mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
23 lines
940 B
JavaScript
23 lines
940 B
JavaScript
const crypto = require('crypto');
|
|
|
|
var secretText = trusted; // $ Source[js/weak-cryptographic-algorithm] - sensitive according to SensitiveActions.qll
|
|
|
|
const desCipher = crypto.createCipher('des', key);
|
|
const aesCipher = crypto.createCipher('aes-128', key);
|
|
const unknownCipher = crypto.createCipher('unknown', key);
|
|
|
|
desCipher.write(publicInfo, 'utf8', 'hex'); // OK - not secret information
|
|
|
|
desCipher.write(secretText, 'utf8', 'hex'); // $ Alert[js/weak-cryptographic-algorithm]
|
|
|
|
aesCipher.update(secretText, 'utf8', 'hex');
|
|
|
|
unknownCipher.update(secretText, 'utf8', 'hex'); // OK - unknown algorithm
|
|
|
|
desCipher.write(o.trusted, 'utf8', 'hex'); // $ Alert[js/weak-cryptographic-algorithm]
|
|
|
|
desCipher.write(password, 'utf8', 'hex'); // OK - flagged by js/insufficient-password-hash
|
|
|
|
const aesEcbCipher = crypto.createCipher('aes-128-ecb', key);
|
|
aesEcbCipher.update(secretText, 'utf8', 'hex'); // $ Alert[js/weak-cryptographic-algorithm]
|