hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix QL-for-QL alerts

Browse Source
This commit is contained in:
Nicolas Will
2025-10-06 14:45:45 +02:00
parent 9fa30a3884
commit 579da1dbd6
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
java/ql/lib/experimental/quantum/JCA.qll
View File

@@ -249,14 +249,14 @@ module JCAModel {
name.toUpperCase().splitAt("with".toUpperCase(), 1).matches("DSA%") and
type = KeyOpAlg::TSignature(KeyOpAlg::DSA())
or
name.toUpperCase().matches("RSASSA-PSS") and type = KeyOpAlg::TAsymmetricCipher(KeyOpAlg::RSA())
name.toUpperCase() = "RSASSA-PSS" and type = KeyOpAlg::TAsymmetricCipher(KeyOpAlg::RSA())
or
name.toUpperCase().matches(["EDDSA", "ED25519", "ED448"]) and
type = KeyOpAlg::TSignature(KeyOpAlg::EDDSA())
or
name.toUpperCase().matches("ML-DSA%") and type = KeyOpAlg::TSignature(KeyOpAlg::DSA())
or
name.toUpperCase().matches("HSS/LMS") and type = KeyOpAlg::TSignature(KeyOpAlg::HSS_LMS())
name.toUpperCase() = "HSS/LMS" and type = KeyOpAlg::TSignature(KeyOpAlg::HSS_LMS())
}
bindingset[name]
@@ -1814,9 +1814,9 @@ module JCAModel {
}
}
class SignatureOperationinstance extends Crypto::SignatureOperationInstance instanceof SignatureOperationCall
class SignatureOperationInstance extends Crypto::SignatureOperationInstance instanceof SignatureOperationCall
{
SignatureOperationinstance() {
SignatureOperationInstance() {
// exclude update (only include sign and verify)
not super.isIntermediate()
}