Bug Hunting in TinyCrypt with TrustInSoft

Key Points:

• Learn to apply TrustInSoft Analyzer on TinyCrypt in real-world scenarios
• See how exhaustive static analysis can detect hidden bugs
• Gain confidence in C/C++ code reliability for secure coding practices

Introduction

Today’s cybersecurity landscape demands thorough code reviews, especially for cryptographic libraries like TinyCrypt. In our first “Code Unboxed” webinar, we gave a hands-on demo of TrustInSoft Analyzer, revealing how this tool empowers developers to ensure code security and reliability by identifying critical vulnerabilities. This blog post captures key insights from the session to show how this code analysis tool fits into your daily workflow as a C/C++ developer. Whether you’re an attendee looking for a refresher, a newcomer interested in catching up, or someone who prefers reading over webinars, this guide will deepen your understanding of code review, C code analysis tools, and cybersecurity practices.

Deep Dive into the Webinar Highlights

In this introductory episode of “Code Unboxed with TrustInSoft,” we explored how TrustInSoft Analyzer can easily  and without prior knowledge identify bugs in TinyCrypt, an open-source cryptographic library originally developed by Intel. Our analysis involved several TrustInSoft Analyzer features, highlighting the tool’s capacity for an easy setup, reusing exiting unit tests for a static analysis with no false positive. The sound and exhaustive static analysis will be demonstrated in future episode of Code Unboxed. Here are the steps we took to investigate and fix TinyCrypt’s vulnerabilities:

1. Project Initialization: Using TrustInSoft’s Project Manager, we set up a new analysis for the TinyCrypt codebase, which organizes the project’s file structure to store everything TrustInSoft Analyzer will generate. We relied on tools like bear to generate the compilation database, ensuring smooth project compatibility.
2. First Analysis - Module Testing: We kicked off with the AES module from TinyCrypt, running one analysis which runs a series of unit and integration tests from the TinyCrypt test suite. This stage spotlighted TrustInSoft’s precision, running checks without approximations in what’s known as “Interpreter Mode” or Level 1. The results identified several vulnerabilities, each with real-world implications for secure coding practices.
3. Scaling the Analysis:We defined a series of analyses as an analysis campaign to cover the full TinyCrypt library, leveraging parallel analysis capabilities to tackle each component simultaneously. After assessing each alarm, an HTML summary report is created with TIS Report, offering a clear overview of issues, code coverage, and all diagnostics results.
4. Alarms and Fixes: TrustInSoft Analyzer found multiple alarms in TinyCrypt. The most critical issues included:

• Integer Overflow (CWE-190): Potential incorrect results in cryptographic functions.
• Invalid Pointer Arithmetic (CWE-823): Likely to lead to assembly errors.
• Uninitialized Data (CWE-456): A vulnerability allowing data leakage during timing attacks.
• Buffer Length Error (CWE-119): Incorrect test results due to an invalid buffer length in the test file.

By tracing each alarm with the TIS Root Cause Investigator, we pinpointed specific issues, guiding us to make targeted corrections.

1. Analysis Outcomes: This session demonstrated the advantages of  sound, exhaustive static analysis over conventional tools and testing by detecting cryptographic weaknesses and runtime errors through unit test values, with no false positive. TrustInSoft Analyzer supports more advanced modes, like : Level 2 (Value Mode): This mode expands the range of values each variable can take, using formal verification techniques through abstract interpretation. It allows for in-depth exploration by applying specific test harnesses, built using TrustInSoft’s APIs, to evaluate multiple inputs and scenarios comprehensively. It will be explored in a future episode of Code Unboxed. Level 3 (Proof-by-Contract Mode): This mode enables advanced functional proofs by allowing developers to define detailed specifications for complex parameter testing. It provides rigorous proof mechanisms for code that must meet strict functional requirements.

Why TrustInSoft Analyzer?

By demonstrating TrustInSoft Analyzer on TinyCrypt, our webinar showed how this tool ensures code quality and security in C/C++ environments. Here are some key benefits for developers:

• Exhaustive Analysis: TrustInSoft’s no-compromise approach means every identified issue is a verified bug. This eliminates guesswork and bolsters code integrity, especially critical for secure coding.
• Developer Efficiency: Detect and resolve errors before they reach code review. Using TrustInSoft Analyzer’s fast interpreter mode on TinyCrypt, the entire analysis took only five minutes per run on the entire TinyCrypt project, making it ideal for regular checks before committing any source code update.
• Actionable Reports: The TIS Report delivers a comprehensive view of code vulnerabilities, making it easier for teams to address security concerns promptly. The Root Cause Investigator provides an intuitive interface to trace issues back to their source in the code.

Getting Started with TrustInSoft Analyzer

TrustInSoft Analyzer is designed to integrate seamlessly into existing software development workflows, from Agile to V-model processes. By tackling security and functional verification early, teams can focus on feature development rather than firefighting bugs. In line with cybersecurity best practices, our team at TrustInSoft follows a 90-day vulnerability disclosure protocol, ensuring that any identified vulnerabilities are communicated promptly.

Ready to see for yourself?

Ready to enhance your code review process and take control of your C/C++ code’s security? Watch our latest “Code Unboxed” session to see TrustInSoft Analyzer in action, or try it out on your own projects by contacting us. TrustInSoft Analyzer could be your next essential tool in secure and reliable code development, embracing memory safety and secure-by-design principles!