Skip to content
CodeQL

[Client] select the most secure User Identity Token if a server offers multiple ones #2515

Sign in to view logs

[Client] select the most secure User Identity Token if a server offers multiple ones

[Client] select the most secure User Identity Token if a server offers multiple ones #2515

Triggered via pull request May 6, 2024 04:25
@romanettromanett
opened #2611
romanett:ClientMostSecureUserIdentityToken
Status Success
Total duration 24m 25s
Artifacts

codeql-analysis.yml

on: pull_request
Matrix: Analyze
Fit to window
Zoom out
Zoom in

Annotations

10 warnings
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/X509Crl/CrlReason.cs#L53
Mark enums with FlagsAttribute (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1027)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/Extensions/X509AuthorityKeyIdentifierExtension.cs#L66
In externally visible method 'X509AuthorityKeyIdentifierExtension.X509AuthorityKeyIdentifierExtension(AsnEncodedData encodedExtension, bool critical)', validate parameter 'encodedExtension' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/Extensions/X509CrlNumberExtension.cs#L60
In externally visible method 'X509CrlNumberExtension.X509CrlNumberExtension(AsnEncodedData encodedExtension, bool critical)', validate parameter 'encodedExtension' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/Extensions/X509SubjectAltNameExtension.cs#L88
In externally visible method 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(AsnEncodedData encodedExtension, bool critical)', validate parameter 'encodedExtension' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/Extensions/X509SubjectAltNameExtension.cs#L116
Change the type of parameter 'applicationUri' of method 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(string, IEnumerable<string>)' from 'string' to 'System.Uri', or provide an overload to 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(string, IEnumerable<string>)' that allows 'applicationUri' to be passed as a 'System.Uri' object (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1054)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/Extensions/X509SubjectAltNameExtension.cs#L121
In externally visible method 'X509SubjectAltNameExtension.X509SubjectAltNameExtension(string applicationUri, IEnumerable<string> domainNames)', validate parameter 'domainNames' is non-null before using it. If appropriate, throw an 'ArgumentNullException' when the argument is 'null'. (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca1062)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/Org.BouncyCastle/PEMReader.cs#L65
Call System.IDisposable.Dispose on object created by 'new Org.BouncyCastle.OpenSsl.PemReader(pemStreamReader, pwFinder)' before all references to it are out of scope (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/Org.BouncyCastle/PEMReader.cs#L60
Call System.IDisposable.Dispose on object created by 'new Org.BouncyCastle.OpenSsl.PemReader(pemStreamReader)' before all references to it are out of scope (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2000)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/X509Certificate/CertificateBuilderBase.cs#L67
Do not call overridable methods in constructors (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214)
Analyze (csharp): Libraries/Opc.Ua.Security.Certificates/X509Certificate/CertificateBuilderBase.cs#L76
Do not call overridable methods in constructors (https://learn.microsoft.com/dotnet/fundamentals/code-analysis/quality-rules/ca2214)