add symm to the single config; still seems to work

2025-12-20 10:46:30 +01:00 · 2022-10-12 08:51:22 -04:00
parent 29de0c6748
commit 01c2a8cbba
3 changed files with 28 additions and 15 deletions
--- a/java/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql
+++ b/java/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql
@@ -16,10 +16,9 @@ import semmle.code.java.security.InsufficientKeySizeQuery
 import DataFlow::PathGraph

 from DataFlow::PathNode source, DataFlow::PathNode sink
-where
-  exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink))
-  or
-  //   exists(AsymmetricNonECKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) or
-  //   exists(AsymmetricECKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) or
-  exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlowPath(source, sink))
+where exists(KeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink))
+//or
+//   exists(AsymmetricNonECKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) or
+//   exists(AsymmetricECKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) or
+//   exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlowPath(source, sink))
 select sink.getNode(), source, sink, "This $@ is too small.", source.getNode(), "key size"