mirror of
https://github.com/github/codeql.git
synced 2026-04-23 07:45:17 +02:00
Reimplement EC, MAC, key creation logic + consumer
This commit is contained in:
File diff suppressed because it is too large
Load Diff
@@ -100,7 +100,7 @@ class ConstantDataSource extends Crypto::GenericConstantSourceInstance instanceo
|
||||
// where typical algorithms are specified, but EC specifically means set up a
|
||||
// default curve container, that will later be specified explicitly (or if not a default)
|
||||
// curve is used.
|
||||
this = any(Literal l | l.getValue() != "EC")
|
||||
this.getValue() != "EC"
|
||||
}
|
||||
|
||||
override DataFlow::Node getOutputNode() { result.asExpr() = this }
|
||||
@@ -194,6 +194,12 @@ module ArtifactUniversalFlowConfig implements DataFlow::ConfigSig {
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
|
||||
node1.(AdditionalFlowInputStep).getOutput() = node2
|
||||
or
|
||||
exists(MethodCall m |
|
||||
m.getMethod().hasQualifiedName("java.lang", "String", "getBytes") and
|
||||
node1.asExpr() = m.getQualifier() and
|
||||
node2.asExpr() = m
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
import experimental.Quantum.Language
|
||||
|
||||
from
|
||||
Crypto::CipherOperationNode op, Crypto::KeyOperationAlgorithmNode a,
|
||||
Crypto::KeyOperationNode op, Crypto::KeyOperationAlgorithmNode a,
|
||||
Crypto::ModeOfOperationAlgorithmNode m, Crypto::PaddingAlgorithmNode p,
|
||||
Crypto::NonceArtifactNode nonce, Crypto::KeyArtifactNode k
|
||||
where
|
||||
@@ -15,4 +15,4 @@ where
|
||||
nonce = op.getANonce() and
|
||||
k = op.getAKey()
|
||||
select op, op.getKeyOperationSubtype(), a, a.getRawAlgorithmName(), m, m.getRawAlgorithmName(), p,
|
||||
p.getRawAlgorithmName(), nonce, k, k.getSourceElement()
|
||||
p.getRawAlgorithmName(), nonce, k
|
||||
|
||||
Reference in New Issue
Block a user