mirror of
https://github.com/github/codeql.git
synced 2026-04-22 07:15:15 +02:00
Crypto: Update KnownAlgoirthmConstants to make a distinction between calls that return a known algorithm and calls that operate on a known algorithm. update KnownAlgorithmConstants to correct algType for signature algorithms. Update all instances and prior uses of the old mechanic to KnownAlgorithmConstants.
This commit is contained in:
REDMOND\brodes
@@ -14,7 +14,9 @@ private import PaddingAlgorithmInstance
|
||||
*/
|
||||
module KnownOpenSSLAlgorithmToAlgorithmValueConsumerConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source.asExpr() instanceof KnownOpenSSLAlgorithmConstant
|
||||
source.asExpr() instanceof KnownOpenSSLAlgorithmExpr and
|
||||
// No need to flow direct operations to AVCs
|
||||
not source.asExpr() instanceof OpenSSLDirectAlgorithmOperationCall
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
|
||||
@@ -7,14 +7,14 @@ private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgor
|
||||
private import AlgToAVCFlow
|
||||
|
||||
/**
|
||||
* Given a `KnownOpenSSLBlockModeAlgorithmConstant`, converts this to a block family type.
|
||||
* Given a `KnownOpenSSLBlockModeAlgorithmExpr`, converts this to a block family type.
|
||||
* Does not bind if there is no mapping (no mapping to 'unknown' or 'other').
|
||||
*/
|
||||
predicate knownOpenSSLConstantToBlockModeFamilyType(
|
||||
KnownOpenSSLBlockModeAlgorithmConstant e, Crypto::TBlockCipherModeOfOperationType type
|
||||
KnownOpenSSLBlockModeAlgorithmExpr e, Crypto::TBlockCipherModeOfOperationType type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
name = e.(KnownOpenSSLAlgorithmExpr).getNormalizedName() and
|
||||
(
|
||||
name.matches("CBC") and type instanceof Crypto::CBC
|
||||
or
|
||||
@@ -40,7 +40,7 @@ predicate knownOpenSSLConstantToBlockModeFamilyType(
|
||||
}
|
||||
|
||||
class KnownOpenSSLBlockModeConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::ModeOfOperationAlgorithmInstance instanceof KnownOpenSSLBlockModeAlgorithmConstant
|
||||
Crypto::ModeOfOperationAlgorithmInstance instanceof KnownOpenSSLBlockModeAlgorithmExpr
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
@@ -49,7 +49,7 @@ class KnownOpenSSLBlockModeConstantAlgorithmInstance extends OpenSSLAlgorithmIns
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
this instanceof OpenSSLAlgorithmLiteral and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
@@ -60,7 +60,8 @@ class KnownOpenSSLBlockModeConstantAlgorithmInstance extends OpenSSLAlgorithmIns
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
this instanceof OpenSSLAlgorithmCall and
|
||||
getterCall = this
|
||||
}
|
||||
|
||||
override Crypto::TBlockCipherModeOfOperationType getModeType() {
|
||||
|
||||
@@ -10,14 +10,14 @@ private import AlgToAVCFlow
|
||||
private import BlockAlgorithmInstance
|
||||
|
||||
/**
|
||||
* Given a `KnownOpenSSLCipherAlgorithmConstant`, converts this to a cipher family type.
|
||||
* Given a `KnownOpenSSLCipherAlgorithmExpr`, converts this to a cipher family type.
|
||||
* Does not bind if there is no mapping (no mapping to 'unknown' or 'other').
