hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: convert RsaWithoutOaep test to .qlref

Browse Source
This commit is contained in:
Nora Dimitrijević
2025-06-24 11:13:17 +02:00
parent b7e47e2cf3
commit cadfd0dcaa
4 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/test/query-tests/security/CWE-780/RsaWithoutOaepTest.expected
View File

@@ -0,0 +1,12 @@
#select
| RsaWithoutOaepTest.java:5:44:5:62 | "RSA/ECB/NoPadding" | RsaWithoutOaepTest.java:5:44:5:62 | "RSA/ECB/NoPadding" | RsaWithoutOaepTest.java:5:44:5:62 | "RSA/ECB/NoPadding" | This specification is used to $@ without OAEP padding. | RsaWithoutOaepTest.java:5:44:5:62 | "RSA/ECB/NoPadding" | initialize an RSA cipher |
| RsaWithoutOaepTest.java:15:32:15:50 | "RSA/ECB/NoPadding" : String | RsaWithoutOaepTest.java:15:32:15:50 | "RSA/ECB/NoPadding" : String | RsaWithoutOaepTest.java:11:35:11:38 | spec | This specification is used to $@ without OAEP padding. | RsaWithoutOaepTest.java:11:35:11:38 | spec | initialize an RSA cipher |
edges
| RsaWithoutOaepTest.java:10:29:10:39 | spec : String | RsaWithoutOaepTest.java:11:35:11:38 | spec | provenance | |
| RsaWithoutOaepTest.java:15:32:15:50 | "RSA/ECB/NoPadding" : String | RsaWithoutOaepTest.java:10:29:10:39 | spec : String | provenance | |
nodes
| RsaWithoutOaepTest.java:5:44:5:62 | "RSA/ECB/NoPadding" | semmle.label | "RSA/ECB/NoPadding" |
| RsaWithoutOaepTest.java:10:29:10:39 | spec : String | semmle.label | spec : String |
| RsaWithoutOaepTest.java:11:35:11:38 | spec | semmle.label | spec |
| RsaWithoutOaepTest.java:15:32:15:50 | "RSA/ECB/NoPadding" : String | semmle.label | "RSA/ECB/NoPadding" : String |
subpaths

10
java/ql/test/query-tests/security/CWE-780/RsaWithoutOaepTest.java
View File

@@ -2,16 +2,16 @@ import javax.crypto.Cipher;
class RsaWithoutOaep {
public void test() throws Exception {
Cipher rsaBad = Cipher.getInstance("RSA/ECB/NoPadding"); // $hasTaintFlow
Cipher rsaBad = Cipher.getInstance("RSA/ECB/NoPadding"); // $ Alert
Cipher rsaGood = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
Cipher rsaGood = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
}
public Cipher getCipher(String spec) throws Exception {
return Cipher.getInstance(spec); // $hasTaintFlow
return Cipher.getInstance(spec); // $ Sink
}
public void test2() throws Exception {
Cipher rsa = getCipher("RSA/ECB/NoPadding");
Cipher rsa = getCipher("RSA/ECB/NoPadding"); // $ Alert
}
}
}

4
java/ql/test/query-tests/security/CWE-780/RsaWithoutOaepTest.ql
View File

@@ -1,4 +0,0 @@
import java
import utils.test.InlineFlowTest
import semmle.code.java.security.RsaWithoutOaepQuery
import TaintFlowTest<RsaWithoutOaepConfig>

4
java/ql/test/query-tests/security/CWE-780/RsaWithoutOaepTest.qlref Normal file
View File

@@ -0,0 +1,4 @@
query: Security/CWE/CWE-780/RsaWithoutOaep.ql
postprocess:
- utils/test/PrettyPrintModels.ql
- utils/test/InlineExpectationsTestQuery.ql