hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Crypto: Fixed bug in WeakSymmetricCipher.qll, forgot to not only filter if !=AES but the algorithm must still be a SymmetriCipher algorithm.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-10-24 08:16:22 -04:00
parent 8c277bd1d9
commit ed492c7d5a
3 changed files with 20 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/test/experimental/query-tests/quantum/examples/WeakOrUnknownSymmetricCipher/Test.java
View File

@@ -3,6 +3,7 @@ import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import javax.crypto.SecretKeyFactory;
public class Test {
public static void main(String[] args) throws Exception {
@@ -73,5 +74,8 @@ public class Test {
Cipher aesGcmCipher = Cipher.getInstance("AES/GCM/NoPadding");
aesGcmCipher.init(Cipher.ENCRYPT_MODE, aesKey);
byte[] aesGcmEncrypted = aesGcmCipher.doFinal(data);
// GOOD: not a symmetric cipher (Sanity check)
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
}
}