|
||||
*/
|
||||
predicate knownOpenSSLConstantToCipherFamilyType(
|
||||
KnownOpenSSLCipherAlgorithmConstant e, Crypto::KeyOpAlg::TAlgorithm type
|
||||
KnownOpenSSLCipherAlgorithmExpr e, Crypto::KeyOpAlg::TAlgorithm type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
name = e.(KnownOpenSSLAlgorithmExpr).getNormalizedName() and
|
||||
(
|
||||
name.matches("AES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::AES())
|
||||
or
|
||||
@@ -65,7 +65,7 @@ predicate knownOpenSSLConstantToCipherFamilyType(
|
||||
}
|
||||
|
||||
class KnownOpenSSLCipherConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::KeyOperationAlgorithmInstance instanceof KnownOpenSSLCipherAlgorithmConstant
|
||||
Crypto::KeyOperationAlgorithmInstance instanceof KnownOpenSSLCipherAlgorithmExpr
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
@@ -74,7 +74,7 @@ class KnownOpenSSLCipherConstantAlgorithmInstance extends OpenSSLAlgorithmInstan
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
this instanceof OpenSSLAlgorithmLiteral and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
@@ -85,7 +85,8 @@ class KnownOpenSSLCipherConstantAlgorithmInstance extends OpenSSLAlgorithmInstan
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
this instanceof OpenSSLAlgorithmCall and
|
||||
getterCall = this
|
||||
}
|
||||
|
||||
override Crypto::ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() {
|
||||
@@ -109,7 +110,7 @@ class KnownOpenSSLCipherConstantAlgorithmInstance extends OpenSSLAlgorithmInstan
|
||||
}
|
||||
|
||||
override int getKeySizeFixed() {
|
||||
this.(KnownOpenSSLCipherAlgorithmConstant).getExplicitKeySize() = result
|
||||
this.(KnownOpenSSLCipherAlgorithmExpr).getExplicitKeySize() = result
|
||||
}
|
||||
|
||||
override Crypto::KeyOpAlg::Algorithm getAlgorithmType() {
|
||||
|
||||
@@ -7,7 +7,7 @@ private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgori
|
||||
private import AlgToAVCFlow
|
||||
|
||||
class KnownOpenSSLEllipticCurveConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::EllipticCurveInstance instanceof KnownOpenSSLEllipticCurveAlgorithmConstant
|
||||
Crypto::EllipticCurveInstance instanceof KnownOpenSSLEllipticCurveAlgorithmExpr
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
@@ -16,7 +16,7 @@ class KnownOpenSSLEllipticCurveConstantAlgorithmInstance extends OpenSSLAlgorith
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
this instanceof OpenSSLAlgorithmLiteral and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.getInputNode() and
|
||||
@@ -27,7 +27,8 @@ class KnownOpenSSLEllipticCurveConstantAlgorithmInstance extends OpenSSLAlgorith
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
this instanceof OpenSSLAlgorithmCall and
|
||||
getterCall = this
|
||||
}
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
@@ -43,11 +44,11 @@ class KnownOpenSSLEllipticCurveConstantAlgorithmInstance extends OpenSSLAlgorith
|
||||
}
|
||||
|
||||
override string getParsedEllipticCurveName() {
|
||||
result = this.(KnownOpenSSLEllipticCurveAlgorithmConstant).getNormalizedName()
|
||||
result = this.(KnownOpenSSLAlgorithmExpr).getNormalizedName()
|
||||
}
|
||||
|
||||
override int getKeySize() {
|
||||
Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.(KnownOpenSSLEllipticCurveAlgorithmConstant)
|
||||
Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.(KnownOpenSSLAlgorithmExpr)
|
||||
.getNormalizedName(), result, _)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,10 +6,10 @@ private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmI
|
||||
private import AlgToAVCFlow
|
||||
|
||||
predicate knownOpenSSLConstantToHashFamilyType(
|
||||
KnownOpenSSLHashAlgorithmConstant e, Crypto::THashType type
|
||||
