mirror of
https://github.com/github/codeql.git
synced 2026-04-26 09:15:12 +02:00
Refactor tests
This commit is contained in:
Tony Torralba
@@ -16,5 +16,5 @@ import DataFlow::PathGraph
|
||||
|
||||
from DataFlow::PathNode source, DataFlow::PathNode sink
|
||||
where any(InsecureTrustManagerConfiguration cfg).hasFlowPath(source, sink)
|
||||
select sink, source, sink, "This $@, that is defined $@, trusts any certificate and is used here.",
|
||||
select sink, source, sink, "This $@, which is defined $@ and trusts any certificate, is used here.",
|
||||
source, "TrustManager", source.getNode().asExpr().(ClassInstanceExpr).getConstructedType(), "here"
|
||||
|
||||
@@ -1,94 +0,0 @@
|
||||
edges
|
||||
| InsecureTrustManagerTest.java:121:33:121:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:122:22:122:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:121:54:121:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:121:33:121:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:151:34:151:82 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:152:23:152:34 | trustManager |
|
||||
| InsecureTrustManagerTest.java:151:55:151:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:151:34:151:82 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:193:34:193:82 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:194:23:194:34 | trustManager |
|
||||
| InsecureTrustManagerTest.java:193:55:193:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:193:34:193:82 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:235:34:235:82 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:236:23:236:34 | trustManager |
|
||||
| InsecureTrustManagerTest.java:235:55:235:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:235:34:235:82 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:257:34:257:82 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:258:23:258:34 | trustManager |
|
||||
| InsecureTrustManagerTest.java:257:55:257:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:257:34:257:82 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:280:34:280:82 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:281:23:281:34 | trustManager |
|
||||
| InsecureTrustManagerTest.java:280:55:280:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:280:34:280:82 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:305:33:305:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:306:22:306:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:305:54:305:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:305:33:305:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:319:33:319:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:320:22:320:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:319:54:319:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:319:33:319:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:333:33:333:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:334:22:334:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:333:54:333:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:333:33:333:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:347:33:347:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:348:22:348:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:347:54:347:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:347:33:347:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:361:33:361:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:362:22:362:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:361:54:361:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:361:33:361:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:375:33:375:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:376:22:376:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:375:54:375:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:375:33:375:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:390:33:390:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:391:22:391:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:390:54:390:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:390:33:390:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:405:33:405:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:406:22:406:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:405:54:405:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:405:33:405:81 | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:414:33:414:81 | {...} [[]] : InsecureTrustManager | InsecureTrustManagerTest.java:415:22:415:33 | trustManager |
|
||||
| InsecureTrustManagerTest.java:414:54:414:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:414:33:414:81 | {...} [[]] : InsecureTrustManager |
|
||||
nodes
|
||||
| InsecureTrustManagerTest.java:121:33:121:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:121:54:121:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:122:22:122:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:151:34:151:82 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:151:55:151:80 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:152:23:152:34 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:193:34:193:82 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:193:55:193:80 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:194:23:194:34 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:235:34:235:82 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:235:55:235:80 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:236:23:236:34 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:257:34:257:82 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:257:55:257:80 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:258:23:258:34 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:280:34:280:82 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:280:55:280:80 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:281:23:281:34 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:305:33:305:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:305:54:305:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:306:22:306:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:319:33:319:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:319:54:319:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:320:22:320:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:333:33:333:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:333:54:333:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:334:22:334:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:347:33:347:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:347:54:347:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:348:22:348:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:361:33:361:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:361:54:361:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:362:22:362:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:375:33:375:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:375:54:375:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:376:22:376:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:390:33:390:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:390:54:390:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:391:22:391:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:405:33:405:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:405:54:405:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:406:22:406:33 | trustManager | semmle.label | trustManager |
