codeql

mirror of https://github.com/github/codeql.git synced 2026-04-14 19:44:03 +02:00

Author	SHA1	Message	Date
$REDMOND\brodes$ REDMOND\brodes	c98e6d7c56	Adding a stub EVP_CIpher_Operation for EVP_PKEY, this probably should be made into it's own class, hence it is a stub with comments.	2025-03-11 14:49:07 -04:00
$REDMOND\brodes$ REDMOND\brodes	a9458ba762	Formatting, removing dead comments,	2025-03-11 14:48:38 -04:00
$REDMOND\brodes$ REDMOND\brodes	d988afd4a4	Adding an EVP_AASYM_CIPHER_fetch getter.	2025-03-11 14:47:10 -04:00
$REDMOND\brodes$ REDMOND\brodes	7757279908	Adding a KDF algorithm getter.	2025-03-11 14:46:36 -04:00
$REDMOND\brodes$ REDMOND\brodes	44b1e921d6	commenting out hash size for now, TODO	2025-03-11 14:10:04 -04:00
$REDMOND\brodes$ REDMOND\brodes	085e8d40fd	Hash nodes have instances.	2025-03-11 14:06:36 -04:00
$REDMOND\brodes$ REDMOND\brodes	f69b057893	Updating OpenSSLKnownAlgorithmConstants.qll (a few bugs) and also enforcing that known key sizes are on the normalized name (need to re-visit for GOST).	2025-03-11 13:35:44 -04:00
$REDMOND\brodes$ REDMOND\brodes	ae574f7cf2	Resolving hash and cipher types for openssl not using literals but KnownOpenSSLAlgorithmConstant.	2025-03-11 13:35:02 -04:00
$REDMOND\brodes$ REDMOND\brodes	f72efa638a	Uncommenting out generic dataflow	2025-03-10 16:12:53 -04:00
$REDMOND\brodes$ REDMOND\brodes	c83cb533ce	Adding an instantiation of the additional flow step class to automatically apply to generic dataflow. Flow step passthrough comes from the algorithm to getter flow passthroughs.	2025-03-10 15:56:01 -04:00
$REDMOND\brodes$ REDMOND\brodes	036035b6a2	Adding modeling for OpenSSL random number generation.	2025-03-10 15:04:19 -04:00
$REDMOND\brodes$ REDMOND\brodes	fe52351aed	Stubbing out hash operation node, borrowing from cipher operaiton node	2025-03-10 14:10:55 -04:00
$REDMOND\brodes$ REDMOND\brodes	73368ea59a	Adding hashes to openssl library import	2025-03-10 13:27:39 -04:00
$REDMOND\brodes$ REDMOND\brodes	0672027822	Tracing new notion of known getters, which now includes direct getters for cipher and hash. Removed a redundant hash qll, and fixed misplacement of has type in model.	2025-03-10 11:46:26 -04:00
$REDMOND\brodes$ REDMOND\brodes	451808616e	Getting rid of commented out code.	2025-03-10 11:35:16 -04:00
$REDMOND\brodes$ REDMOND\brodes	bd07b8a4c7	Making getter flow through 'copy' more general (copy can appear in any part of the call name now.	2025-03-10 11:34:26 -04:00
$REDMOND\brodes$ REDMOND\brodes	6a4659fc7e	Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5())	2025-03-10 11:33:46 -04:00
$REDMOND\brodes$ REDMOND\brodes	3316d6135d	Ctx flow comments.	2025-03-10 11:32:14 -04:00
$REDMOND\brodes$ REDMOND\brodes	d99812a10d	Adding GOSTHash to THashType.	2025-03-10 09:59:28 -04:00
$REDMOND\brodes$ REDMOND\brodes	64241caf1d	Merge branch 'brodes/cipher_operation' of https://github.com/nicolaswill/codeql into brodes/cipher_operation	2025-03-07 14:25:13 -05:00
$REDMOND\brodes$ REDMOND\brodes	bac0a635f9	Initial hash models for openssl.	2025-03-07 14:24:01 -05:00
Nicolas Will	47affa0fed	Restore location output for nodes	2025-03-07 18:30:58 +01:00
$REDMOND\brodes$ REDMOND\brodes	cf72fde911	Fixing cross product in getPropertyAsGraphString (parameter `root` not bound in all cases, fixing using a bindingetset)	2025-03-07 12:11:12 -05:00
$REDMOND\brodes$ REDMOND\brodes	32d29ffde3	Changed casing on TCipherType, Added some initial fixes for hash support, started developing openssl hashing modeling.	2025-03-07 10:02:36 -05:00
