Skip to content

Commit c77b175

Browse files
Use CryptoAlgoSpec rather than hadcoding Cipher.getInstance
1 parent 08b7749 commit c77b175

File tree

3 files changed

+12
-11
lines changed

3 files changed

+12
-11
lines changed

java/ql/lib/semmle/code/java/security/RsaWithoutOaepQuery.qll

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
/** Definitions for the RSE without OAEP query */
22

33
import java
4+
import Encryption
45
import semmle.code.java.dataflow.DataFlow
56

6-
/** Holds if `ma` is a call to `Cipher.getInstance` which initialises an RSA cipher without using OAEP padding. */
7-
predicate rsaWithoutOaepCall(MethodAccess ma) {
8-
ma.getMethod().hasQualifiedName("javax.crypto", "Cipher", "getInstance") and
7+
/** Holds if `c` is a call which initialises an RSA cipher without using OAEP padding. */
8+
predicate rsaWithoutOaepCall(CryptoAlgoSpec c) {
99
exists(CompileTimeConstantExpr specExpr, string spec |
1010
specExpr.getStringValue() = spec and
11-
DataFlow::localExprFlow(specExpr, ma.getArgument(0)) and
11+
DataFlow::localExprFlow(specExpr, c.getAlgoSpec()) and
1212
spec.matches("RSA/%") and
1313
not spec.matches("%OAEP%")
1414
)

java/ql/src/Security/CWE/CWE-780/RsaWithoutOaep.ql

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,9 @@
1111
*/
1212

1313
import java
14+
import semmle.code.java.security.Encryption
1415
import semmle.code.java.security.RsaWithoutOaepQuery
1516

16-
from MethodAccess ma
17-
where rsaWithoutOaepCall(ma)
18-
select ma, "This instance of RSA does not use OAEP padding."
17+
from CryptoAlgoSpec c
18+
where rsaWithoutOaepCall(c)
19+
select c, "This instance of RSA does not use OAEP padding."

java/ql/test/query-tests/security/CWE-780/RsaWithoutOaepTest.ql

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,10 @@ class HasResult extends InlineExpectationsTest {
1010
override predicate hasActualResult(Location location, string element, string tag, string value) {
1111
tag = "hasResult" and
1212
value = "" and
13-
exists(MethodAccess ma |
14-
rsaWithoutOaepCall(ma) and
15-
location = ma.getLocation() and
16-
element = ma.toString()
13+
exists(CryptoAlgoSpec c |
14+
rsaWithoutOaepCall(c) and
15+
location = c.getLocation() and
16+
element = c.toString()
1717
)
1818
}
1919
}

0 commit comments

Comments
 (0)