hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16482 from grakshith/rakshith/tune-java-crypto

Browse Source 
Java: Add RSA/ECB/OEAP ciphers to the list of secure algorithms
This commit is contained in:
Tony Torralba
2024-06-10 17:27:35 +02:00
committed by GitHub
parent 7ecf1f9010 798a736d16
commit 7336dd1ae5
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll
View File

@@ -15,6 +15,8 @@ private class ShortStringLiteral extends StringLiteral {
class BrokenAlgoLiteral extends ShortStringLiteral {
BrokenAlgoLiteral() {
this.getValue().regexpMatch(getInsecureAlgorithmRegex()) and
// Exclude RSA/ECB/.* ciphers.
not this.getValue().regexpMatch("RSA/ECB.*") and
// Exclude German and French sentences.
not this.getValue().regexpMatch(".*\\p{IsLowercase} des \\p{IsLetter}.*")
}