Predicate Ciphers::isOpenSslCipher
Holds if name
is a known OpenSSL::Cipher
. Supported ciphers depend on the
version of OpenSSL
or LibreSSL
specified when installing the openssl
gem.
Ciphers listed here are sourced from OpenSSL 1.1.1 and LibreSSL 3.4.1.
In the general case, a name will include the cipher name, the key length, and the block encryption mode.
Note that since the cipher name itself always comes first in these names
and always uses a “-” to demark to block mode, we can safely uppercase
these names when checking against an algorithmRegex
.
See https://ruby-doc.org/stdlib-3.0.1/libdoc/openssl/rdoc/OpenSSL/Cipher.html
Import path
import codeql.ruby.security.OpenSSL
predicate isOpenSslCipher(string name)