KnownOpenSSLHashAlgorithmExpr e, Crypto::THashType type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
name = e.(KnownOpenSSLAlgorithmExpr).getNormalizedName() and
|
||||
(
|
||||
name.matches("BLAKE2B") and type instanceof Crypto::BLAKE2B
|
||||
or
|
||||
@@ -45,7 +45,7 @@ predicate knownOpenSSLConstantToHashFamilyType(
|
||||
}
|
||||
|
||||
class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::HashAlgorithmInstance instanceof KnownOpenSSLHashAlgorithmConstant
|
||||
Crypto::HashAlgorithmInstance instanceof KnownOpenSSLHashAlgorithmExpr
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
@@ -54,7 +54,7 @@ class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
this instanceof OpenSSLAlgorithmLiteral and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
@@ -65,7 +65,8 @@ class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
this instanceof OpenSSLAlgorithmCall and
|
||||
getterCall = this
|
||||
}
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
@@ -83,6 +84,6 @@ class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance
|
||||
}
|
||||
|
||||
override int getFixedDigestLength() {
|
||||
this.(KnownOpenSSLHashAlgorithmConstant).getExplicitDigestLength() = result
|
||||
this.(KnownOpenSSLHashAlgorithmExpr).getExplicitDigestLength() = result
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,10 +6,10 @@ private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmI
|
||||
private import AlgToAVCFlow
|
||||
|
||||
predicate knownOpenSSLConstantToKeyAgreementFamilyType(
|
||||
KnownOpenSSLKeyAgreementAlgorithmConstant e, Crypto::TKeyAgreementType type
|
||||
KnownOpenSSLKeyAgreementAlgorithmExpr e, Crypto::TKeyAgreementType type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
name = e.(KnownOpenSSLAlgorithmExpr).getNormalizedName() and
|
||||
(
|
||||
name = "ECDH" and type = Crypto::ECDH()
|
||||
or
|
||||
@@ -23,7 +23,7 @@ predicate knownOpenSSLConstantToKeyAgreementFamilyType(
|
||||
}
|
||||
|
||||
class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
|
||||
Crypto::KeyAgreementAlgorithmInstance instanceof KnownOpenSSLKeyAgreementAlgorithmConstant
|
||||
Crypto::KeyAgreementAlgorithmInstance instanceof KnownOpenSSLKeyAgreementAlgorithmExpr
|
||||
{
|
||||
OpenSSLAlgorithmValueConsumer getterCall;
|
||||
|
||||
@@ -32,7 +32,7 @@ class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance
|
||||
// 1) The source is a literal and flows to a getter, then we know we have an instance
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
this instanceof OpenSSLAlgorithmLiteral and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.getInputNode() and
|
||||
@@ -43,7 +43,9 @@ class KnownOpenSSLHashConstantAlgorithmInstance extends OpenSSLAlgorithmInstance
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and getterCall = this
|
||||
this instanceof OpenSSLAlgorithmCall and
|
||||
this instanceof DirectAlgorithmValueConsumer and
|
||||
getterCall = this
|
||||
}
|
||||
|
||||
override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
|
||||
|
||||
@@ -1,78 +1,43 @@
|
||||
import cpp
|
||||
import experimental.quantum.OpenSSL.GenericSourceCandidateLiteral
|
||||
|
||||
predicate resolveAlgorithmFromExpr(Expr e, string normalizedName, string algType) {
|
||||
resolveAlgorithmFromCall(e, normalizedName, algType)
|
||||
or
|
||||
resolveAlgorithmFromLiteral(e, normalizedName, algType)
|
||||
}
|
||||
|
||||
class KnownOpenSSLAlgorithmConstant extends Expr {
|
||||
KnownOpenSSLAlgorithmConstant() { resolveAlgorithmFromExpr(this, _, _) }
|
||||
|
||||
string getNormalizedName() { resolveAlgorithmFromExpr(this, result, _) }
|
||||
|
||||
string getAlgType() { resolveAlgorithmFromExpr(this, _, result) }
|
||||
}
|
||||
|
||||
class KnownOpenSSLCipherAlgorithmConstant extends KnownOpenSSLAlgorithmConstant {
|
||||
