74484 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
REDMOND\brodes	6a4659fc7e	Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5())	2025-03-10 11:33:46 -04:00
REDMOND\brodes	3316d6135d	Ctx flow comments.	2025-03-10 11:32:14 -04:00
REDMOND\brodes	d99812a10d	Adding GOSTHash to THashType.	2025-03-10 09:59:28 -04:00
REDMOND\brodes	64241caf1d	Merge branch 'brodes/cipher_operation' of https://github.com/nicolaswill/codeql into brodes/cipher_operation	2025-03-07 14:25:13 -05:00
REDMOND\brodes	bac0a635f9	Initial hash models for openssl.	2025-03-07 14:24:01 -05:00
Nicolas Will	47affa0fed	Restore location output for nodes	2025-03-07 18:30:58 +01:00
REDMOND\brodes	cf72fde911	Fixing cross product in getPropertyAsGraphString (parameter root not bound in all cases, fixing using a bindingetset)	2025-03-07 12:11:12 -05:00
REDMOND\brodes	32d29ffde3	Changed casing on TCipherType, Added some initial fixes for hash support, started developing openssl hashing modeling.	2025-03-07 10:02:36 -05:00
REDMOND\brodes	b9bd199432	Regression fixes for JCA	2025-03-06 13:39:23 -05:00
REDMOND\brodes	6083df2b7f	Completed tying algorithm instances to consumers. Now the model should have known literals for cipher instances, and it traces those instances to consumers (inits) and those inits are traced to cipher operations.	2025-03-05 15:48:08 -05:00
REDMOND\brodes	de3ff45cba	Misc updates for OpenSSL modeling to trace algorithm literals to known alg getters, and converting the literal to a TCipherType.	2025-03-05 15:17:52 -05:00
REDMOND\brodes	cce5f24b38	Initial OpenSSL modeling work.	2025-03-04 15:52:57 -05:00
REDMOND\brodes	8865d89fe9	Removing old ReusedNonce query.	2025-03-03 16:51:30 -05:00
REDMOND\brodes	2ee1681126	Adding a proof-of-concept PossibleReusedNonce query.	2025-03-03 15:09:27 -05:00
REDMOND\brodes	14cb2bb12f	Updates to insecure or unknown nonce at operation.	2025-03-03 14:42:50 -05:00
REDMOND\brodes	076f53147d	Proof-of-concept query for InsecureOrUnknownNonceAtOperation	2025-03-03 13:53:16 -05:00
Nicolas Will	627790f98b	Clean up consumer and instance interfaces	2025-03-03 19:06:53 +01:00
Nicolas Will	cf33cf7653	Add input and output nodes and fix cross product	2025-02-28 15:21:46 +01:00
Nicolas Will	0354afc365	Make ArtifactConsumers instances of some Artifacts ... TODO: refactor the interfaces	2025-02-27 15:54:38 +01:00
Nicolas Will	ef0614ad45	Restore removed node location output	2025-02-27 05:45:27 +01:00
Nicolas Will	04f4683399	Rewrite handling of known unknowns and data-flow	2025-02-27 05:42:02 +01:00
Nicolas Will	f55f27b0d9	Expand handling of generic artifact sources	2025-02-25 18:22:38 +01:00
Nicolas Will	eb91ecf1fb	Add generic artifact data-flow ... The relation between RNG and other artifacts has been added Nonce has been completed to report its source	2025-02-25 02:53:13 +01:00
Nicolas Will	2b0b927b0b	Add Nonce association to Operation, update graph	2025-02-24 17:37:41 +01:00
REDMOND\brodes	86cab46b8d	Misc. updates to support all JCA cipher operations, including wrap, unwrap and doFinal calls. Corrected pathing for init tracing to detect what mode is being set along a path. Added support for tracing the init operation mode argument to source. Since this involved creating an Operation Mode, changes were also made to make cipher block modes (CBC) more explicit (previously just called mode, but now that term is used for various purposes).	2025-02-21 12:53:35 -05:00
REDMOND\brodes	9ac9252f75	Adding a todo	2025-02-20 11:11:41 -05:00
REDMOND\brodes	011ed3fbfd	Simplifying additional flow step logic.	2025-02-20 11:10:24 -05:00
REDMOND\brodes	83dc5b9906	Fixing type bug	2025-02-20 10:45:33 -05:00
REDMOND\brodes	9ee4a7a7b8	Adding a sketch for a CipherOperation concept to model encryption/decryption operations.	2025-02-20 10:37:40 -05:00
REDMOND\brodes	3871c6a33e	Adding support for encryption operation detection.	2025-02-18 16:09:00 -05:00
Nicolas Will	8707e4d9a3	Continue Artifact data-flow WIP	2025-02-18 18:35:49 +01:00
Nicolas Will	df01fa7a9c	Expand model and JCA modeling	2025-02-17 00:16:08 +01:00
Nicolas Will	b777a22d35	Expand model and specialize newtype relations	2025-02-14 23:43:07 +01:00
Nicolas Will	874e3b5e06	Modify model to use newtypes, expand modeling	2025-02-12 17:58:15 +01:00
Nicolas Will	4d44755945	Refactor Model and CBOM print queries	2025-02-11 15:37:15 +01:00
Kristen Newbury	1a12fb3099	Update JCA model, refactor modes	2025-02-10 13:49:32 -05:00
Kristen Newbury	59208bdb85	Update JCA model to use shared lib	2025-02-10 12:22:22 -05:00
Kristen Newbury	9c8ade7ddd	Merge branch 'nic/crypto-test' into knewbury01/JCA-sample	2025-02-10 11:48:15 -05:00
Kristen Newbury	6005437001	Update JCA model with flow to call as AESuse and format JCA model	2025-02-10 11:26:48 -05:00
Kristen Newbury	60d931af9f	Update progress on JCA	2025-02-07 15:46:13 -05:00
Nicolas Will	7a96f5682e	Merge pull request #3 from nicolaswill/nicolaswill/shared-crypto-library ... Move language-agnostic model to shared library	2025-02-06 21:57:10 +01:00
Nicolas Will	3dc28c2d17	Move language-agnostic model to shared library	2025-02-06 21:54:18 +01:00
Kristen Newbury	2e12bb5f5c	Merge branch 'nic/crypto-test' into knewbury01/JCA-sample	2025-02-06 12:56:32 -05:00
Nicolas Will	cd70acde66	Merge pull request #1 from nicolaswill/brodes/experiments ... Concepts for elliptic curves and misc. updates.	2025-02-06 14:43:09 +01:00
Kristen Newbury	efcf7eab0c	Add broken crypto query	2025-02-05 17:24:25 -05:00
Kristen Newbury	86e51dad8a	Improve JCA aes alg model, add test	2025-02-05 13:39:48 -05:00
Kristen Newbury	5f355c7f55	Add first sample JCA encryption model	2025-02-04 11:55:09 -05:00
Nicolas Will	69a63855cc	Update CBOMGraph.ql	2025-01-29 21:55:57 +01:00
Nicolas Will	9af18bc100	WIP: add dgml/dot output/remove test code	2025-01-29 19:45:04 +01:00
REDMOND\brodes	0cd3df9d26	Concepts for elliptic cureve and misc. updates.	2025-01-29 10:27:46 -05:00