Quantum/Crypto: To avoid ambiguity, altered OpenSSL EVP_Update_Call and EVP_Final_Call used for ciphers to explicitly say "Cipher", e.g., EVP_Cipher_Update_Call. This is also consistent with the new analogous digest operations.

2026-04-30 19:26:02 +02:00 · 2025-05-19 10:44:39 -04:00
parent 97124745ad
commit 74271e4a17
1 changed files with 5 additions and 5 deletions
--- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll
+++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll
@@ -74,8 +74,8 @@ class EVP_Cipher_Call extends EVP_Cipher_Operation {
 }

 // NOTE: not modeled as cipher operations, these are intermediate calls
-class EVP_Update_Call extends Call {
-  EVP_Update_Call() {
+class EVP_Cipher_Update_Call extends Call {
+  EVP_Cipher_Update_Call() {
    this.(Call).getTarget().getName() in [
        "EVP_EncryptUpdate", "EVP_DecryptUpdate", "EVP_CipherUpdate"
      ]
@@ -88,15 +88,15 @@ class EVP_Update_Call extends Call {
  Expr getContextArg() { result = this.(Call).getArgument(0) }
 }

-class EVP_Final_Call extends EVP_Cipher_Operation {
-  EVP_Final_Call() {
+class EVP_Cipher_Final_Call extends EVP_Cipher_Operation {
+  EVP_Cipher_Final_Call() {
    this.(Call).getTarget().getName() in [
        "EVP_EncryptFinal_ex", "EVP_DecryptFinal_ex", "EVP_CipherFinal_ex", "EVP_EncryptFinal",
        "EVP_DecryptFinal", "EVP_CipherFinal"
      ]
  }

-  EVP_Update_Call getUpdateCalls() {
+  EVP_Cipher_Update_Call getUpdateCalls() {
    CTXFlow::ctxArgFlowsToCtxArg(result.getContextArg(), this.getContextArg())
  }