string algType;
|
||||
|
||||
KnownOpenSSLCipherAlgorithmConstant() {
|
||||
resolveAlgorithmFromExpr(this, _, algType) and
|
||||
algType.matches("%ENCRYPTION")
|
||||
}
|
||||
|
||||
int getExplicitKeySize() {
|
||||
exists(string name |
|
||||
name = this.getNormalizedName() and
|
||||
resolveAlgorithmFromExpr(this, name, algType) and
|
||||
result = name.regexpCapture(".*-(\\d*)", 1).toInt()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class KnownOpenSSLPaddingAlgorithmConstant extends KnownOpenSSLAlgorithmConstant {
|
||||
KnownOpenSSLPaddingAlgorithmConstant() {
|
||||
exists(string algType |
|
||||
resolveAlgorithmFromExpr(this, _, algType) and
|
||||
algType.matches("%PADDING")
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class KnownOpenSSLBlockModeAlgorithmConstant extends KnownOpenSSLAlgorithmConstant {
|
||||
KnownOpenSSLBlockModeAlgorithmConstant() { resolveAlgorithmFromExpr(this, _, "BLOCK_MODE") }
|
||||
}
|
||||
|
||||
class KnownOpenSSLHashAlgorithmConstant extends KnownOpenSSLAlgorithmConstant {
|
||||
KnownOpenSSLHashAlgorithmConstant() { resolveAlgorithmFromExpr(this, _, "HASH") }
|
||||
|
||||
int getExplicitDigestLength() {
|
||||
exists(string name |
|
||||
name = this.getNormalizedName() and
|
||||
resolveAlgorithmFromExpr(this, name, "HASH") and
|
||||
result = name.regexpCapture(".*-(\\d*)$", 1).toInt()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class KnownOpenSSLEllipticCurveAlgorithmConstant extends KnownOpenSSLAlgorithmConstant {
|
||||
KnownOpenSSLEllipticCurveAlgorithmConstant() {
|
||||
resolveAlgorithmFromExpr(this, _, "ELLIPTIC_CURVE")
|
||||
}
|
||||
}
|
||||
|
||||
class KnownOpenSSLSignatureAlgorithmConstant extends KnownOpenSSLAlgorithmConstant {
|
||||
KnownOpenSSLSignatureAlgorithmConstant() { resolveAlgorithmFromExpr(this, _, "SIGNATURE") }
|
||||
}
|
||||
|
||||
class KnownOpenSSLKeyAgreementAlgorithmConstant extends KnownOpenSSLAlgorithmConstant {
|
||||
KnownOpenSSLKeyAgreementAlgorithmConstant() { resolveAlgorithmFromExpr(this, _, "KEY_AGREEMENT") }
|
||||
predicate resolveAlgorithmFromExpr(
|
||||
KnownOpenSSLAlgorithmExpr e, string normalizedName, string algType
|
||||
) {
|
||||
normalizedName = e.getNormalizedName() and
|
||||
algType = e.getAlgType()
|
||||
}
|
||||
|
||||
/**
|
||||
* Resolves a call to a 'direct algorithm getter', e.g., EVP_MD5()
|
||||
* An expression that resolves to a known OpenSSL algorithm constant.
|
||||
* This can be a literal, a call to a known OpenSSL algorithm constant getter,
|
||||
* or a call to an operation that directly operates on a known algorithm.
|
||||
*/
|
||||
abstract class KnownOpenSSLAlgorithmExpr extends Expr {
|
||||
abstract string getNormalizedName();
|
||||
|
||||
abstract string getAlgType();
|
||||
}
|
||||
|
||||
class OpenSSLAlgorithmLiteral extends KnownOpenSSLAlgorithmExpr instanceof Literal {
|
||||
string normalizedName;
|
||||
string algType;
|
||||
|
||||
OpenSSLAlgorithmLiteral() { resolveAlgorithmFromLiteral(this, normalizedName, algType) }
|
||||
|
||||
override string getNormalizedName() { result = normalizedName }
|
||||
|
||||
override string getAlgType() { result = algType }
|
||||
}
|
||||
|
||||
/**
|
||||
* A call to either an OpenSSL algorithm constant 'getter', e.g., EVP_MD5()
|
||||
* or call to an operation that directly operates on a known algorithm, e.g., AES_encrypt
|
||||
*/
|
||||
abstract class OpenSSLAlgorithmCall extends KnownOpenSSLAlgorithmExpr instanceof Call { }
|
||||
|
||||
/**
|
||||
* A call to a 'direct algorithm getter', e.g., EVP_MD5()
|
||||
* This approach to fetching algorithms was used in OpenSSL 1.0.2.
|
||||
* The strategy for resolving these calls is to parse the target name
|
||||
* and resolve the name as though it were a known literal.
