For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

Encryption

Module Encryption

Provides predicates relating to encryption in C and C++.


                                import semmle.code.cpp.security.Encryption

cpp	Provides classes and predicates for working with C/C++ code.

getASecureAlgorithmName	Gets the name of an algorithm that is known to be secure.
getAnInsecureAlgorithmName	Gets the name of an algorithm that is known to be insecure.
getAnInsecureHashAlgorithmName	Gets the name of a hash algorithm that is insecure if it is being used for encryption (but it is hard to know when that is happening).
getInsecureAlgorithmRegex	Gets the regular expression used for matching strings that look like they contain an algorithm that is known to be insecure.
getSecureAlgorithmRegex	Gets a regular expression for matching strings that look like they contain an algorithm that is known to be secure.
isEncryptionAdditionalEvidence	Holds if there is additional evidence that `name` looks like it might be related to operations with an encryption algorithm, besides the name of a specific algorithm. This can be used in conjunction with `isInsecureEncryption` to produce a stronger heuristic.
isInsecureEncryption	Holds if `name` looks like it might be related to operations with an insecure encryption algorithm.