condense code

Jami Cogswell · Jami Cogswell · commit e0f0d554cb11 · 2022-10-12T22:18:07.000-04:00
diff --git a/java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll b/java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll
@@ -96,20 +96,22 @@ private predicate hasKeySizeInInitMethod(DataFlow::Node node, string typeFlag) {
       jcaSpec instanceof JavaSecurityKeyPairGenerator and typeFlag.matches("asymmetric%")
     ) and
     (
-      jcaSpec.getAlgoSpec().(StringLiteral).getValue().toUpperCase() = "AES" and
-      typeFlag = "symmetric"
+      getAlgoName(jcaSpec) = "AES" and typeFlag = "symmetric"
       or
-      jcaSpec.getAlgoSpec().(StringLiteral).getValue().toUpperCase().matches(["RSA", "DSA", "DH"]) and
-      typeFlag = "asymmetric-non-ec"
+      getAlgoName(jcaSpec).matches(["RSA", "DSA", "DH"]) and typeFlag = "asymmetric-non-ec"
       or
-      jcaSpec.getAlgoSpec().(StringLiteral).getValue().toUpperCase().matches("EC%") and
-      typeFlag = "asymmetric-ec"
+      getAlgoName(jcaSpec).matches("EC%") and typeFlag = "asymmetric-ec"
     ) and
     DataFlow::localExprFlow(jcaSpec, ma.getQualifier()) and
     node.asExpr() = ma.getArgument(0)
   )
 }
 
+// TODO: this predicate is just a poc for more code condensing; redo this
+private string getAlgoName(JavaxCryptoAlgoSpec jca) {
+  result = jca.getAlgoSpec().(StringLiteral).getValue().toUpperCase()
+}
+
 // TODO: rethink the predicate name; also think about whether this could/should be a class instead; or a predicate within the sink class so can do sink.predicate()...
 // TODO: can prbly re-work way using the typeFlag to be better and less repetitive
 private predicate hasKeySizeInSpec(DataFlow::Node node, string typeFlag) {