|
||||
@@ -81,15 +46,112 @@ class KnownOpenSSLKeyAgreementAlgorithmConstant extends KnownOpenSSLAlgorithmCon
|
||||
* set of aliases. E.g., EVP_dss() and EVP_dss1() needed such mappings
|
||||
* alias = "dss" and target = "dsa"
|
||||
* or
|
||||
* alias = "dss1" and target = "dsaWithSHA1"
|
||||
* alias = "dss1" and target = "dsaWithSHA1"
|
||||
*/
|
||||
predicate resolveAlgorithmFromCall(Call c, string normalized, string algType) {
|
||||
exists(string name, string parsedTargetName |
|
||||
parsedTargetName =
|
||||
c.getTarget().getName().replaceAll("EVP_", "").toLowerCase().replaceAll("_", "-") and
|
||||
name = resolveAlgorithmAlias(parsedTargetName) and
|
||||
knownOpenSSLAlgorithmLiteral(name, _, normalized, algType)
|
||||
)
|
||||
class OpenSSLDirectAlgorithmFetchCall extends OpenSSLAlgorithmCall {
|
||||
string normalizedName;
|
||||
string algType;
|
||||
|
||||
OpenSSLDirectAlgorithmFetchCall() {
|
||||
//ASSUMPTION: these cases will have operands for the call
|
||||
not exists(this.(Call).getAnArgument()) and
|
||||
exists(string name, string parsedTargetName |
|
||||
parsedTargetName =
|
||||
this.(Call).getTarget().getName().replaceAll("EVP_", "").toLowerCase().replaceAll("_", "-") and
|
||||
name = resolveAlgorithmAlias(parsedTargetName) and
|
||||
knownOpenSSLAlgorithmLiteral(name, _, normalizedName, algType)
|
||||
)
|
||||
}
|
||||
|
||||
override string getNormalizedName() { result = normalizedName }
|
||||
|
||||
override string getAlgType() { result = algType }
|
||||
}
|
||||
|
||||
/**
|
||||
* A call to an OpenSSL operation that directly operates on a known algorithm.
|
||||
* An algorithm construct is not generated for these calls, rather, the operation
|
||||
* is directly performed, and the algorithm is inferred by the operation itself.
|
||||
*/
|
||||
class OpenSSLDirectAlgorithmOperationCall extends OpenSSLAlgorithmCall {
|
||||
string normalizedName;
|
||||
string algType;
|
||||
|
||||
OpenSSLDirectAlgorithmOperationCall() {
|
||||
//TODO: this set will have to be exhaustive, and for each operation
|
||||
//further modeling will be necessary for each case to map the APIs operands
|
||||
//ASSUMPTION: these cases must have operands for the call
|
||||
exists(this.(Call).getAnArgument()) and
|
||||
//TODO: Each case would be enumerated here. Will likely need an exhaustive mapping much like
|
||||
// for known constants.
|
||||
knownOpenSSLAlgorithmOperationCall(this, normalizedName, algType)
|
||||
}
|
||||
|
||||
override string getNormalizedName() { result = normalizedName }
|
||||
|
||||
override string getAlgType() { result = algType }
|
||||
}
|
||||
|
||||
class KnownOpenSSLCipherAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
|
||||
string algType;
|
||||
|
||||
KnownOpenSSLCipherAlgorithmExpr() {
|
||||
algType = this.(KnownOpenSSLAlgorithmExpr).getAlgType() and
|
||||
algType.matches("%ENCRYPTION")
|
||||
}
|
||||
|
||||
int getExplicitKeySize() {
|
||||
exists(string name |
|
||||
name = this.(KnownOpenSSLAlgorithmExpr).getNormalizedName() and
|
||||
resolveAlgorithmFromExpr(this, name, algType) and
|
||||
result = name.regexpCapture(".*-(\\d*)", 1).toInt()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class KnownOpenSSLPaddingAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
|
||||
KnownOpenSSLPaddingAlgorithmExpr() {
|
||||
exists(string algType |
|
||||
resolveAlgorithmFromExpr(this, _, algType) and
|
||||
algType.matches("%PADDING")
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class KnownOpenSSLBlockModeAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
|
||||
KnownOpenSSLBlockModeAlgorithmExpr() { resolveAlgorithmFromExpr(this, _, "BLOCK_MODE") }
|
||||
}
|
||||
|
||||
class KnownOpenSSLHashAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
|
||||
KnownOpenSSLHashAlgorithmExpr() { resolveAlgorithmFromExpr(this, _, "HASH") }
|
||||
|
||||
int getExplicitDigestLength() {
|
||||
exists(string name |
|
||||
name = this.(KnownOpenSSLAlgorithmExpr).getNormalizedName() and
|
||||
resolveAlgorithmFromExpr(this, name, "HASH") and
|
||||
result = name.regexpCapture(".*-(\\d*)$", 1).toInt()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
class KnownOpenSSLEllipticCurveAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
|
||||
KnownOpenSSLEllipticCurveAlgorithmExpr() { resolveAlgorithmFromExpr(this, _, "ELLIPTIC_CURVE") }
|
||||
}
|
||||
|
||||
class KnownOpenSSLSignatureAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
|
||||
KnownOpenSSLSignatureAlgorithmExpr() { resolveAlgorithmFromExpr(this, _, "SIGNATURE") }
|
||||
}
|
||||
|
||||
class KnownOpenSSLKeyAgreementAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
