hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 21:25:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Remove overlapping code

Browse Source
This commit is contained in:
intrigus
2020-12-23 16:39:19 +01:00
parent 87554a78d4
commit 1b96d0ac54
4 changed files with 5 additions and 160 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
java/ql/test/experimental/query-tests/security/CWE-273/UnsafeCertTrustTest.java
View File

@@ -18,72 +18,6 @@ import java.security.cert.X509Certificate;
public class UnsafeCertTrustTest {
/**
* Test the implementation of trusting all server certs as a variable
*/
public SSLSocketFactory testTrustAllCertManager() {
try {
final SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[] { TRUST_ALL_CERTIFICATES }, null);
final SSLSocketFactory socketFactory = context.getSocketFactory();
return socketFactory;
} catch (final Exception x) {
throw new RuntimeException(x);
}
}
/**
* Test the implementation of trusting all server certs as an anonymous class
*/
public SSLSocketFactory testTrustAllCertManagerOfVariable() {
try {
SSLContext context = SSLContext.getInstance("TLS");
TrustManager[] serverTMs = new TrustManager[] { new X509TrustAllManager() };
context.init(null, serverTMs, null);
final SSLSocketFactory socketFactory = context.getSocketFactory();
return socketFactory;
} catch (final Exception x) {
throw new RuntimeException(x);
}
}
private static final X509TrustManager TRUST_ALL_CERTIFICATES = new X509TrustManager() {
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType)
throws CertificateException {
}
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType)
throws CertificateException {
// Noncompliant
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null; // Noncompliant
}
};
private class X509TrustAllManager implements X509TrustManager {
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType)
throws CertificateException {
}
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType)
throws CertificateException {
// Noncompliant
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null; // Noncompliant
}
};
/**
* Test the endpoint identification of SSL engine is set to null
*/