Anders Schack-Mulligen
dc6d3fe7ba
Use flowFrom.
2025-12-03 14:04:18 +01:00
Felicity Chapman
caf6b950ac
Remove trailing periods from @name metadata in query files
...
Fixed 73 .ql query files where the @name metadata contained an ending period.
This ensures consistency with the CodeQL query metadata style guidelines.
2025-11-26 14:29:51 +00:00
Anders Schack-Mulligen
f4b9efcdce
Java: Replace getAUse with getARead.
2025-11-12 09:06:18 +01:00
Nicolas Will
d4787520fd
Merge pull request #20690 from bdrodes/weak_symmetric_cipher_bug
...
Crypto: Fix bug in weak symmetric cipher query
2025-10-24 22:38:07 +02:00
REDMOND\brodes
65d0ca9e53
Crypto: Simplifying expression for ql-for-ql alert.
2025-10-24 14:08:25 -04:00
REDMOND\brodes
0394816756
Crypto: typo fix
2025-10-24 14:06:52 -04:00
REDMOND\brodes
b20689fa46
Crypto: removing comments
2025-10-24 14:06:08 -04:00
REDMOND\brodes
0e624f51d5
Crypto: Adding bad decrypt then mac order query. Fixes to BadMacOrderMacOnEncryptPlaintext as well.
2025-10-24 12:44:28 -04:00
REDMOND\brodes
ed492c7d5a
Crypto: Fixed bug in WeakSymmetricCipher.qll, forgot to not only filter if !=AES but the algorithm must still be a SymmetriCipher algorithm.
2025-10-24 08:16:22 -04:00
REDMOND\brodes
dd60cf9395
Crypto: Adjust output of bad mac order queries, update associated bad mac order expected results, fix erroneous change to ID for a slicing query, update model to specify elliptic curve type as a property, update associated graph test expected files, update the not_included_in_qls.expected to reflect all queries now under quantum.
2025-10-22 10:29:31 -04:00
REDMOND\brodes
c50175bc9b
Crypto: ql-for-ql alert fixes.
2025-10-21 10:32:00 -04:00
REDMOND\brodes
22c0f9fa91
Crypto: Adding a proof of concept bad mac ordering predicate that takes in an ArtifactNode to be used for graph generation to intercept nodes with known mac ordering issues, in order to format the node and output error messages in the graph.
2025-10-20 16:24:31 -04:00
REDMOND\brodes
eff94ef91f
Crypto: To allow for graph generation to have properties informed by assessments, altering a few queries weak/vuln/bad crypto to have qll files that can be accessed for other purposes, like graph generation. Also altering weak symmetric cipher to look for non-aes algorithms to be more comprehensive.
2025-10-20 15:51:07 -04:00
Ben Rodes
2b683c210f
Merge branch 'main' into santander-java-crypto-check
2025-10-18 17:56:43 -04:00
REDMOND\brodes
c01c060476
Crypto: more ID renaming to include "examples", fix singleton issues with ql-for-ql, use formatted test for WeakAsymmetricKeyGenSize (add post processing in the qlref), misc expected files updated (test passed locally but on rerun vscode reports failures, known bug with vscode unit tests).
2025-10-17 14:13:53 -04:00
REDMOND\brodes
b06e05362b
Crypto: altering all query IDs in examples to have "examples" in the ID, to make clear the query is not intended for production.
2025-10-17 13:39:50 -04:00
REDMOND\brodes
1b205d8673
Removing WeakRSA, this is redundant with weak asymmetric key size.
2025-10-17 13:39:05 -04:00
REDMOND\brodes
628bab92fc
Crypto: Modify BadMacOrderMacOnEncryptPlaintext to be a path query that traces through any intermediate encrypt or mac to the final encrypt or mac.
2025-10-17 12:06:34 -04:00
REDMOND\brodes
ff7840dc9f
Crypto: removing precision tags on experimental queries.
2025-10-17 10:52:32 -04:00
REDMOND\brodes
ef6f0222f2
Crypto: Addressing FPs in BadMacOrderMacOnEncryptPlaintext
2025-10-16 16:11:42 -04:00
REDMOND\brodes
700f34e53a
Crypto: Bad Mac use tests, and fix for BadMacOrderMacOnEncryptPlaintext (barriers were blocking flow through an encrypt to a subsequent mac on the same plaintext)
2025-10-16 15:44:57 -04:00
REDMOND\brodes
79ccef3a58
Crypto: Initial sketch for unknown hash, the model needs to recognize unknowns but where the algorithm category (e.g., hashing) is known.
2025-10-16 11:03:16 -04:00
REDMOND\brodes
15e266db94
Crypto: Tweaks to bad crypto ordering queries.
