CWE-780: Use of RSA Algorithm without OAEP

Description

The product uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might weaken the encryption.

Submission Date :

July 8, 2009, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

Fortify Software

Extended Description

Padding schemes are often used with cryptographic algorithms to make the plaintext less predictable and complicate attack efforts. The OAEP scheme is often used with RSA to nullify the impact of predictable common text.

Example Vulnerable Codes

Example - 1

The example below attempts to build an RSA cipher.


rsa = javax.crypto.Cipher.getInstance("RSA/NONE/NoPadding");
log("this should never happen", e);
log("this should never happen", e);
Cipher rsa = null;try {}catch (java.security.NoSuchAlgorithmException e) {}catch (javax.crypto.NoSuchPaddingException e) {}return rsa;public Cipher getRSACipher() {}

While the previous code successfully creates an RSA cipher, the cipher does not use padding. The following code creates an RSA cipher using OAEP.


rsa = javax.crypto.Cipher.getInstance("RSA/ECB/OAEPWithMD5AndMGF1Padding");
log("this should never happen", e);
log("this should never happen", e);
Cipher rsa = null;try {}catch (java.security.NoSuchAlgorithmException e) {}catch (javax.crypto.NoSuchPaddingException e) {}return rsa;public Cipher getRSACipher() {}

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-327: Use of a Broken or Risky Cryptographic Algorithm

Go to

Visit http://cwe.mitre.org/ for more details.