Moved Cpp into sub directory 'cryptography' instead of crypto. Added python models, inventory, and example alerts.

2026-04-30 11:15:13 +02:00 · 2023-09-15 12:12:01 -04:00
parent 7560db66fa
commit 50db4fd63e
73 changed files with 2763 additions and 44 deletions
--- a/cpp/ql/lib/experimental/crypto/Concepts.qll
+++ b/cpp/ql/lib/experimental/crypto/Concepts.qll
@@ -1,5 +0,0 @@
-import experimental.crypto.CryptoArtifact
-import experimental.crypto.CryptoAlgorithmNames
-
-import experimental.crypto.modules.OpenSSL as OpenSSL
-
--- a/cpp/ql/lib/experimental/cryptography/Concepts.qll
+++ b/cpp/ql/lib/experimental/cryptography/Concepts.qll
@@ -0,0 +1,5 @@
+import experimental.cryptography.CryptoArtifact
+import experimental.cryptography.CryptoAlgorithmNames
+
+import experimental.cryptography.modules.OpenSSL as OpenSSL
+
--- a/cpp/ql/lib/experimental/cryptography/CryptoAlgorithmNames.qll
+++ b/cpp/ql/lib/experimental/cryptography/CryptoAlgorithmNames.qll
--- a/cpp/ql/lib/experimental/cryptography/CryptoArtifact.qll
+++ b/cpp/ql/lib/experimental/cryptography/CryptoArtifact.qll
@@ -1,5 +1,5 @@
 import cpp
-private import experimental.crypto.CryptoAlgorithmNames
+private import experimental.cryptography.CryptoAlgorithmNames
 import semmle.code.cpp.ir.dataflow.TaintTracking


--- a/cpp/ql/lib/experimental/cryptography/modules/OpenSSL.qll
+++ b/cpp/ql/lib/experimental/cryptography/modules/OpenSSL.qll
@@ -1,11 +1,11 @@
 import cpp
-import experimental.crypto.CryptoAlgorithmNames
-import experimental.crypto.CryptoArtifact
-import experimental.crypto.utils.OpenSSL.CryptoFunction
-import experimental.crypto.utils.OpenSSL.AlgorithmSink
-import experimental.crypto.utils.OpenSSL.PassthroughFunction
-import experimental.crypto.utils.OpenSSL.CryptoAlgorithm
-import experimental.crypto.CryptoArtifact
+import experimental.cryptography.CryptoAlgorithmNames
+import experimental.cryptography.CryptoArtifact
+import experimental.cryptography.utils.OpenSSL.CryptoFunction
+import experimental.cryptography.utils.OpenSSL.AlgorithmSink
+import experimental.cryptography.utils.OpenSSL.PassthroughFunction
+import experimental.cryptography.utils.OpenSSL.CryptoAlgorithm
+import experimental.cryptography.CryptoArtifact
 // import semmle.code.cpp.ir.dataflow.TaintTracking
 import semmle.code.cpp.ir.dataflow.DataFlow

--- a/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/AlgorithmSink.qll
+++ b/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/AlgorithmSink.qll
@@ -7,8 +7,8 @@

 //TODO: enforce a hierarchy of AlgorithmSinkArgument, e.g., so I can get all Asymmetric SinkArguments that includes all the strictly RSA etc.
 import cpp
-import experimental.crypto.utils.OpenSSL.LibraryFunction
-import experimental.crypto.CryptoAlgorithmNames
+import experimental.cryptography.utils.OpenSSL.LibraryFunction
+import experimental.cryptography.CryptoAlgorithmNames

 predicate isAlgorithmSink(AlgorithmSinkArgument arg, string algType){
    arg.algType() = algType
--- a/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoAlgorithm.qll
+++ b/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoAlgorithm.qll
@@ -1,5 +1,5 @@
 import cpp
-import experimental.crypto.CryptoAlgorithmNames
+import experimental.cryptography.CryptoAlgorithmNames

 predicate isValidAlgorithmLiteral(Literal e){
    exists(getPossibleNidFromLiteral(e)) or e instanceof StringLiteral
--- a/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll
+++ b/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll
@@ -1,6 +1,6 @@
 import cpp
-import experimental.crypto.utils.OpenSSL.LibraryFunction
-import experimental.crypto.CryptoAlgorithmNames
+import experimental.cryptography.utils.OpenSSL.LibraryFunction
+import experimental.cryptography.CryptoAlgorithmNames

 predicate inferredOpenSSLCryptoFunctionCall(Call c , string normalized, string algType){
    inferredOpenSSLCryptoFunction(c.getTarget(), normalized, algType)
--- a/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/DataBuilders.qll
+++ b/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/DataBuilders.qll
@@ -5,8 +5,8 @@
 */

 import cpp
-import experimental.crypto.CryptoAlgorithmNames
-import experimental.crypto.utils.OpenSSL.CryptoFunction
+import experimental.cryptography.CryptoAlgorithmNames
+import experimental.cryptography.utils.OpenSSL.CryptoFunction


 private string basicNormalizeFunctionName(Function f, string algType) {
--- a/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/LibraryFunction.qll
+++ b/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/LibraryFunction.qll
--- a/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/PassthroughFunction.qll
+++ b/cpp/ql/lib/experimental/cryptography/utils/OpenSSL/PassthroughFunction.qll
@@ -1,5 +1,5 @@
 import cpp 
-import experimental.crypto.utils.OpenSSL.LibraryFunction
+import experimental.cryptography.utils.OpenSSL.LibraryFunction
 import semmle.code.cpp.ir.dataflow.DataFlow