Merge branch 'santander-java-crypto-check' of https://github.com/bdrodes/codeql into santander-java-crypto-check

java/ql/lib/experimental/quantum/Language.qll

@@ -115,7 +115,7 @@ private class ConstantDataSourceLiteral extends Crypto::GenericConstantSourceIns
 
 private class ConstantDataSourceArrayInitializer extends Crypto::GenericConstantSourceInstance instanceof ArrayInit
 {
-  ConstantDataSourceArrayInitializer() { exists(Literal l | this.getAnInit() = l) }
+  ConstantDataSourceArrayInitializer() { this.getAnInit() instanceof Literal }
 
   override DataFlow::Node getOutputNode() { result.asExpr() = this }
 

java/ql/src/experimental/quantum/Analysis/NonAESGCMCipher.ql

@@ -19,6 +19,7 @@ class NonAESGCMAlgorithmNode extends Crypto::KeyOperationAlgorithmNode {
 }
 
 from Crypto::KeyOperationNode op, Crypto::KeyOperationOutputNode codeNode
-where op.getAKnownAlgorithm() instanceof NonAESGCMAlgorithmNode and
-    codeNode = op.getAnOutputArtifact()
-select op, "Non-AES-GCM instance."
+where
+  op.getAKnownAlgorithm() instanceof NonAESGCMAlgorithmNode and
+  codeNode = op.getAnOutputArtifact()
+select op, "Non-AES-GCM instance."

java/ql/src/experimental/quantum/Analysis/WeakKDFIterationCount.ql

@@ -17,4 +17,4 @@ where
   op.getIterationCount().asElement() = l and
   l.getValue().toInt() < 100000
 select op, "Key derivation operation configures iteration count below 100k: $@", l,
-  l.getValue().toString()
+  l.getValue().toString()