2025-10-15 14:20:40 -04:00
REDMOND\brodes
c6174fbb93
Crypto: remove precision tag
2025-10-15 14:10:16 -04:00
REDMOND\brodes
c7be23e1fe
Crypto: Remove all precision tags from all experimental queries. Precision is largely in flux while the models are being developed.
2025-10-15 09:22:04 -04:00
REDMOND\brodes
bf9a249624
Crypto: Experimental queries for mac ordering
2025-10-15 08:06:50 -04:00
REDMOND\brodes
55bbcee301
Crypto: Make WeakAsymmetricKeyGenSize a path problem.
2025-10-13 17:04:29 -04:00
REDMOND\brodes
7e8acd76c3
Crypto: Update WeakAsymmetricKeyGenSize to a path problem.
2025-10-13 15:48:32 -04:00
REDMOND\brodes
8b5a42328e
Crypto: Convert ReusedNonce.ql into a path problem.
2025-10-13 15:34:41 -04:00
REDMOND\brodes
7847e92670
Crypto: Update KDF iteration and count to be path problems
2025-10-13 15:30:53 -04:00
REDMOND\brodes
76128ed8dc
Crypto: Update InsecureIVorNonce to be a path problem.
2025-10-13 15:29:57 -04:00
REDMOND\brodes
4b241d7065
Crypto: adding initial weak hash query overhaul and tests, but no expected file yet.
2025-10-13 12:04:51 -04:00
Joe Farebrother
c4781146c0
Remove experimental query and tests
2025-10-13 14:51:10 +01:00
REDMOND\brodes
e76ced1513
Crypto: Updating weak asymmetric key gen to include key exchange.
2025-10-10 15:32:39 -04:00
REDMOND\brodes
d68f3cff8b
Crypto: InsecureIVorNonceSource now ignored null to avoid being too noisy.
2025-10-10 14:51:16 -04:00
REDMOND\brodes
36673659ad
Crypto: Weak asymmetric key gen size fixes and test.
2025-10-10 14:49:35 -04:00
REDMOND\brodes
758759a304
Crypto: Reused nonce query updates and test updates to address false positives.
2025-10-10 12:25:31 -04:00
REDMOND\brodes
fba80870a6
Crypto: Example query reorg - moving queries of this PR into 'examples' subdirectories.
2025-10-09 09:03:00 -04:00
REDMOND\brodes
deb43735be
Crypto: Minor fixes to WeakSymmetricCipher, change to a singular name for consistency.
2025-10-09 08:39:39 -04:00
REDMOND\brodes
3dedda4233
Merge branch 'santander-java-crypto-check' of https://github.com/bdrodes/codeql into santander-java-crypto-check
2025-10-09 08:18:04 -04:00
REDMOND\brodes
c6cc4fff51
Crypto: Minor fixes to WeakBlockModes, WeakHash to consider SHA3 ok, Added unknown hash.
2025-10-09 08:16:28 -04:00
Nicolas Will
fdba3acc4b
Crypto: Fix QL-for-QL alert and auto-format
2025-10-09 13:59:51 +02:00
REDMOND\brodes
f524de4afc
Crypto: Updating insecure iv/nonce to consider if an operation is known for it, and if so do not alert on non-secure random if it is tied to decryption
2025-10-08 16:27:18 -04:00
REDMOND\brodes
11e81395b5
Crypto: Updated default flows to use taint tracking (this is needed to fix false positives in the unknown IV/Nonce query). Add the unknown IV/Nonce query and associated test cases. Fix unknown IV/Nonce query to focus on cases where the oepration isn't known or the operation subtype is not encrypt or wrap.
2025-10-08 14:14:17 -04:00
REDMOND\brodes
8e10e1937d
Crypto: Adding query for unknown IV initialization.
2025-10-08 12:49:54 -04:00
REDMOND\brodes
83ff70bcd8
Crypto: Adding tests for insecure iv or nonce. Updating generic literal sources to include array literals.
2025-10-08 12:47:58 -04:00
REDMOND\brodes
bd34b6ce02
Crypto: Removing JCA model of random, need to reassess this as this impacts the insecure IV/Nonce query. Updated name of the Insecure nonce query to be InsecureIVorNonce
2025-10-08 11:41:21 -04:00
REDMOND\brodes
143be8cc35
Crypto: Remove redundant queries.
2025-10-08 10:26:05 -04:00
REDMOND\brodes
1b1b333e8b
Crypto: Modify suggested queries per misc. side conversations on standards. Remove redundant query. Fix QL-for-QL issues.
2025-10-08 10:21:06 -04:00
Mark C
f38ab45e94
removed all @security.severity ratings to keep the main impartial
2025-10-01 17:49:45 +01:00