hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Crypto: Updating weak asymmetric key gen to include key exchange.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-10-10 15:32:39 -04:00
parent d68f3cff8b
commit e76ced1513
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/src/experimental/quantum/Examples/WeakAsymmetricKeyGenSize.ql
View File

@@ -17,6 +17,7 @@ where
key.getCreatingOperation().getAKeySizeSource().asElement().(Literal).getValue().toInt() = keySize and
alg = key.getAKnownAlgorithm() and // NOTE: if algorithm is not known (doesn't bind) we need a separate query
not alg instanceof Crypto::EllipticCurveNode and // Elliptic curve sizes are handled separately and are more tied directly to the algorithm
alg instanceof Crypto::AsymmetricAlgorithmNode and
keySize < 2048
select key, "Use of weak asymmetric key size (" + keySize.toString() + " bits) for algorithm $@",
alg, alg.getAlgorithmName()