@@ -39,36 +39,31 @@ module HardcodedSymmetricEncryptionKey {
3939 StringLiteralSource ( ) { this .asExpr ( ) instanceof StringLiteral }
4040 }
4141
42- private class SymmetricEncryptionKeyPropertySink extends Sink {
43- SymmetricEncryptionKeyPropertySink ( ) {
44- this .asExpr ( ) = any ( SymmetricAlgorithm sa ) .getKeyProperty ( ) .getAnAssignedValue ( )
45- }
46-
47- override string getDescription ( ) { result = "'Key' property assignment" }
48- }
49-
50- private class SymmetricAlgorithmCreateSinkCsv extends SinkModelCsv {
42+ private class SymmetricAlgorithmSinkCsv extends SinkModelCsv {
5143 override predicate row ( string row ) {
5244 row =
5345 [
5446 "System.Security.Cryptography;SymmetricAlgorithm;true;CreateEncryptor;(System.Byte[],System.Byte[]);;Argument[0];encryption-encryptor" ,
5547 "System.Security.Cryptography;SymmetricAlgorithm;true;CreateDecryptor;(System.Byte[],System.Byte[]);;Argument[0];encryption-decryptor" ,
48+ "System.Security.Cryptography;SymmetricAlgorithm;true;set_Key;(System.Byte[]);;Argument[0];encryption-keyprop" ,
5649 "Windows.Security.Cryptography.Core;SymmetricKeyAlgorithmProvider;false;CreateSymmetricKey;(Windows.Storage.Streams.IBuffer);;Argument[0];encryption-symmetrickey"
5750 ]
5851 }
5952 }
6053
61- private class SymmetricAlgorithmCreateEncryptorSink extends Sink {
54+ private class SymmetricAlgorithmSink extends Sink {
6255 private string kind ;
6356
64- SymmetricAlgorithmCreateEncryptorSink ( ) { sinkNode ( this , kind ) and kind .matches ( "encryption%" ) }
57+ SymmetricAlgorithmSink ( ) { sinkNode ( this , kind ) and kind .matches ( "encryption%" ) }
6558
6659 override string getDescription ( ) {
6760 kind = "encryption-encryptor" and result = "Encryptor(rgbKey, IV)"
6861 or
6962 kind = "encryption-decryptor" and result = "Decryptor(rgbKey, IV)"
7063 or
7164 kind = "encryption-symmetrickey" and result = "CreateSymmetricKey(IBuffer keyMaterial)"
65+ or
66+ kind = "encryption-keyprop" and result = "'Key' property assignment"
7267 }
7368 }
7469
0 commit comments