|
||||
KnownOpenSSLKeyAgreementAlgorithmExpr() { resolveAlgorithmFromExpr(this, _, "KEY_AGREEMENT") }
|
||||
}
|
||||
|
||||
predicate knownOpenSSLAlgorithmOperationCall(Call c, string normalized, string algType) {
|
||||
c.getTarget().getName() in [
|
||||
"EVP_RSA_gen", "RSA_generate_key_ex", "RSA_generate_key", "EVP_PKEY_CTX_set_rsa_keygen_bits"
|
||||
] and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -2818,93 +2880,93 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
|
||||
name = "ripemd160withrsa" and
|
||||
nid = 119 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "ripemd160withrsa" and nid = 119 and normalized = "RIPEMD160" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-md2" and nid = 7 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-md2" and nid = 7 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-md2" and nid = 7 and normalized = "MD2" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-md4" and nid = 396 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-md4" and nid = 396 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-md4" and nid = 396 and normalized = "MD4" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-md5" and nid = 8 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-md5" and nid = 8 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-md5" and nid = 8 and normalized = "MD5" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-mdc2" and nid = 96 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-mdc2" and nid = 96 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-mdc2" and nid = 96 and normalized = "MDC2" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-np-md5" and nid = 104 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-np-md5" and nid = 104 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-np-md5" and nid = 104 and normalized = "MD5" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-ripemd160" and nid = 119 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-ripemd160" and nid = 119 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-ripemd160" and nid = 119 and normalized = "RIPEMD160" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha" and nid = 42 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha" and nid = 42 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha" and nid = 42 and normalized = "SHA" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha1" and nid = 65 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha1" and nid = 65 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha1" and nid = 65 and normalized = "SHA1" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha1-2" and nid = 115 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha1-2" and nid = 115 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha1-2" and nid = 115 and normalized = "SHA1" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha224" and nid = 671 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha224" and nid = 671 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha224" and nid = 671 and normalized = "SHA-224" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha256" and nid = 668 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha256" and nid = 668 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha256" and nid = 668 and normalized = "SHA-256" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha3-224" and nid = 1116 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha3-224" and nid = 1116 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha3-224" and nid = 1116 and normalized = "SHA3-224" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha3-256" and nid = 1117 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha3-256" and nid = 1117 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha3-256" and nid = 1117 and normalized = "SHA3-256" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha3-384" and nid = 1118 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha3-384" and nid = 1118 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha3-384" and nid = 1118 and normalized = "SHA3-384" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha3-512" and nid = 1119 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha3-512" and nid = 1119 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha3-512" and nid = 1119 and normalized = "SHA3-512" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha384" and nid = 669 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha384" and nid = 669 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha384" and nid = 669 and normalized = "SHA-384" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha512" and nid = 670 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sha512" and nid = 670 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha512" and nid = 670 and normalized = "SHA-512" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha512/224" and
