Reimplement EC, MAC, key creation logic + consumer

java/ql/lib/experimental/Quantum/Language.qll

@@ -100,7 +100,7 @@ class ConstantDataSource extends Crypto::GenericConstantSourceInstance instanceo
     // where typical algorithms are specified, but EC specifically means set up a
     // default curve container, that will later be specified explicitly (or if not a default)
     // curve is used.
-    this = any(Literal l | l.getValue() != "EC")
+    this.getValue() != "EC"
   }
 
   override DataFlow::Node getOutputNode() { result.asExpr() = this }
@@ -194,6 +194,12 @@ module ArtifactUniversalFlowConfig implements DataFlow::ConfigSig {
 
   predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
     node1.(AdditionalFlowInputStep).getOutput() = node2
+    or
+    exists(MethodCall m |
+      m.getMethod().hasQualifiedName("java.lang", "String", "getBytes") and
+      node1.asExpr() = m.getQualifier() and
+      node2.asExpr() = m
+    )
   }
 }
 

java/ql/src/experimental/Quantum/TestCipher.ql

@@ -5,7 +5,7 @@
 import experimental.Quantum.Language
 
 from
-  Crypto::CipherOperationNode op, Crypto::KeyOperationAlgorithmNode a,
+  Crypto::KeyOperationNode op, Crypto::KeyOperationAlgorithmNode a,
   Crypto::ModeOfOperationAlgorithmNode m, Crypto::PaddingAlgorithmNode p,
   Crypto::NonceArtifactNode nonce, Crypto::KeyArtifactNode k
 where
@@ -15,4 +15,4 @@ where
   nonce = op.getANonce() and
   k = op.getAKey()
 select op, op.getKeyOperationSubtype(), a, a.getRawAlgorithmName(), m, m.getRawAlgorithmName(), p,
-  p.getRawAlgorithmName(), nonce, k, k.getSourceElement()
+  p.getRawAlgorithmName(), nonce, k