|
||||
| InsecureTrustManagerTest.java:414:33:414:81 | {...} [[]] : InsecureTrustManager | semmle.label | {...} [[]] : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:414:54:414:79 | new InsecureTrustManager(...) : InsecureTrustManager | semmle.label | new InsecureTrustManager(...) : InsecureTrustManager |
|
||||
| InsecureTrustManagerTest.java:415:22:415:33 | trustManager | semmle.label | trustManager |
|
||||
subpaths
|
||||
#select
|
||||
| InsecureTrustManagerTest.java:122:22:122:33 | trustManager | InsecureTrustManagerTest.java:121:54:121:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:122:22:122:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:121:54:121:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:152:23:152:34 | trustManager | InsecureTrustManagerTest.java:151:55:151:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:152:23:152:34 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:151:55:151:80 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:194:23:194:34 | trustManager | InsecureTrustManagerTest.java:193:55:193:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:194:23:194:34 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:193:55:193:80 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:236:23:236:34 | trustManager | InsecureTrustManagerTest.java:235:55:235:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:236:23:236:34 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:235:55:235:80 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:258:23:258:34 | trustManager | InsecureTrustManagerTest.java:257:55:257:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:258:23:258:34 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:257:55:257:80 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:281:23:281:34 | trustManager | InsecureTrustManagerTest.java:280:55:280:80 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:281:23:281:34 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:280:55:280:80 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:306:22:306:33 | trustManager | InsecureTrustManagerTest.java:305:54:305:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:306:22:306:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:305:54:305:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:320:22:320:33 | trustManager | InsecureTrustManagerTest.java:319:54:319:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:320:22:320:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:319:54:319:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:334:22:334:33 | trustManager | InsecureTrustManagerTest.java:333:54:333:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:334:22:334:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:333:54:333:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:348:22:348:33 | trustManager | InsecureTrustManagerTest.java:347:54:347:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:348:22:348:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:347:54:347:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:362:22:362:33 | trustManager | InsecureTrustManagerTest.java:361:54:361:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:362:22:362:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:361:54:361:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:376:22:376:33 | trustManager | InsecureTrustManagerTest.java:375:54:375:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:376:22:376:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:375:54:375:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:391:22:391:33 | trustManager | InsecureTrustManagerTest.java:390:54:390:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:391:22:391:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:390:54:390:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:406:22:406:33 | trustManager | InsecureTrustManagerTest.java:405:54:405:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:406:22:406:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:405:54:405:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
| InsecureTrustManagerTest.java:415:22:415:33 | trustManager | InsecureTrustManagerTest.java:414:54:414:79 | new InsecureTrustManager(...) : InsecureTrustManager | InsecureTrustManagerTest.java:415:22:415:33 | trustManager | This $@, that is defined $@, trusts any certificate and is used here. | InsecureTrustManagerTest.java:414:54:414:79 | new InsecureTrustManager(...) : InsecureTrustManager | TrustManager | InsecureTrustManagerTest.java:35:23:35:42 | InsecureTrustManager | here |
|
||||
@@ -1 +0,0 @@
|
||||
Security/CWE/CWE-295/InsecureTrustManager.ql
|
||||
@@ -39,14 +39,12 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
|
||||
// BAD: Does not verify the certificate chain, allowing any certificate.
|
||||
}
|
||||
public void checkServerTrusted(X509Certificate[] chain, String authType)
|
||||
throws CertificateException {}
|
||||
|
||||
@Override
|
||||
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
|
||||
|
||||
}
|
||||
public void checkClientTrusted(X509Certificate[] chain, String authType)
|
||||
throws CertificateException {}
|
||||
}
|
||||
|
||||
public static void main(String[] args) throws Exception {
|
||||
@@ -88,8 +86,9 @@ public class InsecureTrustManagerTest {
|
||||
|
||||
}
|
||||
|
||||
private static void directSecureTrustManagerCall() throws NoSuchAlgorithmException, KeyStoreException, IOException,
|
||||
CertificateException, FileNotFoundException, KeyManagementException, MalformedURLException {
|
||||
private static void directSecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException,
|
||||
FileNotFoundException, KeyManagementException, MalformedURLException {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
File certificateFile = new File("path/to/self-signed-certificate");
|
||||
// Create a `KeyStore` with default type
|
||||
@@ -98,49 +97,46 @@ public class InsecureTrustManagerTest {
|
||||
keyStore.load(null, null);
|
||||
X509Certificate generatedCertificate;
|
||||
try (InputStream cert = new FileInputStream(certificateFile)) {
|
||||
generatedCertificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(cert);
|
||||
generatedCertificate = (X509Certificate) CertificateFactory.getInstance("X509")
|
||||
.generateCertificate(cert);
|
||||
}
|
||||
// Add the self-signed certificate to the key store
|
||||
keyStore.setCertificateEntry(certificateFile.getName(), generatedCertificate);
|
||||
// Get default `TrustManagerFactory`
|
||||
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
|
||||
TrustManagerFactory tmf =
|
||||
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
|
||||
// Use it with our modified key store that trusts our self-signed certificate
|
||||
tmf.init(keyStore);
|
||||
TrustManager[] trustManagers = tmf.getTrustManagers();
|
||||
context.init(null, trustManagers, null); // GOOD, we are not using a custom `TrustManager` but instead have
|
||||
// added the self-signed certificate we want to trust to the key
|
||||
// store. Note, the `trustManagers` will **only** trust this one
|
||||
// certificate.
