.Nodes. Adds more flexibility to how rules can work, and was needed to fix the hard coded credentials test specifically. 2016-11-13 20:55:31 +00:00			`return &InsecureConfigTLS{`
Major rework of codebase - Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API 2017-07-19 22:17:00 +01:00			`requiredType: "tls.Config",`
			`MinVersion: 0x0301, // TLS 1.2, 1.1, 1.0`
			`MaxVersion: 0x0303,`
Initial public release 2016-07-20 11:02:01 +01:00			`goodCiphers: []string{`
			`"TLS_RSA_WITH_AES_128_CBC_SHA",`
			`"TLS_RSA_WITH_AES_256_CBC_SHA",`
			`"TLS_RSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_RSA_WITH_AES_256_GCM_SHA384",`
			`"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",`
			`"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",`
			`"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_RC4_128_SHA",`
			`"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",`
			`"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",`
			`},`
Allow rules to register against multiple ast nodes Update the AddRule interface to allow rules to register interest in multiple ast.Nodes. Adds more flexibility to how rules can work, and was needed to fix the hard coded credentials test specifically. 2016-11-13 20:55:31 +00:00			`}, []ast.Node{(*ast.CompositeLit)(nil)}`
Initial public release 2016-07-20 11:02:01 +01:00			`}`

Restructure and introduce a standalone config 2017-04-28 22:46:26 +01:00			`func NewCompatTlsCheck(conf gas.Config) (gas.Rule, []ast.Node) {`
Initial public release 2016-07-20 11:02:01 +01:00			`// https://wiki.mozilla.org/Security/Server_Side_TLS#Old_compatibility_.28default.29`
Allow rules to register against multiple ast nodes Update the AddRule interface to allow rules to register interest in multiple ast.Nodes. Adds more flexibility to how rules can work, and was needed to fix the hard coded credentials test specifically. 2016-11-13 20:55:31 +00:00			`return &InsecureConfigTLS{`
Major rework of codebase - Get rid of 'core' and move CLI to cmd/gas directory - Migrate (most) tests to use Ginkgo and testutils framework - GAS now expects package to reside in $GOPATH - GAS now can resolve dependencies for better type checking (if package on GOPATH) - Simplified public API 2017-07-19 22:17:00 +01:00			`requiredType: "tls.Config",`
			`MinVersion: 0x0301, // TLS 1.2, 1.1, 1.0`
			`MaxVersion: 0x0303,`
Initial public release 2016-07-20 11:02:01 +01:00			`goodCiphers: []string{`
			`"TLS_RSA_WITH_RC4_128_SHA",`
			`"TLS_RSA_WITH_3DES_EDE_CBC_SHA",`
			`"TLS_RSA_WITH_AES_128_CBC_SHA",`
			`"TLS_RSA_WITH_AES_256_CBC_SHA",`
			`"TLS_RSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_RSA_WITH_AES_256_GCM_SHA384",`
			`"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",`
			`"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",`
			`"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_RC4_128_SHA",`
			`"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",`
			`"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",`
			`"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",`
			`"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",`
			`},`
Allow rules to register against multiple ast nodes Update the AddRule interface to allow rules to register interest in multiple ast.Nodes. Adds more flexibility to how rules can work, and was needed to fix the hard coded credentials test specifically. 2016-11-13 20:55:31 +00:00			`}, []ast.Node{(*ast.CompositeLit)(nil)}`
Initial public release 2016-07-20 11:02:01 +01:00			`}`