sync identical files

erik-krogh · erik-krogh · commit 5975e19f53e7 · 2021-11-02T14:45:33.000+01:00
diff --git a/python/ql/lib/semmle/python/concepts/CryptoAlgorithms.qll b/python/ql/lib/semmle/python/concepts/CryptoAlgorithms.qll
@@ -31,22 +31,30 @@ private module AlgorithmNames {
   }
 
   predicate isStrongEncryptionAlgorithm(string name) {
-    name = ["AES", "AES128", "AES192", "AES256", "AES512", "RSA", "RABBIT", "BLOWFISH"]
+    name = [appendMode("AES"), "AES128", "AES192", "AES256", "AES512", "RSA", "RABBIT", "BLOWFISH"]
+  }
+
+  /**
+   * Gets the name with a mode of operation added as a suffix.
+   */
+  bindingset[name]
+  private string appendMode(string name) {
+    result = name + ["", "CBC", "ECB", "CFB", "OFB", "CTR", "GCM"]
   }
 
   predicate isWeakEncryptionAlgorithm(string name) {
     name =
       [
-        "DES", "3DES", "TRIPLEDES", "TDEA", "TRIPLEDEA", "ARC2", "RC2", "ARC4", "RC4", "ARCFOUR",
-        "ARC5", "RC5"
+        appendMode("DES"), appendMode("3DES"), "TRIPLEDES", "TDEA", "TRIPLEDEA", "ARC2", "RC2",
+        "ARC4", "RC4", "ARCFOUR", "ARC5", "RC5"
       ]
   }
 
   predicate isStrongPasswordHashingAlgorithm(string name) {
     name = ["ARGON2", "PBKDF2", "BCRYPT", "SCRYPT"]
   }
 
-  predicate isWeakPasswordHashingAlgorithm(string name) { none() }
+  predicate isWeakPasswordHashingAlgorithm(string name) { name = "EVPKDF" }
 }
 
 private import AlgorithmNames

Original file line number	Diff line number	Diff line change
`@@ -31,22 +31,30 @@ private module AlgorithmNames {`
`31`	`31`	`}`
`32`	`32`
`33`	`33`	`predicate isStrongEncryptionAlgorithm(string name) {`
`34`		`- name = ["AES", "AES128", "AES192", "AES256", "AES512", "RSA", "RABBIT", "BLOWFISH"]`
	`34`	`+ name = [appendMode("AES"), "AES128", "AES192", "AES256", "AES512", "RSA", "RABBIT", "BLOWFISH"]`
	`35`	`+ }`
	`36`	`+`
	`37`	`+ /**`
	`38`	`+ * Gets the name with a mode of operation added as a suffix.`
	`39`	`+ */`
	`40`	`+ bindingset[name]`
	`41`	`+ private string appendMode(string name) {`
	`42`	`+ result = name + ["", "CBC", "ECB", "CFB", "OFB", "CTR", "GCM"]`
`35`	`43`	`}`
`36`	`44`
`37`	`45`	`predicate isWeakEncryptionAlgorithm(string name) {`
`38`	`46`	`name =`
`39`	`47`	`[`
`40`		`- "DES", "3DES", "TRIPLEDES", "TDEA", "TRIPLEDEA", "ARC2", "RC2", "ARC4", "RC4", "ARCFOUR",`
`41`		`- "ARC5", "RC5"`
	`48`	`+ appendMode("DES"), appendMode("3DES"), "TRIPLEDES", "TDEA", "TRIPLEDEA", "ARC2", "RC2",`
	`49`	`+ "ARC4", "RC4", "ARCFOUR", "ARC5", "RC5"`
`42`	`50`	`]`
`43`	`51`	`}`
`44`	`52`
`45`	`53`	`predicate isStrongPasswordHashingAlgorithm(string name) {`
`46`	`54`	`name = ["ARGON2", "PBKDF2", "BCRYPT", "SCRYPT"]`
`47`	`55`	`}`
`48`	`56`
`49`		`- predicate isWeakPasswordHashingAlgorithm(string name) { none() }`
	`57`	`+ predicate isWeakPasswordHashingAlgorithm(string name) { name = "EVPKDF" }`
`50`	`58`	`}`
`51`	`59`
`52`	`60`	`private import AlgorithmNames`