$REDMOND\brodes$ REDMOND\brodes	b9bd199432	Regression fixes for JCA	2025-03-06 13:39:23 -05:00
$REDMOND\brodes$ REDMOND\brodes	6083df2b7f	Completed tying algorithm instances to consumers. Now the model should have known literals for cipher instances, and it traces those instances to consumers (inits) and those inits are traced to cipher operations.	2025-03-05 15:48:08 -05:00
$REDMOND\brodes$ REDMOND\brodes	de3ff45cba	Misc updates for OpenSSL modeling to trace algorithm literals to known alg getters, and converting the literal to a TCipherType.	2025-03-05 15:17:52 -05:00
$REDMOND\brodes$ REDMOND\brodes	cce5f24b38	Initial OpenSSL modeling work.	2025-03-04 15:52:57 -05:00
$REDMOND\brodes$ REDMOND\brodes	8865d89fe9	Removing old ReusedNonce query.	2025-03-03 16:51:30 -05:00
$REDMOND\brodes$ REDMOND\brodes	2ee1681126	Adding a proof-of-concept PossibleReusedNonce query.	2025-03-03 15:09:27 -05:00
$REDMOND\brodes$ REDMOND\brodes	14cb2bb12f	Updates to insecure or unknown nonce at operation.	2025-03-03 14:42:50 -05:00
$REDMOND\brodes$ REDMOND\brodes	076f53147d	Proof-of-concept query for InsecureOrUnknownNonceAtOperation	2025-03-03 13:53:16 -05:00
Nicolas Will	627790f98b	Clean up consumer and instance interfaces	2025-03-03 19:06:53 +01:00
Nicolas Will	cf33cf7653	Add input and output nodes and fix cross product	2025-02-28 15:21:46 +01:00
Nicolas Will	0354afc365	Make ArtifactConsumers instances of some Artifacts TODO: refactor the interfaces	2025-02-27 15:54:38 +01:00
Nicolas Will	ef0614ad45	Restore removed node location output	2025-02-27 05:45:27 +01:00
Nicolas Will	04f4683399	Rewrite handling of known unknowns and data-flow	2025-02-27 05:42:02 +01:00
Nicolas Will	f55f27b0d9	Expand handling of generic artifact sources	2025-02-25 18:22:38 +01:00
Nicolas Will	eb91ecf1fb	Add generic artifact data-flow The relation between RNG and other artifacts has been added Nonce has been completed to report its source	2025-02-25 02:53:13 +01:00
Nicolas Will	2b0b927b0b	Add Nonce association to Operation, update graph	2025-02-24 17:37:41 +01:00
$REDMOND\brodes$ REDMOND\brodes	86cab46b8d	Misc. updates to support all JCA cipher operations, including wrap, unwrap and doFinal calls. Corrected pathing for init tracing to detect what mode is being set along a path. Added support for tracing the init operation mode argument to source. Since this involved creating an Operation Mode, changes were also made to make cipher block modes (CBC) more explicit (previously just called mode, but now that term is used for various purposes).	2025-02-21 12:53:35 -05:00
$REDMOND\brodes$ REDMOND\brodes	9ac9252f75	Adding a todo	2025-02-20 11:11:41 -05:00
$REDMOND\brodes$ REDMOND\brodes	011ed3fbfd	Simplifying additional flow step logic.	2025-02-20 11:10:24 -05:00
$REDMOND\brodes$ REDMOND\brodes	83dc5b9906	Fixing type bug	2025-02-20 10:45:33 -05:00
$REDMOND\brodes$ REDMOND\brodes	9ee4a7a7b8	Adding a sketch for a CipherOperation concept to model encryption/decryption operations.	2025-02-20 10:37:40 -05:00
$REDMOND\brodes$ REDMOND\brodes	3871c6a33e	Adding support for encryption operation detection.	2025-02-18 16:09:00 -05:00
Nicolas Will	8707e4d9a3	Continue Artifact data-flow WIP	2025-02-18 18:35:49 +01:00
Nicolas Will	df01fa7a9c	Expand model and JCA modeling	2025-02-17 00:16:08 +01:00
Nicolas Will	b777a22d35	Expand model and specialize newtype relations	2025-02-14 23:43:07 +01:00
Nicolas Will	874e3b5e06	Modify model to use newtypes, expand modeling	2025-02-12 17:58:15 +01:00

1 2 3 4 5 ...

74500 Commits