hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 15:25:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Convert set Key of SymmetricAlgorithm to Csv sink.

Browse Source
This commit is contained in:
Michael Nebel
2022-06-21 16:11:31 +02:00
parent 032448041d
commit a5b7e2a2e1
1 changed files with 6 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
csharp/ql/lib/semmle/code/csharp/security/cryptography/HardcodedSymmetricEncryptionKey.qll
View File

@@ -39,29 +39,22 @@ module HardcodedSymmetricEncryptionKey {
StringLiteralSource() { this.asExpr() instanceof StringLiteral }
}
private class SymmetricEncryptionKeyPropertySink extends Sink {
SymmetricEncryptionKeyPropertySink() {
this.asExpr() = any(SymmetricAlgorithm sa).getKeyProperty().getAnAssignedValue()
}
override string getDescription() { result = "'Key' property assignment" }
}
private class SymmetricAlgorithmCreateSinkCsv extends SinkModelCsv {
private class SymmetricAlgorithmSinkCsv extends SinkModelCsv {
override predicate row(string row) {
row =
[
"System.Security.Cryptography;SymmetricAlgorithm;true;CreateEncryptor;(System.Byte[],System.Byte[]);;Argument[0];encryption-encryptor",
"System.Security.Cryptography;SymmetricAlgorithm;true;CreateDecryptor;(System.Byte[],System.Byte[]);;Argument[0];encryption-decryptor",
"System.Security.Cryptography;SymmetricAlgorithm;true;set_Key;(System.Byte[]);;Argument[0];encryption-keyprop",
"Windows.Security.Cryptography.Core;SymmetricKeyAlgorithmProvider;false;CreateSymmetricKey;(Windows.Storage.Streams.IBuffer);;Argument[0];encryption-symmetrickey"
]
}
}
private class SymmetricAlgorithmCreateEncryptorSink extends Sink {
private class SymmetricAlgorithmSink extends Sink {
private string kind;
SymmetricAlgorithmCreateEncryptorSink() { sinkNode(this, kind) and kind.matches("encryption%") }
SymmetricAlgorithmSink() { sinkNode(this, kind) and kind.matches("encryption%") }
override string getDescription() {
kind = "encryption-encryptor" and result = "Encryptor(rgbKey, IV)"
@@ -69,6 +62,8 @@ module HardcodedSymmetricEncryptionKey {
kind = "encryption-decryptor" and result = "Decryptor(rgbKey, IV)"
or
kind = "encryption-symmetrickey" and result = "CreateSymmetricKey(IBuffer keyMaterial)"
or
kind = "encryption-keyprop" and result = "'Key' property assignment"
}
}