Crypto: Update InsecureIVorNonce to be a path problem.

2026-04-24 16:25:15 +02:00 · 2025-10-13 15:29:57 -04:00
parent bd068c2a69
commit 76128ed8dc
4 changed files with 179 additions and 32 deletions
--- a/java/ql/lib/experimental/quantum/Language.qll
+++ b/java/ql/lib/experimental/quantum/Language.qll
@@ -93,20 +93,6 @@ private class GenericRemoteDataSource extends Crypto::GenericRemoteDataSource {
  override string getAdditionalDescription() { result = this.toString() }
 }

-// /**
-//  * A property access value (constant from a file)
-//  */
-// class PropertyConstant extends  Crypto::GenericConstantSourceInstance instanceof Literal{
-//   PropertyConstant() {
-//     value = this.getPropertyValue() and
-//     // Since properties pairs are not included in the java/weak-cryptographic-algorithm,
-//     // the check for values from properties files can be less strict than `InsecureAlgoLiteral`.
-//     not value.regexpMatch(getSecureAlgorithmRegex())
-//   }
-//   override string getStringValue() { result = value }
-// }
-import semmle.code.java.dataflow.RangeUtils
-// TODO: import all frameworks?
 import semmle.code.java.frameworks.Properties
 private import semmle.code.configfiles.ConfigFiles