界: Security Features

ソフトウェアのセキュリティは、セキュリティソフトウェアではありません。ここでは、認証、アクセス制御、機密性、暗号化、権限管理などのトピックについて説明します。

Insecure Randomness: Hardcoded Seed

Abstract

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。

Explanation

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。疑似乱数ジェネレーター (CL_ABAP_RANDOM クラスまたはそのバリアントなど) が特定の定数値を使用してシードされると、値を返すかまたは割り当てる GET_NEXT、INT および類似のメソッドによって返される値を攻撃者が予測できるようになり、攻撃者は複数の PRNG 出力を収集できるようになります。

例 1: 次の引用では、オブジェクト random_gen2 で生成される値は、オブジェクト random_gen1 から予想できます。


		DATA: random_gen1 TYPE REF TO cl_abap_random,
			  random_gen2 TYPE REF TO cl_abap_random,
			  var1 TYPE i,
			  var2 TYPE i.

		random_gen1 = cl_abap_random=>create( seed = '1234' ).

		DO 10 TIMES.
			CALL METHOD random_gen1->int
				RECEIVING
			value  = var1.

			WRITE:/ var1.
		ENDDO.

		random_gen2 = cl_abap_random=>create( seed = '1234' ).

		DO 10 TIMES.
			CALL METHOD random_gen2->int
				RECEIVING
			value  = var2.

			WRITE:/ var2.
		ENDDO.

この例では、疑似乱数ジェネレータ、random_gen1 と random_gen2 が同じようにシードされたため、var1 = var2 となります

References

[1] J. Viega, G. McGraw Building Secure Software Addison-Wesley

[2] Standards Mapping - Common Weakness Enumeration CWE ID 336

[3] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-002450

[4] Standards Mapping - FIPS200 MP

[5] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection

[6] Standards Mapping - NIST Special Publication 800-53 Revision 4 SC-13 Cryptographic Protection (P1)

[7] Standards Mapping - NIST Special Publication 800-53 Revision 5 SC-13 Cryptographic Protection

[8] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.3.1 Authenticator Lifecycle Requirements (L1 L2 L3), 2.6.2 Look-up Secret Verifier Requirements (L2 L3), 6.3.3 Random Values (L3)

[9] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography

[10] Standards Mapping - OWASP Mobile 2024 M1 Improper Credential Usage

[11] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1

[12] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage

[13] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage

[14] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage

[15] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures

[16] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8

[17] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8

[18] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3

[19] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3

[20] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3

[21] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3

[22] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3

[23] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4

[24] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.3 - Use of Cryptography

[25] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.3 - Use of Cryptography, Control Objective B.2.4 - Terminal Software Design

[26] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.3 - Use of Cryptography, Control Objective B.2.4 - Terminal Software Design

[27] Standards Mapping - SANS Top 25 2009 Porous Defenses - CWE ID 330

[28] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.2 CAT II

[29] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.2 CAT II

[30] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.2 CAT II

[31] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.2 CAT II

[32] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.2 CAT II

[33] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.2 CAT II

[34] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.2 CAT II

[35] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[36] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[37] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[38] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[39] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[40] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[41] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[42] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[43] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[44] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[45] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[46] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[47] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[48] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[49] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

desc.structural.abap.insecure_randomness_hardcoded_seed

Abstract

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。

Explanation

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。特定の値を使用して (srand(unsigned int) のような関数を使用) 疑似ランダム数値の生成機能 (rand() など) をシードすると、値を返すかまたは割り当てる rand() および類似のメソッドによって返される値は、攻撃者にとって予想可能になり、攻撃者が複数の PRNG 出力を収集できるようになります。

例 1: 疑似ランダム数値の生成機能で生成される値が、最初の 2 つのブロックで予測できます (どちらも同じシードで開始されるため)。


        srand(2223333);
        float randomNum = (rand() % 100);
        syslog(LOG_INFO, "Random: %1.2f", randomNum);
        randomNum = (rand() % 100);
        syslog(LOG_INFO, "Random: %1.2f", randomNum);

        srand(2223333);
        float randomNum2 = (rand() % 100);
        syslog(LOG_INFO, "Random: %1.2f", randomNum2);
        randomNum2 = (rand() % 100);
        syslog(LOG_INFO, "Random: %1.2f", randomNum2);

        srand(1231234);
        float randomNum3 = (rand() % 100);
        syslog(LOG_INFO, "Random: %1.2f", randomNum3);
        randomNum3 = (rand() % 100);
        syslog(LOG_INFO, "Random: %1.2f", randomNum3);

この例では、randomNum1 と randomNum2 の結果は同一の方法でシードされているので、擬似ランダム数値の生成機能 srand(2223333) をシードするコール後の rand() への各コールは、結果的に同じコール実行順序で同じ出力になります。たとえば、出力は以下のようになります。


Random: 32.00
Random: 73.00
Random: 32.00
Random: 73.00
Random: 15.00
Random: 75.00

このような結果は決してランダムではありません。

References

[1] J. Viega, G. McGraw Building Secure Software Addison-Wesley

[2] Elaine Barker and John Kelsey NIST Special Publication 800-90A: Recommendation for Random Number Generation Using Deterministic Random Bit Generators NIST

[3] Elaine Barker and John Kelsey NIST DRAFT Special Publication 800-90B: Recommendation for the Entropy Sources Used for Random Bit Generation NIST

[4] Elaine Barker and John Kelsey DRAFT NIST Special Publication 800-90C: Recommendation for Random Bit Generator (RBG) Constructions NIST

[5] Standards Mapping - Common Weakness Enumeration CWE ID 336

[6] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-002450

[7] Standards Mapping - FIPS200 MP

[8] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection

[9] Standards Mapping - NIST Special Publication 800-53 Revision 4 SC-13 Cryptographic Protection (P1)

