Crypto: Fix issue with OAEP padding edges regressing.

2025-12-17 01:03:14 +01:00 · 2025-08-26 08:51:52 -04:00
parent 5d29240f27
commit 48dc280e6c
2 changed files with 15 additions and 11 deletions
--- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/HashAlgorithmValueConsumer.qll
+++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/HashAlgorithmValueConsumer.qll
@@ -13,7 +13,7 @@ class Evp_Q_Digest_Algorithm_Consumer extends HashAlgorithmValueConsumer {
  Evp_Q_Digest_Algorithm_Consumer() { this.(Call).getTarget().getName() = "EVP_Q_digest" }

  override Crypto::ConsumerInputDataFlowNode getInputNode() {
-    result.asExpr() = this.(Call).getArgument(1)
+    result.asIndirectExpr() = this.(Call).getArgument(1)
  }

  override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
@@ -42,7 +42,7 @@ class EvpPkeySetCtxALgorithmConsumer extends HashAlgorithmValueConsumer {
        "EVP_PKEY_CTX_set_rsa_mgf1_md_name", "EVP_PKEY_CTX_set_rsa_oaep_md_name",
        "EVP_PKEY_CTX_set_dsa_paramgen_md_props"
      ] and
-    valueArgNode.asExpr() = this.(Call).getArgument(1)
+    valueArgNode.asIndirectExpr() = this.(Call).getArgument(1)
  }

  override DataFlow::Node getResultNode() { none() }
@@ -69,13 +69,13 @@ class EvpDigestAlgorithmValueConsumer extends HashAlgorithmValueConsumer {
      this.(Call).getTarget().getName() in [
          "EVP_get_digestbyname", "EVP_get_digestbynid", "EVP_get_digestbyobj"
        ] and
-      valueArgNode.asExpr() = this.(Call).getArgument(0)
+      valueArgNode.asIndirectExpr() = this.(Call).getArgument(0)
      or
      this.(Call).getTarget().getName() = "EVP_MD_fetch" and
-      valueArgNode.asExpr() = this.(Call).getArgument(1)
+      valueArgNode.asIndirectExpr() = this.(Call).getArgument(1)
      or
      this.(Call).getTarget().getName() = "EVP_DigestSignInit_ex" and
-      valueArgNode.asExpr() = this.(Call).getArgument(2)
+      valueArgNode.asIndirectExpr() = this.(Call).getArgument(2)
    )
  }

@@ -93,6 +93,7 @@ class RsaSignOrVerifyHashAlgorithmValueConsumer extends HashAlgorithmValueConsum

  RsaSignOrVerifyHashAlgorithmValueConsumer() {
    this.(Call).getTarget().getName() in ["RSA_sign", "RSA_verify"] and
+    // arg 0 is an int, use asExpr
    valueArgNode.asExpr() = this.(Call).getArgument(0)
  }

--- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll
+++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll
@@ -106,14 +106,14 @@ class EvpCtxSetHashInitializer extends OperationStep {
  override DataFlow::Node getInput(IOType type) {
    result.asIndirectExpr() = this.getArgument(0) and type = ContextIO()
    or
-    result.asExpr() = this.getArgument(1) and
+    result.asIndirectExpr() = this.getArgument(1) and
    type = HashAlgorithmIO() and
    isOaep = false and
    isMgf1 = false
    or
-    result.asExpr() = this.getArgument(1) and type = HashAlgorithmOaepIO() and isOaep = true
+    result.asIndirectExpr() = this.getArgument(1) and type = HashAlgorithmOaepIO() and isOaep = true
    or
-    result.asExpr() = this.getArgument(1) and type = HashAlgorithmMgf1IO() and isMgf1 = true
+    result.asIndirectExpr() = this.getArgument(1) and type = HashAlgorithmMgf1IO() and isMgf1 = true
  }

  override DataFlow::Node getOutput(IOType type) {
@@ -157,7 +157,7 @@ class EvpCtxSetMacKeyInitializer extends OperationStep {
    result.asExpr() = this.getArgument(2) and type = KeySizeIO()
    or
    // the raw key that is configured into the output key
-    result.asExpr() = this.getArgument(1) and type = KeyIO()
+    result.asIndirectExpr() = this.getArgument(1) and type = KeyIO()
  }

  override DataFlow::Node getOutput(IOType type) {
@@ -175,6 +175,7 @@ class EvpCtxSetPaddingInitializer extends OperationStep {
  override DataFlow::Node getInput(IOType type) {
    result.asIndirectExpr() = this.getArgument(0) and type = ContextIO()
    or
+    // The algorithm is an int: use asExpr
    result.asExpr() = this.getArgument(1) and type = PaddingAlgorithmIO()
  }

@@ -211,11 +212,13 @@ class EvpCtxSetSaltLengthInitializer extends OperationStep {
 class EvpPkeyGet1RsaOrDsa extends OperationStep {
  EvpPkeyGet1RsaOrDsa() { this.getTarget().getName() = ["EVP_PKEY_get1_RSA", "EVP_PKEY_get1_DSA"] }

-  override DataFlow::Node getOutput(IOType type) { result.asExpr() = this and type = KeyIO() }
+  override DataFlow::Node getOutput(IOType type) {
+    result.asIndirectExpr() = this and type = KeyIO()
+  }

  override DataFlow::Node getInput(IOType type) {
    // Key being loaded or created from another location
-    result.asExpr() = this.getArgument(0) and type = KeyIO()
+    result.asIndirectExpr() = this.getArgument(0) and type = KeyIO()
  }

  /**