protected override void Initialize(SonarAnalysisContext context) { InvocationTracker.Track(context, InvocationTracker.MatchMethod( new MemberDescriptor(KnownType.System_Security_Cryptography_RSA, "Encrypt"), new MemberDescriptor(KnownType.System_Security_Cryptography_RSA, "TryEncrypt")), Conditions.Or( InvocationTracker.ArgumentIsBoolConstant("fOAEP", false), HasPkcs1PaddingArgument())); // There exist no GCM mode with AesManaged, so any mode we set will be insecure. We do not raise // when inside an ObjectInitializerExpression, as the issue is already raised on the constructor PropertyAccessTracker.Track(context, PropertyAccessTracker.MatchProperty( new MemberDescriptor(KnownType.System_Security_Cryptography_AesManaged, "Mode")), PropertyAccessTracker.MatchSetter(), Conditions.ExceptWhen(IsInsideObjectInitializer())); ObjectCreationTracker.Track(context, ObjectCreationTracker.MatchConstructor(KnownType.System_Security_Cryptography_AesManaged)); }