codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Author	SHA1	Message	Date
$REDMOND\brodes$ REDMOND\brodes	b374ba3d0c	Crypto: Updating java 'location' information to be just a location's toString to be more verbose/precise.	2025-10-21 11:48:37 -04:00
$REDMOND\brodes$ REDMOND\brodes	354effe829	Crypto: Missing hash algorithms for HMAC operations in jca.	2025-10-20 15:24:18 -04:00
$REDMOND\brodes$ REDMOND\brodes	c01c060476	Crypto: more ID renaming to include "examples", fix singleton issues with ql-for-ql, use formatted test for WeakAsymmetricKeyGenSize (add post processing in the qlref), misc expected files updated (test passed locally but on rerun vscode reports failures, known bug with vscode unit tests).	2025-10-17 14:13:53 -04:00
$REDMOND\brodes$ REDMOND\brodes	b4ecb91c83	Crypto: Add missing cipher algorithms to JCA. Update node tests to account for missing cipher algorithms.	2025-10-17 13:38:47 -04:00
$REDMOND\brodes$ REDMOND\brodes	f480d90a68	Crypto: Add missing block mode JCA Models, add block mode unit tests	2025-10-17 13:13:14 -04:00
$REDMOND\brodes$ REDMOND\brodes	b9b0037e07	Crypto: Comment todo for observed missing modeled case. Tests for weak and unknown KDF iteration count.	2025-10-16 14:07:45 -04:00
$REDMOND\brodes$ REDMOND\brodes	a64a24d25d	Crypto: Comment in Language.qll	2025-10-16 11:03:49 -04:00
$REDMOND\brodes$ REDMOND\brodes	25599e9b4b	crypto: Update JCA model macs to take into consideration update calls (use prior pattern for signatures). Misc. bug fixes.	2025-10-15 16:25:36 -04:00
$REDMOND\brodes$ REDMOND\brodes	9a6aac1300	Crypto: To get unreferenced parameters as general sources for Java, I've included the caveat that if a function is called, all the calls appear to be in test files.	2025-10-15 14:20:16 -04:00
$REDMOND\brodes$ REDMOND\brodes	ee08385e31	Crytpo: Update JCA keyagreement to type conversion, XDH is a type of ECDH.	2025-10-15 08:06:19 -04:00
$REDMOND\brodes$ REDMOND\brodes	76128ed8dc	Crypto: Update InsecureIVorNonce to be a path problem.	2025-10-13 15:29:57 -04:00
$REDMOND\brodes$ REDMOND\brodes	08abdb8c85	Crypto: Adding a "javaConstant" concept to handle config files.	2025-10-13 12:03:41 -04:00
$REDMOND\brodes$ REDMOND\brodes	36673659ad	Crypto: Weak asymmetric key gen size fixes and test.	2025-10-10 14:49:35 -04:00
Nicolas Will	fdba3acc4b	Crypto: Fix QL-for-QL alert and auto-format	2025-10-09 13:59:51 +02:00
$REDMOND\brodes$ REDMOND\brodes	11e81395b5	Crypto: Updated default flows to use taint tracking (this is needed to fix false positives in the unknown IV/Nonce query). Add the unknown IV/Nonce query and associated test cases. Fix unknown IV/Nonce query to focus on cases where the oepration isn't known or the operation subtype is not encrypt or wrap.	2025-10-08 14:14:17 -04:00
$REDMOND\brodes$ REDMOND\brodes	83ff70bcd8	Crypto: Adding tests for insecure iv or nonce. Updating generic literal sources to include array literals.	2025-10-08 12:47:58 -04:00
$REDMOND\brodes$ REDMOND\brodes	bd34b6ce02	Crypto: Removing JCA model of random, need to reassess this as this impacts the insecure IV/Nonce query. Updated name of the Insecure nonce query to be InsecureIVorNonce	2025-10-08 11:41:21 -04:00
$REDMOND\brodes$ REDMOND\brodes	cf88e3f52d	Crypto: Standardize naming where use of "family" and "type" have been used. Prefer 'type'.	2025-10-08 09:54:53 -04:00
Ben Rodes	b32a6407b9	Update java/ql/lib/experimental/quantum/JCA.qll Co-authored-by: Nicolas Will <nicolaswill@github.com>	2025-10-06 09:04:19 -04:00
Nicolas Will	579da1dbd6	Fix QL-for-QL alerts	2025-10-06 14:45:45 +02:00
$REDMOND\brodes$ REDMOND\brodes	9fa30a3884	Crypto: Updating algorithm string literals and key generation algorithm literal sources to include signatures.	2025-10-03 18:09:27 -04:00
$REDMOND\brodes$ REDMOND\brodes	9c5765a48c	Crypto: Add missing string constants for signature algorithms.	2025-10-03 17:17:07 -04:00
