Crypto: Update KnownAlgoirthmConstants to make a distinction between calls that return a known algorithm and calls that operate on a known algorithm. update KnownAlgorithmConstants to correct algType for signature algorithms. Update all instances and prior uses of the old mechanic to KnownAlgorithmConstants.

cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/DirectAlgorithmValueConsumer.qll

@@ -7,26 +7,30 @@ private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgor
  * Cases like EVP_MD5(),
  * there is no input, rather it directly gets an algorithm
  * and returns it.
+ * Also includes operations directly using an algorithm
+ * like AES_encrypt().
  */
-class DirectAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer {
+class DirectAlgorithmValueConsumer extends OpenSSLAlgorithmValueConsumer instanceof OpenSSLAlgorithmCall
+{
   DataFlow::Node resultNode;
   Expr resultExpr;
 
-  DirectAlgorithmValueConsumer() {
-    this instanceof KnownOpenSSLAlgorithmConstant and
-    this instanceof Call and
-    resultExpr = this and
-    resultNode.asExpr() = resultExpr
-  }
-
   /**
    * These cases take in no explicit value (the value is implicit)
    */
   override Crypto::ConsumerInputDataFlowNode getInputNode() { none() }
 
-  override DataFlow::Node getResultNode() { result = resultNode }
+  /**
+   * Gets the DataFlow node represeting the output algorithm entity
+   * created as a result of this call.
+   */
+  override DataFlow::Node getResultNode() {
+    this instanceof OpenSSLDirectAlgorithmFetchCall and
+    result.asExpr() = this
+    // NOTE: if instanceof OpenSSLDirectAlgorithmOperationCall then there is no algorithm generated
+    // the algorithm is directly used
+  }
 
-  //   override DataFlow::Node getOutputNode() { result = resultNode }
   override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
     // Note: algorithm source definitions enforces that
     // this class will be a known algorithm source