hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactor code into InsufficientKeySize.qll

Browse Source
This commit is contained in:
Jami Cogswell
2022-10-12 15:39:57 -04:00
parent 0fc4a33d43
commit 37d85587e0
5 changed files with 165 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
java/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql
View File

@@ -16,9 +16,10 @@ import semmle.code.java.security.InsufficientKeySizeQuery
import DataFlow::PathGraph
from DataFlow::PathNode source, DataFlow::PathNode sink
where exists(KeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink))
//or
// exists(AsymmetricNonECKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) or
// exists(AsymmetricECKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) or
// exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlowPath(source, sink))
where
//exists(KeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink))
//or
exists(AsymmetricNonECKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) or
exists(AsymmetricECKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) or
exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlowPath(source, sink))
select sink.getNode(), source, sink, "This $@ is too small.", source.getNode(), "key size"