SonarQube: Make sure that encrypting data is safe here. AES/GCM/NoPadding, RSA/ECB/PKCS1Padding

3
votes

I'm using:

1. RSA/ECB/PKCS1Padding

2. AES/GCM/NoPadding

To encrypt my data in my Android (Java) application. At the documentation of SonarQube it states that:

The Advanced Encryption Standard (AES) encryption algorithm can be used with various modes. Galois/Counter Mode (GCM) with no padding should be preferred to the following combinations which are not secured:

  • Electronic Codebook (ECB) mode: Under a given key, any given plaintext block always gets encrypted to the same ciphertext block. Thus, it does not hide data patterns well. In some senses, it doesn't provide serious message confidentiality, and it is not recommended for use in cryptographic protocols at all.
  • Cipher Block Chaining (CBC) with PKCS#5 padding (or PKCS#7) is susceptible to padding oracle attacks.

So, as it is recommended, I use AES/GCM/NoPadding as :

Cipher c = Cipher.getInstance("AES/GCM/NoPadding");

But, it still gives me the warning Make sure that encrypting data is safe here.

The same for: 

Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");

Why does SonarQube throws that warning? Aren't these uses safe any more?

2
encryptionrsaaespaddingaes-gcm
Welcome to crypto.stackexchange - This appears to be a programming question, and programming questions are off-topic here even if the program uses cryptography. Programming questions belong on stackoverflow. I can migrate this there for you.Ella Rose
What is the warning?President James K. Polk
@JamesKPolk Make sure that encrypting data is safe here.Dionis Beqiraj

2 Answers

5
votes

AES in GCM mode is secured as a block cipher algorithm. But that doesn't guarantee that the code that encrypts data using AES (in GCM mode) is secured. Several things can go wrong leaving the code vulnerable to attacks. It is developers' responsibility to code it in the right way to get the desired level of security. Some examples where things can go wrong are:

  1. The IV repeats for a given key
  2. The key or the raw data are stored in String data type which keeps lingering in the heap
  3. The secret key is stored in clear text in a property file that goes in the code repository

and so on.

Now, SonarQube cannot identify all these vulnerabilities and hence they've come up with a new concept called Hotspot which is described here as:

Unlike Vulnerabilities, Security Hotspots aren't necessarily issues that are open to attack. Instead, Security Hotspots highlight security-sensitive pieces of code that need to be manually reviewed. Upon review, you'll either find a Vulnerability that needs to be fixed or that there is no threat.

Hotspots have a separate life cycle which is explained in the link given above.

P.S. This answer explains how to encrypt a string in Java with AES in GCM mode in a secured way: https://stackoverflow.com/a/53015144/1235935

1
votes

Seems like it's a general warning about encrypting any data. There shouldn't be an issue with "AES/GCM/NoPadding", as shown in their test code.