|
||||
nid = 1145 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha512/224" and nid = 1145 and normalized = "SHA-512-224" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sha512/256" and
|
||||
nid = 1146 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sha512/256" and nid = 1146 and normalized = "SHA-512-256" and algType = "HASH"
|
||||
or
|
||||
name = "rsa-sm3" and nid = 1144 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsa-sm3" and nid = 1144 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsa-sm3" and nid = 1144 and normalized = "SM3" and algType = "HASH"
|
||||
or
|
||||
@@ -2928,52 +2990,52 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
|
||||
normalized = "OAEP" and
|
||||
algType = "ASYMMETRIC_PADDING"
|
||||
or
|
||||
name = "rsasignature" and nid = 377 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsasignature" and nid = 377 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsassa-pss" and nid = 912 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsassa-pss" and nid = 912 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsassa-pss" and nid = 912 and normalized = "PSS" and algType = "ASYMMETRIC_PADDING"
|
||||
or
|
||||
name = "rsassapss" and nid = 912 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "rsassapss" and nid = 912 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "rsassapss" and nid = 912 and normalized = "PSS" and algType = "ASYMMETRIC_PADDING"
|
||||
name = "rsassapss" and nid = 912 and normalized = "PSS" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha1withrsa" and nid = 115 and normalized = "RSA" and algType = "ASYMMETRIC_ENCRYPTION"
|
||||
name = "sha1withrsa" and nid = 115 and normalized = "RSA" and algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha1withrsa" and nid = 115 and normalized = "SHA1" and algType = "HASH"
|
||||
or
|
||||
name = "sha1withrsaencryption" and
|
||||
nid = 65 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha1withrsaencryption" and nid = 65 and normalized = "SHA1" and algType = "HASH"
|
||||
or
|
||||
name = "sha224withrsaencryption" and
|
||||
nid = 671 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha224withrsaencryption" and nid = 671 and normalized = "SHA-224" and algType = "HASH"
|
||||
or
|
||||
name = "sha256withrsaencryption" and
|
||||
nid = 668 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha256withrsaencryption" and nid = 668 and normalized = "SHA-256" and algType = "HASH"
|
||||
or
|
||||
name = "sha384withrsaencryption" and
|
||||
nid = 669 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha384withrsaencryption" and nid = 669 and normalized = "SHA-384" and algType = "HASH"
|
||||
or
|
||||
name = "sha512-224withrsaencryption" and
|
||||
nid = 1145 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha512-224withrsaencryption" and
|
||||
nid = 1145 and
|
||||
@@ -2983,7 +3045,7 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
|
||||
name = "sha512-256withrsaencryption" and
|
||||
nid = 1146 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha512-256withrsaencryption" and
|
||||
nid = 1146 and
|
||||
@@ -2993,14 +3055,14 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
|
||||
name = "sha512withrsaencryption" and
|
||||
nid = 670 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sha512withrsaencryption" and nid = 670 and normalized = "SHA-512" and algType = "HASH"
|
||||
or
|
||||
name = "shawithrsaencryption" and
|
||||
nid = 42 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "shawithrsaencryption" and nid = 42 and normalized = "SHA" and algType = "HASH"
|
||||
or
|
||||
@@ -3017,7 +3079,7 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
|
||||
name = "sm3withrsaencryption" and
|
||||
nid = 1144 and
|
||||
normalized = "RSA" and
|
||||
algType = "ASYMMETRIC_ENCRYPTION"
|
||||
algType = "SIGNATURE"
|
||||
or
|
||||
name = "sm3withrsaencryption" and nid = 1144 and normalized = "SM3" and algType = "HASH"
|
||||
}
|
||||
|
||||
@@ -4,3 +4,4 @@ import PaddingAlgorithmInstance
|
||||
import BlockAlgorithmInstance
|
||||
import HashAlgorithmInstance
|
||||
import EllipticCurveAlgorithmInstance
|
||||
import SignatureAlgorithmInstance
|
||||
|
||||
@@ -24,14 +24,14 @@ class OpenSSLPaddingLiteral extends Literal {
|
||||
}
|
||||
|
||||
/**
|
||||
* Given a `KnownOpenSSLPaddingAlgorithmConstant`, converts this to a padding family type.
