hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

396 Commits

Author SHA1 Message Date
REDMOND\brodes
20e2c7cefd Crypto: Overhaul/refactor of EVPInitialzers. Update cipher operation to disallow null key and IV on initializers (typically do not represent an actual key or IV). 2025-06-12 00:41:15 -04:00
REDMOND\brodes
d3cff2dff1 Crypto: Add support to trace keys, add support to find prior key gen properties that configure downstream operations. Add key size tests 2025-06-11 13:58:56 -04:00
Nora Dimitrijević
4dd07f475b C++: mass enable diff-informed data flow 
An auto-generated patch that enables diff-informed data flow in the obvious cases.

Builds on https://github.com/github/codeql/pull/18342 and https://github.com/github/codeql-patch/pull/88
 2025-06-11 18:51:01 +02:00
REDMOND\brodes
7d479940e5 Crypto: Nop out signature operations for now until complete. Minor model update. Remove setting RSA bits as an RSA algorithm. Fix bug in hash algorithm. Add missing PKey encryption to cipher ops. Consolidate ctx initializers. Add unit tests, and alter unit test directory structure to allow for application to other APIs. Update expected files for unit tests (not all updated yet, a work in progress). 2025-06-10 13:37:17 -04:00
REDMOND\brodes
729467ccd6 Crypto: Separate out CTX parameter initialization, and add additional initializer subclasses. 2025-06-09 16:49:54 -04:00
REDMOND\brodes
4f2045bbdd Crypto: CtxFlow now uses an interface for additional steps. Add CTX step to handle paramgen. Remove redundant test. Overhaul of EVP update/initializer/final mechanics. Misc. updates for new API and refactoring EVPKeyGenOperation. Clean up of keygen_operaitons.ql. 2025-06-09 15:07:00 -04:00
REDMOND\brodes
98aae6a7bf Crypto: Add EVP key gen and signature operation (work in progress). Add initial signature tests (no expected files yet). Add new openssl .h stubs. Clean up of OperationBase and associated uses. Update test case stubs to be closer to the actual stubs. Fix unncessary instanceof check in signatures. 2025-06-05 16:43:58 -04:00
REDMOND\brodes
f952f901e4 Crypto: Update CtxFlow to flow from any "source ctx" which is any ctx that is an argument or a return. 2025-06-04 15:44:45 -04:00
REDMOND\brodes
33e239d667 Crypto: Collapse initializer qll's into operations. 2025-06-04 15:44:06 -04:00
REDMOND\brodes
952bc266b1 Crypto: Added Signature algorithm instance and consumer 2025-06-04 15:42:55 -04:00
REDMOND\brodes
39583abade Crypto: Update KnownAlgoirthmConstants to make a distinction between calls that return a known algorithm and calls that operate on a known algorithm. update KnownAlgorithmConstants to correct algType for signature algorithms. Update all instances and prior uses of the old mechanic to KnownAlgorithmConstants. 2025-06-04 15:41:24 -04:00
GrosQuildu
60d9b6e338 update docs 2025-06-03 16:27:50 +02:00
GrosQuildu
eff6eb3cc2 remove redundant if/none 2025-06-03 16:27:50 +02:00
GrosQuildu
f04fa58c8b rm one-shot class 2025-06-03 16:27:50 +02:00
Paweł Płatek
328cf798bf Apply docs suggestions 
Co-authored-by: Ben Rodes <benjaminrodes@gmail.com>
 2025-06-03 16:27:50 +02:00
Paweł Płatek
f103e8be96 Update cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll 
Co-authored-by: Ben Rodes <benjaminrodes@gmail.com>
 2025-06-03 16:27:50 +02:00
GrosQuildu
af8702d6a8 fix openssl outputs 2025-06-03 16:27:50 +02:00
GrosQuildu
6d1b1d1a6e refactor EVP common classes 
add initial work for openssl signatures

add basic C test files for ciphers and signatures

more signature classes, comments for evp base classes

more signature tests

fix super calls for input consumers

fix getOutputArtifact for tests

formatting

delete redundant test files

move algorithm methods to OpenSSLOperation

refactor ECKeyGenOperation for new EVP classes

formatting

fix getOutputArtifact

fix cipher and digest operation test results

mv openssl signature to another PR
 2025-06-03 16:27:50 +02:00
REDMOND\brodes
23b6c78a23 Crypto: Revert CODEOWNERS change and remove redundant cast. 2025-06-02 13:07:31 -04:00
REDMOND\brodes
cf015d18f1 Crypto: Add openssl key agreement instances and consumers (KEM and KEY_EXCH). Fix for raw algorithm names in all current instances. Update constants to include key agreement algorithms, previously missing. Note added in model for the possibility of ESDH. 2025-05-30 11:29:34 -04:00
REDMOND\brodes
69e3a20e24 Crypto: Update crypto stubs location under 'crypto' and associate codeowners on any test/stubs/crypto. Minor fix to HashAlgorithmValueConsumer (remove library detector logic). 2025-05-30 09:35:33 -04:00
REDMOND\brodes
41f008d4f3 Crypto: Adding initial openssl tests, fixing a bug in hash modeling found through tests, and updating CODEOWNERS for quantum tests 2025-05-27 15:23:53 -04:00
REDMOND\brodes
007683f06a Crypto: Simplifying constant comparisons. 2025-05-22 14:06:13 -04:00
REDMOND\brodes
28f48246fc Crypto: Adding signature constant support, and fixing key exchange and signature mapping for ED and X elliptic curve variants. 2025-05-22 13:13:35 -04:00
REDMOND\brodes
ca1d4e270a Crypto: Separating out an IntLiteral class so it is clearer that some constraints for generic input sources are heuristics to filter sources, and other constraints narrow the literals to a general type (ints). Also adding fixes in KnownAlgorithmConstants to classify some algorithms as key exchange and signature correctly, and added support for a signature constant wrapper. 2025-05-22 12:53:11 -04:00
REDMOND\brodes
570fdeb254 Crypto: Code Cleanup (+1 squashed commits) 
Squashed commits:

