hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2eb93b7a3b5875bc1186d686a7ab60aa94bd13f1
codeql/java/ql/test/query-tests/security/CWE-287/InsecureKeys/Test1/Test.java
Joe Farebrother 2eb93b7a3b Add unit tests
2024-02-12 13:49:45 +00:00

21 lines
867 B
Java
Raw Blame History

import android.security.keystore.KeyGenParameterSpec;
import android.hardware.biometrics.BiometricPrompt;
import android.security.keystore.KeyProperties;
class Test {
void test() {
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder("MySecretKey", KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);
builder.setUserAuthenticationRequired(false); // $insecure-key
builder.setInvalidatedByBiometricEnrollment(false); // $insecure-key
builder.setUserAuthenticationValidityDurationSeconds(30); // $insecure-key
}
}
class Callback extends BiometricPrompt.AuthenticationCallback {
public static void useKey(BiometricPrompt.CryptoObject key) {}
@Override
public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
useKey(result.getCryptoObject());
}
}
Reference in New Issue View Git Blame Copy Permalink