protected override void Initialize(SonarAnalysisContext context)
{
InvocationTracker.Track(context,
InvocationTracker.MatchMethod(
new MemberDescriptor(KnownType.System_Security_Cryptography_RSA, "Encrypt"),
new MemberDescriptor(KnownType.System_Security_Cryptography_RSA, "TryEncrypt")),
Conditions.Or(
InvocationTracker.ArgumentIsBoolConstant("fOAEP", false),
HasPkcs1PaddingArgument()));
// There exist no GCM mode with AesManaged, so any mode we set will be insecure. We do not raise
// when inside an ObjectInitializerExpression, as the issue is already raised on the constructor
PropertyAccessTracker.Track(context,
PropertyAccessTracker.MatchProperty(
new MemberDescriptor(KnownType.System_Security_Cryptography_AesManaged, "Mode")),
PropertyAccessTracker.MatchSetter(),
Conditions.ExceptWhen(IsInsideObjectInitializer()));
ObjectCreationTracker.Track(context,
ObjectCreationTracker.MatchConstructor(KnownType.System_Security_Cryptography_AesManaged));
}
