From 5eb91fd5168ae675bf1c8f6f89ae38641cc4da14 Mon Sep 17 00:00:00 2001
From: Arthur Baars <aibaars@github.com>
Date: Mon, 25 Nov 2024 11:25:45 +0100
Subject: [PATCH] Drop SHA3-224

Drop the 224bits variant as it looks like SHA3-224 may be deprecated soon based on NIST's most recent draft revision of Transitioning the Use of Cryptographic Algorithms and Key Lengths
---
 java/ql/lib/semmle/code/java/security/Encryption.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/ql/lib/semmle/code/java/security/Encryption.qll b/java/ql/lib/semmle/code/java/security/Encryption.qll
index 80b41233bde3..e6608d85872a 100644
--- a/java/ql/lib/semmle/code/java/security/Encryption.qll
+++ b/java/ql/lib/semmle/code/java/security/Encryption.qll
@@ -250,7 +250,7 @@ string getASecureAlgorithmName() {
   result =
     [
       "RSA", "SHA-?256", "SHA-?512", "CCM", "GCM", "AES(?![^a-zA-Z](ECB|CBC/PKCS[57]Padding))",
-      "Blowfish", "ECIES", "SHA3-(224|256|384|512)"
+      "Blowfish", "ECIES", "SHA3-(256|384|512)"
     ]
 }