|
||||
// we are not using a custom `TrustManager` but instead have added the self-signed
|
||||
// certificate we want to trust to the key store. Note, the `trustManagers` will **only**
|
||||
// trust this one certificate.
|
||||
context.init(null, trustManagers, null); // Safe
|
||||
URL url = new URL("https://self-signed.badssl.com/");
|
||||
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
|
||||
conn.setSSLSocketFactory(context.getSocketFactory());
|
||||
}
|
||||
|
||||
private static void directInsecureTrustManagerCall() throws NoSuchAlgorithmException, KeyManagementException {
|
||||
private static void directInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
private static void namedVariableFlagDirectInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (TRUST_ALL) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // GOOD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. BUT it is guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // Safe: guarded by feature flag
|
||||
}
|
||||
}
|
||||
|
||||
private static void namedVariableFlagIndirectInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (TRUST_ALL) {
|
||||
disableTrustManager(); // GOOD [But the disableTrustManager method itself is still detected]: Calls a
|
||||
// method that install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. BUT it is guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Safe: guarded by feature flag
|
||||
}
|
||||
}
|
||||
|
||||
@@ -148,20 +144,15 @@ public class InsecureTrustManagerTest {
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (SOME_NAME_THAT_IS_NOT_A_FLAG_NAME) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
private static void noNamedVariableFlagIndirectInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (SOME_NAME_THAT_IS_NOT_A_FLAG_NAME) {
|
||||
disableTrustManager(); // BAD [This is detected in the disableTrustManager method]: Calls a method that
|
||||
// install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Alert is in the method
|
||||
}
|
||||
}
|
||||
|
||||
@@ -169,20 +160,15 @@ public class InsecureTrustManagerTest {
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (Boolean.parseBoolean(System.getProperty("TRUST_ALL"))) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // GOOD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. BUT it is guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // Safe: guarded by feature flag
|
||||
}
|
||||
}
|
||||
|
||||
private static void stringLiteralFlagIndirectInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (Boolean.parseBoolean(System.getProperty("TRUST_ALL"))) {
|
||||
disableTrustManager(); // GOOD [But the disableTrustManager method itself is still detected]: Calls a
|
||||
// method that install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. BUT it is guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Safe: guarded by feature flag
|
||||
}
|
||||
}
|
||||
|
||||
@@ -190,20 +176,15 @@ public class InsecureTrustManagerTest {
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (Boolean.parseBoolean(System.getProperty("SOME_NAME_THAT_IS_NOT_A_FLAG_NAME"))) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
private static void noStringLiteralFlagIndirectInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (Boolean.parseBoolean(System.getProperty("SOME_NAME_THAT_IS_NOT_A_FLAG_NAME"))) {
|
||||
disableTrustManager(); // BAD [This is detected in the disableTrustManager method]: Calls a method that
|
||||
// install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Alert is in the method
|
||||
}
|
||||
}
|
||||
|
||||
@@ -211,20 +192,15 @@ public class InsecureTrustManagerTest {
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (isDisableTrust()) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // GOOD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. BUT it is guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // Safe: guarded by feature flag
|
||||
}
|
||||
}
|
||||
|
||||
private static void methodAccessFlagIndirectInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (isDisableTrust()) {
|
||||
disableTrustManager(); // GOOD [But the disableTrustManager method itself is still detected]: Calls a
|
||||
// method that install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. BUT it is guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Safe: guarded by feature flag
|
||||
}
|
||||
}
|
||||
|
||||
@@ -232,20 +208,15 @@ public class InsecureTrustManagerTest {
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (is42TheAnswerForEverything()) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