|
||||
* Given a `KnownOpenSSLPaddingAlgorithmExpr`, converts this to a padding family type.
|
||||
* Does not bind if there is no mapping (no mapping to 'unknown' or 'other').
|
||||
*/
|
||||
predicate knownOpenSSLConstantToPaddingFamilyType(
|
||||
KnownOpenSSLPaddingAlgorithmConstant e, Crypto::TPaddingType type
|
||||
KnownOpenSSLPaddingAlgorithmExpr e, Crypto::TPaddingType type
|
||||
) {
|
||||
exists(string name |
|
||||
name = e.getNormalizedName() and
|
||||
name = e.(KnownOpenSSLAlgorithmExpr).getNormalizedName() and
|
||||
(
|
||||
name.matches("OAEP") and type = Crypto::OAEP()
|
||||
or
|
||||
@@ -59,8 +59,8 @@ class KnownOpenSSLPaddingConstantAlgorithmInstance extends OpenSSLAlgorithmInsta
|
||||
// 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
|
||||
// 3) the source is a padding-specific literal flowing to a padding-specific consumer
|
||||
// Possibility 1:
|
||||
this instanceof Literal and
|
||||
this instanceof KnownOpenSSLPaddingAlgorithmConstant and
|
||||
this instanceof OpenSSLAlgorithmLiteral and
|
||||
this instanceof KnownOpenSSLPaddingAlgorithmExpr and
|
||||
exists(DataFlow::Node src, DataFlow::Node sink |
|
||||
// Sink is an argument to a CipherGetterCall
|
||||
sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
|
||||
@@ -72,9 +72,9 @@ class KnownOpenSSLPaddingConstantAlgorithmInstance extends OpenSSLAlgorithmInsta
|
||||
)
|
||||
or
|
||||
// Possibility 2:
|
||||
this instanceof DirectAlgorithmValueConsumer and
|
||||
this instanceof OpenSSLAlgorithmCall and
|
||||
getterCall = this and
|
||||
this instanceof KnownOpenSSLPaddingAlgorithmConstant and
|
||||
this instanceof KnownOpenSSLPaddingAlgorithmExpr and
|
||||
isPaddingSpecificConsumer = false
|
||||
or
|
||||
// Possibility 3: padding-specific literal
|
||||
|
||||
@@ -7,26 +7,30 @@ private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgor
|
||||
* Cases like EVP_MD5(),
|
||||
* there is no input, rather it directly gets an algorithm
|
||||
* and returns it.
|
||||
* Also includes operations directly using an algorithm
|
||||
* like AES_encrypt().
|
||||
*/
|
||||
class DirectAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer {
|
||||
class DirectAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer instanceof OpenSSLAlgorithmCall
|
||||
{
|
||||
DataFlow::Node resultNode;
|
||||
Expr resultExpr;
|
||||
|
||||
DirectAlgorithmValueConsumer() {
|
||||
this instanceof KnownOpenSSLAlgorithmConstant and
|
||||
this instanceof Call and
|
||||
resultExpr = this and
|
||||
resultNode.asExpr() = resultExpr
|
||||
}
|
||||
|
||||
/**
|
||||
* These cases take in no explicit value (the value is implicit)
|
||||
*/
|
||||
override Crypto::ConsumerInputDataFlowNode getInputNode() { none() }
|
||||
|
||||
override DataFlow::Node getResultNode() { result = resultNode }
|
||||
/**
|
||||
* Gets the DataFlow node represeting the output algorithm entity
|
||||
* created as a result of this call.
|
||||
*/
|
||||
override DataFlow::Node getResultNode() {
|
||||
this instanceof OpenSSLDirectAlgorithmFetchCall and
|
||||
result.asExpr() = this
|
||||
// NOTE: if instanceof OpenSSLDirectAlgorithmOperationCall then there is no algorithm generated
|
||||
// the algorithm is directly used
|
||||
}
|
||||
|
||||
// override DataFlow::Node getOutputNode() { result = resultNode }
|
||||
override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
|
||||
// Note: algorithm source definitions enforces that
|
||||
// this class will be a known algorithm source
|
||||
|
||||
Reference in New Issue
Block a user