CodeQL library for Java
Search

Module Encryption

Provides predicates and classes relating to encryption in Java.

Import path

import semmle.code.java.security.Encryption

Imports

java

Provides all default Java QL imports.

Predicates

getASecureAlgorithmName

Gets the name of an algorithm that is known to be secure.

getAnInsecureAlgorithmName

Gets the name of an algorithm that is known to be insecure.

getAnInsecureHashAlgorithmName

Gets the name of a hash algorithm that is insecure if it is being used for encryption.

getInsecureAlgorithmRegex

Gets the regular expression used for matching strings that look like they contain an algorithm that is known to be insecure.

getSecureAlgorithmRegex

Gets a regular expression for matching strings that look like they contain an algorithm that is known to be secure.

Classes

BeginHandshakeMethod

The beginHandshake method of the class javax.net.ssl.SSLEngine.

CreateSocket
CreateSslEngineMethod

The createSSLEngine method of the class javax.net.ssl.SSLContext.

CryptoAlgoSpec

Any use of a cryptographic element that specifies an encryption algorithm. For example, methods returning ciphers, decryption methods, constructors of cipher classes, etc.

GetSocketFactory
GetSslSessionMethod

The getSession method of the class javax.net.ssl.SSLSession.

HostnameVerifier
HostnameVerifierVerify

The verify method of the class javax.net.ssl.HostnameVerifier.

HttpsUrlConnection

The javax.net.ssl.HttpsURLConnection class.

JavaSecurityAlgoSpec
JavaSecurityKeyPairGenerator

A method call to the Java class java.security.KeyPairGenerator.

JavaSecurityMessageDigest
JavaSecuritySignature
JavaxCryptoAlgoSpec
JavaxCryptoCipher
JavaxCryptoKeyAgreement
JavaxCryptoKeyFactory
JavaxCryptoKeyGenerator
JavaxCryptoSecretKey
KeyGenerator

The Java class javax.crypto.KeyGenerator.

KeyPairGenerator

The Java class java.security.KeyPairGenerator.

SSLClass
SSLContext
SSLEngine

The javax.net.ssl.SSLEngine class.

SSLParameters

The javax.net.ssl.SSLParameters class.

SSLSession

The javax.net.ssl.SSLSession class.

SSLSocket

The javax.net.ssl.SSLSocket class.

SSLSocketFactory
SetConnectionFactoryMethod
SetDefaultHostnameVerifierMethod

The setDefaultHostnameVerifier method of the class javax.net.ssl.HttpsURLConnection.

SetHostnameVerifierMethod
SslUnwrapMethod

The unwrap method of the class javax.net.ssl.SSLEngine.

SslWrapMethod

The wrap method of the class javax.net.ssl.SSLEngine.

TrustManagerCheckMethod
X509TrustManager

Aliases

HttpsURLConnection

DEPRECATED: Alias for HttpsUrlConnection