private static void noMethodAccessFlagIndirectInsecureTrustManagerCall()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
if (is42TheAnswerForEverything()) {
|
||||
disableTrustManager(); // BAD [This is detected in the disableTrustManager method]: Calls a method that
|
||||
// install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Alert is in the method
|
||||
}
|
||||
}
|
||||
|
||||
@@ -254,10 +225,8 @@ public class InsecureTrustManagerTest {
|
||||
String schemaFromHttpRequest = "HTTPS";
|
||||
if (schemaFromHttpRequest.equalsIgnoreCase("https")) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
@@ -265,10 +234,7 @@ public class InsecureTrustManagerTest {
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
String schemaFromHttpRequest = "HTTPS";
|
||||
if (schemaFromHttpRequest.equalsIgnoreCase("https")) {
|
||||
disableTrustManager(); // BAD [This is detected in the disableTrustManager method]: Calls a method that
|
||||
// install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Alert is in the method
|
||||
}
|
||||
}
|
||||
|
||||
@@ -277,10 +243,8 @@ public class InsecureTrustManagerTest {
|
||||
String schemaFromHttpRequest = "HTTPS";
|
||||
if (!schemaFromHttpRequest.equalsIgnoreCase("https")) {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
|
||||
@@ -288,10 +252,7 @@ public class InsecureTrustManagerTest {
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
String schemaFromHttpRequest = "HTTPS";
|
||||
if (!schemaFromHttpRequest.equalsIgnoreCase("https")) {
|
||||
disableTrustManager(); // BAD [This is detected in the disableTrustManager method]: Calls a method that
|
||||
// install a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag.
|
||||
disableTrustManager(); // Alert is in the method
|
||||
}
|
||||
}
|
||||
|
||||
@@ -302,10 +263,8 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
|
||||
}
|
||||
|
||||
@@ -316,10 +275,8 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if and it is NOT a valid flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
|
||||
}
|
||||
|
||||
@@ -330,10 +287,8 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
|
||||
}
|
||||
|
||||
@@ -344,10 +299,8 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if and it is NOT a valid flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
|
||||
}
|
||||
|
||||
@@ -358,10 +311,8 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
|
||||
}
|
||||
|
||||
@@ -372,11 +323,8 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if and it is NOT a valid flag.
|
||||
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
|
||||
private static void isEqualsIgnoreCaseNOTGuardingDirectInsecureTrustManagerCall()
|
||||
@@ -387,10 +335,8 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if and it is NOT a valid flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
|
||||
}
|
||||
|
||||
@@ -402,19 +348,15 @@ public class InsecureTrustManagerTest {
|
||||
}
|
||||
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the certificate
|
||||
// chain, allowing any certificate. It is NOT guarded
|
||||
// by a feature flag, because it is outside the if and it is NOT a valid flag.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
|
||||
}
|
||||
|
||||
private static void disableTrustManager() throws NoSuchAlgorithmException, KeyManagementException {
|
||||
private static void disableTrustManager()
|
||||
throws NoSuchAlgorithmException, KeyManagementException {
|
||||
SSLContext context = SSLContext.getInstance("TLS");
|
||||
TrustManager[] trustManager = new TrustManager[] { new InsecureTrustManager() };
|
||||
context.init(null, trustManager, null); // BAD: Uses a `TrustManager` that does not verify the
|
||||
// certificate
|
||||
// chain, allowing any certificate. The method name suggests that this may be
|
||||
// intentional, but we flag it anyway.
|
||||
TrustManager[] trustManager = new TrustManager[] {new InsecureTrustManager()};
|
||||
context.init(null, trustManager, null); // $ hasTaintFlow
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,11 @@
|
||||
import java
|
||||
import semmle.code.java.security.InsecureTrustManagerQuery
|
||||
import TestUtilities.InlineFlowTest
|
||||
|
||||
class InsecureTrustManagerTest extends InlineFlowTest {
|
||||
override DataFlow::Configuration getValueFlowConfig() { none() }
|
||||
|
||||
override TaintTracking::Configuration getTaintFlowConfig() {
|
||||
result = any(InsecureTrustManagerConfiguration c)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user