Testing Java Crypto Provider Vulnerabilities in Cryptosense Analyzer

Graham Steel
February 22, 2018
Java Crypto Provider Vulnerabilities

In a 2014 article “Why does cryptographic software fail?”, Lazar et al. took the most recent 269 CVEs marked as “cryptographic issues” and classified the site of the failure. While 17% of the failures were in crypto libraries, 83% were in the way the applications use the libraries.

Up until now, Cryptosense Analyzer for Java applications only treated the 83%. Today that's changing as we've added provider vulnerability testing. Our tests leverage the Google Wycheproof project test suites and a few other sources, including our own vulnerability research on providers. As you'll know if you've ever tried them, some of the Wycheproof tests take a long time to run, so it's not practical to run them live on an application under test.So, we split the tests up and ran them over all the standard crypto providers in all the versions of Java 7, 8 and 9 as well as Bouncycastle versions from 1.47-1.59. With the results we've created a matrix of which vulnerabilities apply to which versions.In some cases the results are rather surprising. Following the first public results from Wycheproof, some vulnerabilities were patched, then crept back in, only to be patched again some versions later.

Now when you upload a trace to our Analyzer, you get not just crypto usage vulnerabilities but also a report on the provider flaws that apply to the version used, along with links to our knowledge base that explain the issue and what operations are affected.In an ideal world, you would always have the latest versions of crypto providers everywhere, but in the real world that's unfortunately not the case. In large organisations it can even be hard to know what versions the many thousands of applications are using. Now Analyzer can tell you not just what provider version you are using, but what crypto vulnerabilities it has so you can prioritize the things that need fixing most urgently.