src/pqc_lint/patterns/javascript.py
| 1 | """JavaScript / TypeScript crypto patterns.""" |
| 2 | |
| 3 | from __future__ import annotations |
| 4 | |
| 5 | from pqc_lint.patterns.base import PatternMatcher, compile_patterns |
| 6 | |
| 7 | |
| 8 | class JavaScriptMatcher(PatternMatcher): |
| 9 | language = "javascript" |
| 10 | file_extensions = (".js", ".jsx", ".mjs", ".cjs", ".ts", ".tsx") |
| 11 | patterns = compile_patterns([ |
| 12 | # Node crypto |
| 13 | ("PQC001", r"""crypto\.generateKeyPair(?:Sync)?\s*\(\s*['"]rsa['"]"""), |
| 14 | ("PQC002", r"""crypto\.generateKeyPair(?:Sync)?\s*\(\s*['"]ec['"]"""), |
| 15 | ("PQC002", r"""crypto\.createSign\s*\(\s*['"]SHA(?:256|384|512)['"]\s*\)"""), |
| 16 | ("PQC003", r"""crypto\.generateKeyPair(?:Sync)?\s*\(\s*['"]ed25519['"]"""), |
| 17 | ("PQC004", r"""crypto\.generateKeyPair(?:Sync)?\s*\(\s*['"]dsa['"]"""), |
| 18 | ("PQC101", r"""crypto\.createECDH\s*\("""), |
| 19 | ("PQC102", r"""crypto\.createDiffieHellman\s*\("""), |
| 20 | ("PQC103", r"""crypto\.generateKeyPair(?:Sync)?\s*\(\s*['"]x25519['"]"""), |
| 21 | # Web Crypto API |
| 22 | ("PQC001", r"""name\s*:\s*['"]RSASSA-PKCS1-v1_5['"]"""), |
| 23 | ("PQC001", r"""name\s*:\s*['"]RSA-PSS['"]"""), |
| 24 | ("PQC201", r"""name\s*:\s*['"]RSA-OAEP['"]"""), |
| 25 | ("PQC002", r"""name\s*:\s*['"]ECDSA['"]"""), |
| 26 | ("PQC101", r"""name\s*:\s*['"]ECDH['"]"""), |
| 27 | # node-forge |
| 28 | ("PQC001", r"""forge\.pki\.rsa\.generateKeyPair\s*\("""), |
| 29 | ("PQC202", r"""forge\.pki\.rsa\.encrypt\s*\("""), |
| 30 | # tweetnacl / nacl |
| 31 | ("PQC003", r"""nacl\.sign\.keyPair\s*\("""), |
| 32 | ("PQC103", r"""nacl\.box\.keyPair\s*\("""), |
| 33 | # hashes |
| 34 | ("PQC301", r"""crypto\.createHash\s*\(\s*['"]md5['"]"""), |
| 35 | ("PQC302", r"""crypto\.createHash\s*\(\s*['"]sha1['"]"""), |
| 36 | ("PQC301", r"""name\s*:\s*['"]MD5['"]"""), |
| 37 | ("PQC302", r"""name\s*:\s*['"]SHA-1['"]"""), |
| 38 | ]) |
| 39 | |