CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Module Encryption

Provides predicates and classes relating to encryption in Java.

Import path

import semmle.code.java.security.Encryption

Imports

java

Provides all default Java QL imports.

Predicates

getASecureAlgorithmName

Gets the name of an algorithm that is known to be secure.

getAnInsecureAlgorithmName

Gets the name of an algorithm that is known to be insecure.

getAnInsecureHashAlgorithmName

Gets the name of a hash algorithm that is insecure if it is being used for encryption.

getInsecureAlgorithmRegex

Gets the regular expression used for matching strings that look like they contain an algorithm that is known to be insecure.

getSecureAlgorithmRegex

Gets a regular expression for matching strings that look like they contain an algorithm that is known to be secure.

Classes

AlgoParamGeneratorInitMethod

The init method declared in java.security.AlgorithmParameterGenerator.

AlgorithmParameterGenerator

The Java class java.security.AlgorithmParameterGenerator.

AlgorithmParameterSpec

An implementation of the java.security.spec.AlgorithmParameterSpec interface.

BeginHandshakeMethod

The beginHandshake method of the class javax.net.ssl.SslEngine.

CreateSocket
CreateSslEngineMethod

The createSSLEngine method of the class javax.net.ssl.SslContext.

CryptoAlgoSpec

Any use of a cryptographic element that specifies an encryption algorithm. For example, methods returning ciphers, decryption methods, constructors of cipher classes, etc.

DhGenParameterSpec

The Java class javax.crypto.spec.DHGenParameterSpec.

DsaGenParameterSpec

The Java class java.security.spec.DSAGenParameterSpec.

EcGenParameterSpec

The Java class java.security.spec.ECGenParameterSpec.

GetSocketFactory
GetSslSessionMethod

The getSession method of the class javax.net.ssl.SslSession.

HostnameVerifier
HostnameVerifierVerify

The verify method of the class javax.net.ssl.HostnameVerifier.

HttpsUrlConnection

The javax.net.ssl.HttpsURLConnection class.

JavaSecurityAlgoParamGenerator

A call to the getInstance method declared in java.security.AlgorithmParameterGenerator.

JavaSecurityAlgoSpec
JavaSecurityKeyPairGenerator

A call to the getInstance method declared in java.security.KeyPairGenerator.

JavaSecurityMessageDigest
JavaSecuritySignature
JavaxCryptoAlgoSpec
JavaxCryptoCipher
JavaxCryptoKeyAgreement
JavaxCryptoKeyFactory
JavaxCryptoKeyGenerator
JavaxCryptoSecretKey
KeyGenerator

The Java class javax.crypto.KeyGenerator.

KeyGeneratorInitMethod

The init method declared in javax.crypto.KeyGenerator.

KeyPairGenerator

The Java class java.security.KeyPairGenerator.

KeyPairGeneratorInitMethod

The initialize method declared in java.security.KeyPairGenerator.

RsaKeyGenParameterSpec

The Java class java.security.spec.RSAKeyGenParameterSpec.

SetConnectionFactoryMethod
SetDefaultHostnameVerifierMethod

The setDefaultHostnameVerifier method of the class javax.net.ssl.HttpsURLConnection.

SetHostnameVerifierMethod
SslClass
SslContext
SslEngine

The javax.net.ssl.SslEngine class.

SslParameters

The javax.net.ssl.SslParameters class.

SslSession

The javax.net.ssl.SslSession class.

SslSocket

The javax.net.ssl.SslSocket class.

SslSocketFactory
SslUnwrapMethod

The unwrap method of the class javax.net.ssl.SslEngine.

SslWrapMethod

The wrap method of the class javax.net.ssl.SslEngine.

TrustManagerCheckMethod
X509TrustManager

Aliases

HttpsURLConnection

DEPRECATED: Alias for HttpsUrlConnection

SSLClass

DEPRECATED: Alias for SslClass

SSLContext

DEPRECATED: Alias for SslContext

SSLEngine

DEPRECATED: Alias for SslEngine

SSLParameters

DEPRECATED: Alias for SslParameters

SSLSession

DEPRECATED: Alias for SslSession

SSLSocket

DEPRECATED: Alias for SslSocket

SSLSocketFactory

DEPRECATED: Alias for SslSocketFactory