Module Encryption

Provides predicates and classes relating to encryption in Java.

Import path

import semmle.code.java.security.Encryption

Imports

java	Provides all default Java QL imports.

Predicates

getASecureAlgorithmName	Gets the name of an algorithm that is known to be secure.
getAnInsecureHashAlgorithmName	Gets the name of a hash algorithm that is insecure if it is being used for encryption.
getInsecureAlgorithmReason	Gets the reason why `input` is an insecure algorithm, if any.
getInsecureAlgorithmRegex	Gets the regular expression used for matching strings that look like they contain an algorithm that is known to be insecure.
getSecureAlgorithmRegex	Gets a regular expression for matching strings that look like they contain an algorithm that is known to be secure.
insecureAlgorithm	Holds if `name` is the name of an algorithm that is known to be insecure and `reason` explains why it is insecure.

Classes

AlgoParamGeneratorInitMethod	The `init` method declared in `java.security.AlgorithmParameterGenerator`.
AlgorithmParameterGenerator	The Java class `java.security.AlgorithmParameterGenerator`.
AlgorithmParameterSpec	An implementation of the `java.security.spec.AlgorithmParameterSpec` interface.
BeginHandshakeMethod	The `beginHandshake` method of the class `javax.net.ssl.SslEngine`.
CreateSocket
CreateSslEngineMethod	The `createSSLEngine` method of the class `javax.net.ssl.SslContext`.
CryptoAlgoSpec	Any use of a cryptographic element that specifies an encryption algorithm. For example, methods returning ciphers, decryption methods, constructors of cipher classes, etc.
DhGenParameterSpec	The Java class `javax.crypto.spec.DHGenParameterSpec`.
DsaGenParameterSpec	The Java class `java.security.spec.DSAGenParameterSpec`.
EcGenParameterSpec	The Java class `java.security.spec.ECGenParameterSpec`.
GetSocketFactory
GetSslSessionMethod	The `getSession` method of the class `javax.net.ssl.SslSession`.
HostnameVerifier
HostnameVerifierVerify	The `verify` method of the class `javax.net.ssl.HostnameVerifier`.
HttpsUrlConnection	The `javax.net.ssl.HttpsURLConnection` class.
JavaSecurityAlgoParamGenerator	A call to the `getInstance` method declared in `java.security.AlgorithmParameterGenerator`.
JavaSecurityAlgoSpec
JavaSecurityKeyPairGenerator	A call to the `getInstance` method declared in `java.security.KeyPairGenerator`.
JavaSecurityMessageDigest
JavaSecuritySignature
JavaxCryptoAlgoSpec
JavaxCryptoCipher
JavaxCryptoKeyAgreement
JavaxCryptoKeyFactory
JavaxCryptoKeyGenerator
JavaxCryptoSecretKey
KeyGenerator	The Java class `javax.crypto.KeyGenerator`.
KeyGeneratorInitMethod	The `init` method declared in `javax.crypto.KeyGenerator`.
KeyPairGenerator	The Java class `java.security.KeyPairGenerator`.
KeyPairGeneratorInitMethod	The `initialize` method declared in `java.security.KeyPairGenerator`.
RsaKeyGenParameterSpec	The Java class `java.security.spec.RSAKeyGenParameterSpec`.
SetConnectionFactoryMethod	The `setConnectionFactory` method of the class `javax.net.ssl.HttpsURLConnection`.
SetDefaultConnectionFactoryMethod	The `setDefaultConnectionFactory` method of the class `javax.net.ssl.HttpsURLConnection`.
SetDefaultHostnameVerifierMethod	The `setDefaultHostnameVerifier` method of the class `javax.net.ssl.HttpsURLConnection`.
SetHostnameVerifierMethod
SslClass
SslContext
SslEngine	The `javax.net.ssl.SslEngine` class.
SslParameters	The `javax.net.ssl.SslParameters` class.
SslSession	The `javax.net.ssl.SslSession` class.
SslSocket	The `javax.net.ssl.SslSocket` class.
SslSocketFactory
SslUnwrapMethod	The `unwrap` method of the class `javax.net.ssl.SslEngine`.
SslWrapMethod	The `wrap` method of the class `javax.net.ssl.SslEngine`.
TrustManagerCheckMethod
X509TrustManager