$REDMOND\brodes$ REDMOND\brodes	f1eb6511a7	Crypto: Add modeling for JCA signatures. Make consistent use of "unknown" or "other" for unrecognized types.	2025-10-03 12:07:37 -04:00
$REDMOND\brodes$ REDMOND\brodes	a46bd4c4ca	Crypto: JCA random number generation model.	2025-10-02 15:21:28 -04:00
Nicolas Will	4901cdf929	Crypto: Refactor and change casts to `super`	2025-10-02 18:43:38 +02:00
$REDMOND\brodes$ REDMOND\brodes	9673b81677	Crypto: Update JCA 'wihHmac" raw name to be the entire raw string, not just "Hmac"	2025-10-02 11:49:23 -04:00
$REDMOND\brodes$ REDMOND\brodes	704a06e1fa	Crypto: Update JCA PBKDF2 modeling: 1) add further inheritance structures to make the inheritance decomposition and caveats clearer, and 2) use getConsumer to establish the hash and hmac consumer. Update the Model to expect hash node types specifically for HMAC getHashALgorithmOrUnknown.	2025-10-02 11:45:13 -04:00
$REDMOND\brodes$ REDMOND\brodes	850c1ec12d	Crypto: Fix use of a member where a singleton set literal exists	2025-10-02 09:20:40 -04:00
$REDMOND\brodes$ REDMOND\brodes	b08533b322	Crypto: Fix missing output variable	2025-10-02 09:10:50 -04:00
$REDMOND\brodes$ REDMOND\brodes	c37b7c1389	Merge branch 'signature_model_refactor' of https://github.com/bdrodes/codeql into signature_model_refactor	2025-10-02 09:05:09 -04:00
$REDMOND\brodes$ REDMOND\brodes	38421cec94	Crypto: Missing casing fix for JCA classes	2025-10-02 09:04:23 -04:00
Ben Rodes	d251b3f9f7	Merge branch 'main' into signature_model_refactor	2025-10-02 09:02:34 -04:00
$REDMOND\brodes$ REDMOND\brodes	329a7dee1c	Crypto: Fixing JCA class naming casing for PBKDF2 classes.	2025-10-02 09:02:17 -04:00
$REDMOND\brodes$ REDMOND\brodes	d49efefefa	Crypto: Fix for non-monotonic recursion in JCA	2025-10-01 14:36:26 -04:00
$REDMOND\brodes$ REDMOND\brodes	92dac0341c	Crypto: Adding necessary model interfaces for MacOperationCall in JCA.	2025-10-01 11:13:37 -04:00
Michael Nebel	77113b2e42	Java: Fix some Ql4Ql violations.	2025-09-01 15:04:08 +02:00
$REDMOND\brodes$ REDMOND\brodes	ff93045938	Crypto: remove JCA bad import.	2025-07-01 12:21:51 -04:00
$REDMOND\brodes$ REDMOND\brodes	88d36aa574	Crypto: Intermediate JCA updates to support new MAC model. Work in progress.	2025-07-01 12:19:15 -04:00
Nicolas Will	976364fcaa	Merge branch 'main' into operation_step_refactor	2025-06-27 12:05:14 +02:00
Kasper Svendsen	da1b99b921	Merge pull request #19779 from github/kaspersv/overlay-java-annotations Overlay: Add overlay annotations to Java & shared libraries	2025-06-27 08:26:33 +02:00
$REDMOND\brodes$ REDMOND\brodes	0aee4f76f9	Crypto: Minor change to force CI/CD checks to restart, prior ql check failures do not make sense.	2025-06-26 16:35:01 -04:00
$REDMOND\brodes$ REDMOND\brodes	dc8d22a468	Crypto: Fix JCA to account for new key gen instance API in model.qll.	2025-06-26 15:48:10 -04:00
Nicolas Will	c54e68c855	Merge branch 'main' into pr/19880	2025-06-26 16:47:38 +02:00
Nicolas Will	8e6031df14	Crypto: Fix further acronym casing and remove unused field	2025-06-25 20:25:33 +02:00
Nicolas Will	14472bf744	Crypto: Refactor type name mapping and fix QL-for-QL alerts	2025-06-25 20:08:14 +02:00
$REDMOND\brodes$ REDMOND\brodes	8280cbcaa1	Crypto: Update JCA model to include new model.qll updates.	2025-06-25 13:55:47 -04:00
Nicolas Will	710e08088f	Crypto: Refactor casing and documentation	2025-06-25 15:29:03 +02:00
Kasper Svendsen	c207cfdeb7	Overlay: Add overlay annotations to Java & shared libraries	2025-06-24 10:25:06 +02:00
$REDMOND\brodes$ REDMOND\brodes	2b6a8321fd	Crypto: Update JCA model to account for Model.qll changes.	2025-06-16 12:53:48 -04:00
$REDMOND\brodes$ REDMOND\brodes	f5d24c5a7b	Crypto: Fix UnknownKeyAgreementType to OthernKeyAgreementType for JCA.	2025-06-02 10:11:53 -04:00

1 2

97 Commits