Add IT

SonarSource · May 15, 2024 · 9dcdadd · 9dcdadd
1 parent e5ec662
commit 9dcdadd
Show file tree

Hide file tree

Showing 7 changed files with 62 additions and 0 deletions.
diff --git a/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs b/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs
@@ -0,0 +1,18 @@
+using System.Linq;
+using System.Security.Cryptography;
+using System.Security.Cryptography.Xml;
+using System.Xml;
+
+namespace IntentionalFindings;
+
+public class S6377
+{
+    public void CheckSignature(XmlDocument xmlDoc, RSACryptoServiceProvider rsaCryptoServiceProvider)
+    {
+        var signedXml = new SignedXml(xmlDoc);
+        signedXml.LoadXml((XmlElement)xmlDoc.GetElementsByTagName("Signature").Item(0));
+
+        _ = signedXml.CheckSignature(rsaCryptoServiceProvider);
+        _ = signedXml.CheckSignature(); // The key is missing.
+    }
+}
diff --git a/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S1128-IntentionalFindings-net8.0.json b/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S1128-IntentionalFindings-net8.0.json
@@ -6,6 +6,12 @@
       "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S2857.cs#L9",
       "Location": "Line 9 Position 1-29"
     },
+    {
+      "Id": "S1128",
+      "Message": "Remove this unnecessary \u0027using\u0027.",
+      "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs#L1",
+      "Location": "Line 1 Position 1-19"
+    },
     {
       "Id": "S1128",
       "Message": "Remove this unnecessary \u0027using\u0027.",

diff --git a/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S1451-IntentionalFindings-net8.0.json b/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S1451-IntentionalFindings-net8.0.json
@@ -12,6 +12,12 @@
       "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S3416.cs#L1",
       "Location": "Line 1 Position 1-1"
     },
+    {
+      "Id": "S1451",
+      "Message": "Add or update the header of this file.",
+      "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs#L1",
+      "Location": "Line 1 Position 1-1"
+    },
     {
       "Id": "S1451",
       "Message": "Add or update the header of this file.",

diff --git a/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S2325-IntentionalFindings-net8.0.json b/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S2325-IntentionalFindings-net8.0.json
@@ -12,6 +12,12 @@
       "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S3655.cs#L13",
       "Location": "Line 13 Position 21-47"
     },
+    {
+      "Id": "S2325",
+      "Message": "Make \u0027CheckSignature\u0027 a static method.",
+      "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs#L10",
+      "Location": "Line 10 Position 17-31"
+    },
     {
       "Id": "S2325",
       "Message": "Make \u0027Method\u0027 a static method.",

diff --git a/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S3242-IntentionalFindings-net8.0.json b/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S3242-IntentionalFindings-net8.0.json
@@ -0,0 +1,10 @@
+{
+  "Issues": [
+    {
+      "Id": "S3242",
+      "Message": "Consider using more general type \u0027System.Security.Cryptography.AsymmetricAlgorithm\u0027 instead of \u0027System.Security.Cryptography.RSACryptoServiceProvider\u0027.",
+      "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs#L10",
+      "Location": "Line 10 Position 77-101"
+    }
+  ]
+}
diff --git a/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S3900-IntentionalFindings-net8.0.json b/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S3900-IntentionalFindings-net8.0.json
@@ -6,6 +6,12 @@
       "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S3416.cs#L9",
       "Location": "Line 9 Position 13-20"
     },
+    {
+      "Id": "S3900",
+      "Message": "Refactor this method to add validation of parameter \u0027xmlDoc\u0027 before using it.",
+      "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs#L13",
+      "Location": "Line 13 Position 39-45"
+    },
     {
       "Id": "S3900",
       "Message": "Refactor this method to add validation of parameter \u0027traceSwitch\u0027 before using it.",

diff --git a/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S6377-IntentionalFindings-net8.0.json b/...ers/its/expected/ManuallyAddedNoncompliantIssues.CS/S6377-IntentionalFindings-net8.0.json
@@ -0,0 +1,10 @@
+{
+  "Issues": [
+    {
+      "Id": "S6377",
+      "Message": "Change this code to only accept signatures computed from a trusted party.",
+      "Uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/Projects/ManuallyAddedNoncompliantIssues.CS/IntentionalFindings/S6377.cs#L16",
+      "Location": "Line 16 Position 13-39"
+    }
+  ]
+}