CWE-780 未配合OAEP使用RSA算法
Use of RSA Algorithm without OAEP
结构: Simple
Abstraction: Variant
状态: Incomplete
被利用可能性: Medium
基本描述
The software uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might weaken the encryption.
扩展描述
Padding schemes are often used with cryptographic algorithms to make the plaintext less predictable and complicate attack efforts. The OAEP scheme is often used with RSA to nullify the impact of predictable common text.
相关缺陷
- cwe_Nature: ChildOf cwe_CWE_ID: 327 cwe_View_ID: 1000 cwe_Ordinal: Primary
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| Access Control | Bypass Protection Mechanism | Without OAEP in RSA encryption, it will take less work for an attacker to decrypt the data or to infer patterns from the ciphertext. |
示例代码
例
The example below attempts to build an RSA cipher.
bad Java
public Cipher getRSACipher() {
Cipher rsa = null;
try {
catch (java.security.NoSuchAlgorithmException e) {
catch (javax.crypto.NoSuchPaddingException e) {
return rsa;
}try {
rsa = javax.crypto.Cipher.getInstance("RSA/NONE/NoPadding");
}catch (java.security.NoSuchAlgorithmException e) {
log("this should never happen", e);
}catch (javax.crypto.NoSuchPaddingException e) {
log("this should never happen", e);
}return rsa;
While the previous code successfully creates an RSA cipher, the cipher does not use padding. The following code creates an RSA cipher using OAEP.
good Java
public Cipher getRSACipher() {
Cipher rsa = null;
try {
catch (java.security.NoSuchAlgorithmException e) {
catch (javax.crypto.NoSuchPaddingException e) {
return rsa;
}try {
rsa = javax.crypto.Cipher.getInstance("RSA/ECB/OAEPWithMD5AndMGF1Padding");
}catch (java.security.NoSuchAlgorithmException e) {
log("this should never happen", e);
}catch (javax.crypto.NoSuchPaddingException e) {
log("this should never happen", e);
}return rsa;