[10] Standards Mapping - NIST Special Publication 800-53 Revision 5 SC-13 Cryptographic Protection

[11] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.3.1 Authenticator Lifecycle Requirements (L1 L2 L3), 2.6.2 Look-up Secret Verifier Requirements (L2 L3), 6.3.3 Random Values (L3)

[12] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography

[13] Standards Mapping - OWASP Mobile 2024 M1 Improper Credential Usage

[14] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1

[15] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage

[16] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage

[17] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage

[18] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures

[19] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8

[20] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8

[21] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3

[22] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3

[23] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3

[24] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3

[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3

[26] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4

[27] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.3 - Use of Cryptography

[28] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.3 - Use of Cryptography, Control Objective B.2.4 - Terminal Software Design

[29] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.3 - Use of Cryptography, Control Objective B.2.4 - Terminal Software Design

[30] Standards Mapping - SANS Top 25 2009 Porous Defenses - CWE ID 330

[31] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.2 CAT II

[32] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.2 CAT II

[33] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.2 CAT II

[34] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.2 CAT II

[35] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.2 CAT II

[36] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.2 CAT II

[37] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.2 CAT II

[38] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[39] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[40] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[41] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[42] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[43] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[44] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[45] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[46] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[47] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[48] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[49] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[50] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[51] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[52] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

desc.semantic.cpp.insecure_randomness_hardcoded_seed

Abstract

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。

Explanation

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。疑似乱数ジェネレーター (PRNG) が特定の値を使用 (math.Rand.New(Source) のような関数を使用) してシードされると、値を返すかまたは割り当てる math.Rand.Int() および類似のメソッドによって返される値を攻撃者が予測できるようになり、攻撃者は複数の PRNG 出力を収集できるようになります。

例 1: 疑似ランダム数値の生成機能で生成される値が、最初の 2 つのブロックで予測できます (どちらも同じシードで開始されるため)。


  randomGen := rand.New(rand.NewSource(12345))
  randomInt1 := randomGen.nextInt()
  
  randomGen.Seed(12345)
  randomInt2 := randomGen.nextInt()

この例では、PRNG が同一の方法でシードされるため、擬似乱数ジェネレーターにシードを設定したコール (randomGen.Seed(12345)) の後に nextInt() をコールすると、同じ出力が同じ順序で得られます。

References

[1] J. Viega, G. McGraw Building Secure Software Addison-Wesley

[2] MSC02-J. Generate strong random numbers CERT

[3] MSC03-J. Never hard code sensitive information CERT

[4] Standards Mapping - Common Weakness Enumeration CWE ID 336

[5] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-002450

[6] Standards Mapping - FIPS200 MP

[7] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection

[8] Standards Mapping - NIST Special Publication 800-53 Revision 4 SC-13 Cryptographic Protection (P1)

[9] Standards Mapping - NIST Special Publication 800-53 Revision 5 SC-13 Cryptographic Protection

[10] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.3.1 Authenticator Lifecycle Requirements (L1 L2 L3), 2.6.2 Look-up Secret Verifier Requirements (L2 L3), 6.3.3 Random Values (L3)

[11] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography

[12] Standards Mapping - OWASP Mobile 2024 M1 Improper Credential Usage

[13] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1

[14] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage

[15] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage

[16] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage

[17] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures

[18] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8

[19] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8

[20] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3

[21] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3

[22] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3

[23] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3

[24] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3

[25] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4

[26] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.3 - Use of Cryptography

[27] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.3 - Use of Cryptography, Control Objective B.2.4 - Terminal Software Design

[28] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.3 - Use of Cryptography, Control Objective B.2.4 - Terminal Software Design

[29] Standards Mapping - SANS Top 25 2009 Porous Defenses - CWE ID 330

[30] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.2 CAT II

[31] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.2 CAT II

[32] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.2 CAT II

[33] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.2 CAT II

[34] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.2 CAT II

[35] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.2 CAT II

[36] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.2 CAT II

[37] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[38] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[39] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[40] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[41] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[42] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[43] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[44] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[45] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[46] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[47] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[48] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[49] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[50] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

[51] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-002010 CAT II, APSC-DV-002050 CAT II

desc.semantic.golang.insecure_randomness_hardcoded_seed

Abstract

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。

Explanation

ランダム値または疑似ランダム値を生成する関数 (シードが渡される) を、定数の引数を使用してコールしないでください。疑似乱数ジェネレーター (Random など) が特定の値を使用 (Random.setSeed() のような関数を使用) してシードされると、値を返すかまたは割り当てる Random.nextInt() および類似のメソッドによって返される値を攻撃者が予測できるようになり、攻撃者は複数の PRNG 出力を収集できるようになります。

例 1:Random オブジェクト randomGen2 によって生成される値は、Random オブジェクト randomGen1 から予想できます。


        Random randomGen1 = new Random();
        randomGen1.setSeed(12345);
        int randomInt1 = randomGen1.nextInt();
        byte[] bytes1 = new byte[4];
        randomGen1.nextBytes(bytes1);

        Random randomGen2 = new Random();
        randomGen2.setSeed(12345);
        int randomInt2 = randomGen2.nextInt();
        byte[] bytes2 = new byte[4];
        randomGen2.nextBytes(bytes2);

この例では、疑似乱数ジェネレータ、randomGen1 と randomGen2 は同一の方法でシードされるので、randomInt1 == randomInt2、および対応する配列 bytes1[] と bytes2[] の値は等しくなります。

References

[1] Java Cryptography Architecture Oracle

[2] J. Viega, G. McGraw Building Secure Software Addison-Wesley

[3] MSC02-J. Generate strong random numbers CERT

[4] MSC03-J. Never hard code sensitive information CERT