[417734cc3c] Crypto: Fixing typo (+1 squashed commits)

Squashed commits:

[1ac3d5c7d4] Crypto: Fixing typo caused by AI auto complete.
 2025-05-22 10:52:19 -04:00
REDMOND\brodes
a5b57d3694 Merge branch 'main' into generic_constant_filtering 
# Conflicts:
#	cpp/ql/lib/experimental/quantum/Language.qll
#	cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll
#	cpp/ql/lib/experimental/quantum/OpenSSL/OpenSSL.qll
 2025-05-22 10:37:10 -04:00
REDMOND\brodes
09170e598c Crypto: Making generic literal filter more explicit that it is for filtering all constants, not just for algorithms. 2025-05-22 10:31:58 -04:00
REDMOND\brodes
100045d4cb Crypto: optimizing out the "getPossibleNidFromLiteral" predicate, and now relying on the charpred of OpenSSLAlgorithmCandidateLiteral. 2025-05-21 18:25:29 -04:00
REDMOND\brodes
a36fd2cb31 Crypto: Advanced literal filtering for OpenSSL, used for both unknown and known algorithm literals to improve dataflow performance. 2025-05-21 18:15:44 -04:00
REDMOND\brodes
d75fc2e8ec Crypto: Further code cleanup 2025-05-21 15:25:04 -04:00
Ben Rodes
5370bb4e45 Merge branch 'main' into ben_refactoring 2025-05-21 15:07:53 -04:00
REDMOND\brodes
bbee2c9bdf Crypto: Misc. refactoring and code clean up. 2025-05-21 15:06:46 -04:00
Nicolas Will
9cc121f414 Merge pull request #19545 from bdrodes/missing_openssl_hash_algorithm_consumers 
Quantum: Model missing OpenSSL EVP digest consumers
 2025-05-21 19:03:06 +02:00
Nicolas Will
9637aeca5e Merge pull request #19547 from bdrodes/openssl_pkey_alg_value_consumers 
Quantum: Add OpenSSL PKEY algorithm value consumers.
 2025-05-21 19:00:36 +02:00
Nicolas Will
acb19627d6 Merge branch 'main' into missing_openssl_hash_algorithm_consumers 2025-05-21 18:01:28 +02:00
REDMOND\brodes
9f65cb8c4c Comment/doc cleanup 2025-05-21 11:51:25 -04:00
Nicolas Will
48e484b438 Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-21 16:26:11 +02:00
REDMOND\brodes
6ffb049b75 Crypto: Adding alg value consumers for EVP PKEY for openssl. As part of the additional modeling, updated the generic dataflow source to match JCA with how "EC" is handled as a consumed algorithm for PKEY. 2025-05-20 14:18:33 -04:00
REDMOND\brodes
d35fc64987 Crypto: Missing openssl EVP digest consumers. 2025-05-20 11:23:27 -04:00
Ben Rodes
efd9386d6e Update cpp/ql/lib/experimental/quantum/OpenSSL/Operations/ECKeyGenOperation.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-20 10:58:19 -04:00
REDMOND\brodes
c3ed4549f4 Crypto: Changing fixed key size for the key gen operation for EC key gen to be none, and rely implicitly on the connected algorithm length. (+1 squashed commits) (+1 squashed commits) 
Squashed commits:

[b7cd7baa42] Crypto: Modeled EC key gen for openssl. (+1 squashed commits)
 2025-05-20 10:39:21 -04:00
REDMOND\brodes
b56472436e Crypto: Alterations to OpenSSL cipher algorithms to use new fixed keysize predicate. 2025-05-20 10:36:56 -04:00
Ben Rodes
55119cf770 Merge branch 'main' into openssl_elliptic_curve_algorithm_instances_and_consumers 2025-05-19 15:50:00 -04:00
REDMOND\brodes
4309499c36 Switching to private imports. 2025-05-19 15:44:15 -04:00
REDMOND\brodes
03a6e134ba Crypto: Removed dead comment. 2025-05-19 13:51:42 -04:00
REDMOND\brodes
e5641eff23 Crypto: Typo fix 2025-05-19 13:50:41 -04:00
REDMOND\brodes
3e54e4d6b6 Crypto: Fixing typo. 2025-05-19 13:49:29 -04:00
REDMOND\brodes
d05d38f00c Crypto: Removing unused class field. 2025-05-19 13:48:15 -04:00
REDMOND\brodes
bbbdf89e46 Crypto: OpenSSL ellipitic curve algorithm instances and consumers. 2025-05-19 13:10:11 -04:00