hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Crypto: Overhaul of EVP final/init/update to now use a more general 'OperationStep' mechanic.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-06-24 16:03:25 -04:00
parent 9a064de86e
commit bd0efbe48c
18 changed files with 2100 additions and 1209 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
shared/quantum/codeql/quantum/experimental/Model.qll
View File

@@ -1154,6 +1154,12 @@ module CryptographyBase<LocationSig Location, InputSig<Location> Input> {
abstract class KeyGenerationOperationInstance extends KeyCreationOperationInstance {
final override string getKeyCreationTypeDescription() { result = "KeyGeneration" }
/**
* Gets a consumer of a raw value that is used to generate the key.
* Not all key generation operations require a raw value.
*/
abstract ConsumerInputDataFlowNode getRawKeyValueConsumer();
}
abstract class KeyLoadOperationInstance extends KeyCreationOperationInstance {
@@ -1914,12 +1920,19 @@ module CryptographyBase<LocationSig Location, InputSig<Location> Input> {
node instanceof KeyCreationCandidateAlgorithmNode
}
NodeBase getARawValueSource() {
result = keyGenInstance.getRawKeyValueConsumer().getConsumer().getAGenericSourceNode()
or
result = keyGenInstance.getRawKeyValueConsumer().getConsumer().getAKnownSourceNode()
}
override NodeBase getChild(string key) {
result = super.getChild(key)
or
// [ALWAYS_KNOWN]
key = "Output" and
result = this.getOutputKeyArtifact()
//TODO: how do I output the raw key if known? If not known, it may not require/have a raw value consumer, don't output
}
}