For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

Encryption

Module Encryption

Provides predicates and classes relating to encryption in Java.

Import path


                                import semmle.code.java.security.Encryption

Imports

java	Provides all default Java QL imports.

Predicates

getASecureAlgorithmName	Gets the name of an algorithm that is known to be secure.
getAnInsecureAlgorithmName	Gets the name of an algorithm that is known to be insecure.
getAnInsecureHashAlgorithmName	Gets the name of a hash algorithm that is insecure if it is being used for encryption.
getInsecureAlgorithmRegex	Gets the regular expression used for matching strings that look like they contain an algorithm that is known to be insecure.
getSecureAlgorithmRegex	Gets a regular expression for matching strings that look like they contain an algorithm that is known to be secure.

Classes

AlgoParamGeneratorInitMethod	The `init` method declared in `java.security.AlgorithmParameterGenerator`.
AlgorithmParameterGenerator	The Java class `java.security.AlgorithmParameterGenerator`.
AlgorithmParameterSpec	An implementation of the `java.security.spec.AlgorithmParameterSpec` interface.
BeginHandshakeMethod	The `beginHandshake` method of the class `javax.net.ssl.SslEngine`.
CreateSocket
CreateSslEngineMethod	The `createSSLEngine` method of the class `javax.net.ssl.SslContext`.
CryptoAlgoSpec	Any use of a cryptographic element that specifies an encryption algorithm. For example, methods returning ciphers, decryption methods, constructors of cipher classes, etc.
DhGenParameterSpec	The Java class `javax.crypto.spec.DHGenParameterSpec`.
DsaGenParameterSpec	The Java class `java.security.spec.DSAGenParameterSpec`.
EcGenParameterSpec	The Java class `java.security.spec.ECGenParameterSpec`.
GetSocketFactory
GetSslSessionMethod	The `getSession` method of the class `javax.net.ssl.SslSession`.
HostnameVerifier
HostnameVerifierVerify	The `verify` method of the class `javax.net.ssl.HostnameVerifier`.
HttpsUrlConnection	The `javax.net.ssl.HttpsURLConnection` class.
JavaSecurityAlgoParamGenerator	A call to the `getInstance` method declared in `java.security.AlgorithmParameterGenerator`.
JavaSecurityAlgoSpec
JavaSecurityKeyPairGenerator	A call to the `getInstance` method declared in `java.security.KeyPairGenerator`.
JavaSecurityMessageDigest
JavaSecuritySignature
JavaxCryptoAlgoSpec
JavaxCryptoCipher
JavaxCryptoKeyAgreement
JavaxCryptoKeyFactory
JavaxCryptoKeyGenerator
JavaxCryptoSecretKey
KeyGenerator	The Java class `javax.crypto.KeyGenerator`.
KeyGeneratorInitMethod	The `init` method declared in `javax.crypto.KeyGenerator`.
KeyPairGenerator	The Java class `java.security.KeyPairGenerator`.
KeyPairGeneratorInitMethod	The `initialize` method declared in `java.security.KeyPairGenerator`.
RsaKeyGenParameterSpec	The Java class `java.security.spec.RSAKeyGenParameterSpec`.
SetConnectionFactoryMethod	The `setConnectionFactory` method of the class `javax.net.ssl.HttpsURLConnection`.
SetDefaultConnectionFactoryMethod	The `setDefaultConnectionFactory` method of the class `javax.net.ssl.HttpsURLConnection`.
SetDefaultHostnameVerifierMethod	The `setDefaultHostnameVerifier` method of the class `javax.net.ssl.HttpsURLConnection`.
SetHostnameVerifierMethod
SslClass
SslContext
SslEngine	The `javax.net.ssl.SslEngine` class.
SslParameters	The `javax.net.ssl.SslParameters` class.
SslSession	The `javax.net.ssl.SslSession` class.
SslSocket	The `javax.net.ssl.SslSocket` class.
SslSocketFactory
SslUnwrapMethod	The `unwrap` method of the class `javax.net.ssl.SslEngine`.
SslWrapMethod	The `wrap` method of the class `javax.net.ssl.SslEngine`.
TrustManagerCheckMethod
X509TrustManager

Aliases

SSLClass	DEPRECATED: Alias for SslClass
SSLContext	DEPRECATED: Alias for SslContext
SSLEngine	DEPRECATED: Alias for SslEngine
SSLParameters	DEPRECATED: Alias for SslParameters
SSLSession	DEPRECATED: Alias for SslSession
SSLSocket	DEPRECATED: Alias for SslSocket
SSLSocketFactory	DEPRECATED: Alias for SslSocketFactory