hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Crypto: JCA random number generation model.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-10-02 15:21:28 -04:00
parent 507174e44f
commit a46bd4c4ca
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/lib/experimental/quantum/JCA.qll
View File

@@ -1047,6 +1047,21 @@ module JCAModel {
}
}
/**
* An instance of `java.security.SecureRandom.nextBytes(byte[])` call.
* This is already generally modeled for Java in CodeQL, but
* we model it again as part of the crypto API model to have a cohesive model.
*/
class JavaSecuritySecureRandom extends Crypto::RandomNumberGenerationInstance instanceof Call {
JavaSecuritySecureRandom() {
this.getCallee().hasQualifiedName("java.security", "SecureRandom", "nextBytes")
}
override Crypto::DataFlowNode getOutputNode() { result.asExpr() = this.(Call).getArgument(0) }
override string getGeneratorName() { result = this.(Call).getCallee().getName() }
}
class KeyGeneratorGenerateCall extends Crypto::KeyGenerationOperationInstance instanceof MethodCall
{
Crypto::KeyArtifactType type;