Version: 2.0
Scope: Crypto, memory safety, availability, information disclosure, secure error handling.
Comprehensive security checklist based on CWE vulnerabilities and attack patterns.
| Check | CWE | Description |
|---|---|---|
| [ ] Nonce Uniqueness | CWE-323 | AES-GCM nonce unique per encryption (CRITICAL!) |
| [ ] Nonce Tracking | CWE-323 | Track used nonces, enforce MAX_NONCES_PER_KEY |
| [ ] Key Rotation | CWE-323 | Rotate key after nonce limit reached |
| [ ] Cryptographic RNG | CWE-330 | OpenSSL/OS CSPRNG for keys/nonces |
| [ ] Random IDs | CWE-330 | No sequential key/session IDs |
| [ ] Constant-time Comparison | CWE-208 | For secrets, MACs, tokens, API keys |
| [ ] Replay Protection | CWE-294 | Nonce/timestamp/sequence tracking |
| [ ] Channel Encryption | CWE-300 | mTLS for external communication |
| Check | CWE | Description |
|---|---|---|
| [ ] Memory Zeroization | CWE-316 | Clear secrets after use |
| [ ] No Secrets in Logs | CWE-532 | Never log keys, passwords, tokens |
| [ ] Secure String Handling | CWE-316 | SecureString (C#), secrecy (Rust) |
| [ ] Key Material Cleared | CWE-316 | try-finally ensures cleanup on exception |
| Check | CWE | Description |
|---|---|---|
| [ ] Size Limits | CWE-400 | MAX_PAYLOAD_SIZE enforced (default: 64KB) |
| [ ] Integer Overflow | CWE-190 | SafeAdd(), checked_add(), checked arithmetic |
| [ ] Null Checks | CWE-476 | At all API boundaries |
| [ ] No Unwrap on Input | CWE-248 | Proper error handling, no panic on malformed data |
| [ ] Parameterized Queries | CWE-89 | Never string concatenation for SQL |
| [ ] Character Validation | - | Whitelist for identifiers where appropriate |
| Check | CWE | Description |
|---|---|---|
| [ ] Sanitized Messages | CWE-209 | No paths/versions/stack traces to client |
| [ ] Full Error Logging | - | Log complete error internally before sanitizing |
| [ ] No Panic in Service | CWE-248 | Graceful error recovery, service stays up |
| [ ] Stack Trace Preserved | - | Re-throw without wrapping |
| Check | CWE | Description |
|---|---|---|
| [ ] Rate Limiting | CWE-400 | Token bucket per client/endpoint |
| [ ] Request Size Limits | CWE-400 | Reject oversized payloads early |
| [ ] Lock Safety | CWE-667 | Lock recovery mechanism |
| [ ] Resource Cleanup | CWE-772 | try-finally, using, defer, RAII - always |
| [ ] Timeout Handling | CWE-400 | Timeouts on all external operations |
| Check | CWE | Description |
|---|---|---|
| [ ] Lock Poisoning Handled | CWE-667 | Recovery from poisoned locks |
| [ ] No Race Conditions | CWE-362 | Thread-safe data structures |
| [ ] Atomic Operations | CWE-362 | For counters, flags, shared state |
| [ ] Deadlock Prevention | CWE-833 | Lock ordering, timeouts |
| Check | Standard | Description |
|---|---|---|
| [ ] All Modifications Logged | ISO 27001 A.12.4 | Data changes with user, timestamp, old/new value |
| [ ] Security Events Logged | NIS2 Art. 21 | Failed auth, rate limiting, suspicious input |
| [ ] Log File Rotation | - | Incremental format |
| [ ] No Sensitive Data in Logs | CWE-532 | Audit for accidental exposure |
Cryptographic Attacks:
Input Attacks:
Availability Attacks:
Information Disclosure:
<wvds:audit:template critical=„true“> No exec/shell_exec/system calls No eval() calls Output escaping SQL injection prevention CSRF protection </wvds:audit:template>
Version: 2.0 (Split)
Author: Wolfgang van der Stille
Back to Security Checklists | Review Checklists