Class BrokenCryptoAlgorithm::BrokenCryptoAlgorithm::Configuration

A taint tracking configuration for sensitive information in broken or weak cryptographic algorithms.

This configuration identifies flows from Sources, which are sources of sensitive data, to Sinks, which is an abstract class representing all the places sensitive data may used in broken or weak cryptographic algorithms. Additional sources or sinks can be added either by extending the relevant class, or by subclassing this configuration itself, and amending the sources and sinks.

Direct supertypes

Indirect supertypes

Predicates

isSanitizer

Holds if the intermediate node node is a taint sanitizer.

isSink

Holds if sink is a relevant taint sink.

isSource

Holds if source is a relevant taint source.

Inherited predicates

charAt

Returns a one-character string containing the character in the receiver at the given index (which ranges from 0 through length minus one)

from string
flowsFrom

DEPRECATED: Use hasFlow instead.

from Configuration
flowsTo

DEPRECATED: Use hasFlow instead.

from Configuration
hasFlow

Holds if data may flow from source to sink for this configuration.

from Configuration
hasFlowPath

Holds if data may flow from source to sink for this configuration.

from Configuration
hasPathFlow

DEPRECATED: Use hasFlowPath instead.

from Configuration
indexOf

Returns all the offsets at which the given string occurs in the receiver

from string
indexOf

Returns the index of n’th occurrence of the given string within receiver, starting at the given offset

from string
isAdditionalFlowStep

Holds if src -> trg should be considered as a flow edge in addition to standard data flow edges.

from Configuration
isAdditionalFlowStep

INTERNAL: This predicate should not normally be used outside the data flow library.

from Configuration
isAdditionalFlowStep

Holds if src -> trg is a flow edge converting flow with label inlbl to flow with label outlbl.

from Configuration
isAdditionalTaintStep

Holds if the additional taint propagation step from pred to succ must be taken into account in the analysis.

from Configuration
isBarrier

Holds if the intermediate flow node node is prohibited.

from Configuration
isBarrier

Holds if flow from src to trg is prohibited.

from Configuration
isBarrier

Holds if flow with label lbl cannot flow from src to trg.

from Configuration
isBarrierGuard

Holds if data flow node guard can act as a barrier when appearing in a condition.

from Configuration
isLabeledBarrier

Holds if flow with label lbl cannot flow into node.

from Configuration
isLowercase

Holds when the receiver contains no upper-case letters

from string
isSanitizer

Holds if the edge from source to sink is a taint sanitizer.

from Configuration
isSanitizer

Holds if the edge from source to sink is a taint sanitizer for data labelled with lbl.

from Configuration
isSanitizerGuard

Holds if data flow node guard can act as a sanitizer when appearing in a condition.

from Configuration
isSink

Holds if sink is a sink of flow labeled with lbl that is relevant for this configuration.

from Configuration
isSource

Holds if source is a source of flow labeled with lbl that is relevant for this configuration.

from Configuration
isUppercase

Holds when the receiver contains no lower-case letters

from string
length

Returns the length of the receiver (in UTF-16 code units)

from string
matches

Holds when the receiver matches the pattern. Patterns are matched by case sensitive string matching, and there are two wildcards: _ matches a single character, and % matches any sequence of characters. To match the actual characters _ or % in the pattern, they must be escaped using backslashes. For example, "anythingstring%".matches("%string\\%") holds.

from string
prefix

Returns the substring of the receiver ending at the given offset

from string
regexpCapture

When the given regexp matches the entire receiver, returns the substring matched by the given capture group

from string
regexpFind

Returns a substring of the receiver which matches the given regexp. Also returns the offset within the receiver at which the match occurred (occurrenceOffset), and the number of matches which occur at smaller offsets (occurrenceIndex)

from string
regexpMatch

Holds when the given regexp matches the entire receiver

from string
regexpReplaceAll

Returns a copy of the receiver with every substring which matches the given regexp is replaced by the replacement

from string
replaceAll

Returns a copy of the receiver with all occurrences of the target replaced by the replacement

from string
splitAt

Returns all of the substrings obtained by splitting the receiver at every occurrence of the argument

from string
splitAt

Returns the n’th substring obtained by splitting the receiver at every occurrence of the argument

from string
substring

Returns the substring of the receiver which starts and ends at the given indices

from string
suffix

Returns the substring of the receiver starting at the given offset

from string
toDate

Returns the date, if any, obtained by parsing the receiver

from string
toFloat

Returns the floating point number, if any, obtained by parsing the receiver

from string
toInt

Returns the integer, if any, obtained by parsing the receiver

from string
toLowerCase

Returns a copy of the receiver with all uppercase characters replaced by lowercase ones

from string
toString

Returns the receiver

from string
toUpperCase

Returns a copy of the receiver with all lowercase characters replaced by uppercase ones

from string
trim

Returns a copy of the receiver with all whitespace removed from the beginning and end of the string (where whitespace is defined as unicode codepoints ‘\u0000’ through ‘\u0020’ inclusive)

from string

Charpred