Add Nonce association to Operation, update graph

2026-05-03 12:45:27 +02:00 · 2025-02-24 17:37:41 +01:00
parent 86cab46b8d
commit 2b0b927b0b
8 changed files with 299 additions and 210 deletions
--- a/misc/scripts/cryptography/cbom.sh
+++ b/misc/scripts/cryptography/cbom.sh
@@ -1,8 +1,8 @@
 #!/bin/bash

-CODEQL_PATH="/Users/nicolaswill/Library/Application Support/Code/User/globalStorage/github.vscode-codeql/distribution5/codeql/codeql"
-DATABASE_PATH="/Users/nicolaswill/openssl_codeql/openssl/openssl_db"
-QUERY_FILE="/Users/nicolaswill/pqc/codeql/cpp/ql/src/experimental/Quantum/CBOMGraph.ql"
+CODEQL_PATH="/Users/nicolaswill/.local/share/gh/extensions/gh-codeql/dist/release/v2.20.4/codeql"
+DATABASE_PATH="/Users/nicolaswill/pqc/gpt-crypto-test-cases/gpt_ai_gen_jca_test_cases_db"
+QUERY_FILE="/Users/nicolaswill/pqc/codeql/java/ql/src/experimental/Quantum/PrintCBOMGraph.ql"
 OUTPUT_DIR="graph_output"

 python3 generate_cbom.py -c "$CODEQL_PATH" -d "$DATABASE_PATH" -q "$QUERY_FILE" -o "$OUTPUT_DIR"
--- a/misc/scripts/cryptography/generate_cbom.py
+++ b/misc/scripts/cryptography/generate_cbom.py
@@ -56,6 +56,9 @@ def convert_dgml_to_dot(dgml_file, dot_file):
            else:
                label_parts.append(f"{key}={value}")
        label = "\\n".join(label_parts)
+        # Escape forward slashes and double quotes
+        label = label.replace("/", "\\/")
+        label = label.replace("\"", "\\\"")
        prop_l = [f'label="{label}"']
        node_s = f'nd_{node_id} [{", ".join(prop_l)}];'
        body_l.append(node_s)
@@ -63,8 +66,11 @@ def convert_dgml_to_dot(dgml_file, dot_file):
    # Process edges
    for edge in root.find("{http://schemas.microsoft.com/vs/2009/dgml}Links"):
        att = edge.attrib
+        edge_label = att.get("Label", "")
+        edge_label = edge_label.replace("/", "\\/")
+        edge_label = edge_label.replace("\"", "\\\"")
        edge_s = 'nd_{} -> nd_{} [label="{}"];'.format(
-            att["Source"], att["Target"], att.get("Label", ""))
+            att["Source"], att["Target"], edge_label)
        body_l.append(edge_s)

    body_l.append("}")
@@ -89,7 +95,7 @@ def main():
    run_codeql_analysis(args.codeql, args.database, args.query, args.output)

    # Locate DGML file
-    dgml_file = os.path.join(args.output, "cbomgraph.dgml")
+    dgml_file = os.path.join(args.output, "java", "print-cbom-graph.dgml")
    dot_file = dgml_file.replace(".dgml", ".dot")

    if os.path.exists(dgml_file):