diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll index f802e58d0a76..c2660c9770ec 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll @@ -49,7 +49,9 @@ module KnownOpenSslAlgorithmToAlgorithmValueConsumerFlow = DataFlow::Global; module RsaPaddingAlgorithmToPaddingAlgorithmValueConsumerConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source.asExpr() instanceof OpenSslPaddingLiteral } + predicate isSource(DataFlow::Node source) { + source.asExpr() instanceof OpenSslSpecialPaddingLiteral + } predicate isSink(DataFlow::Node sink) { exists(PaddingAlgorithmValueConsumer c | c.getInputNode() = sink) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll index 47ffd67924a6..e78b09dee7a5 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll @@ -2,12 +2,10 @@ import cpp private import experimental.quantum.Language private import KnownAlgorithmConstants private import Crypto::KeyOpAlg as KeyOpAlg -private import OpenSSLAlgorithmInstanceBase -private import PaddingAlgorithmInstance -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer +private import experimental.quantum.OpenSSL.Operations.OpenSSLOperationBase +private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers +private import OpenSSLAlgorithmInstances private import AlgToAVCFlow -private import BlockAlgorithmInstance /** * Given a `KnownOpenSslCipherAlgorithmExpr`, converts this to a cipher family type. @@ -97,10 +95,13 @@ class KnownOpenSslCipherConstantAlgorithmInstance extends OpenSslAlgorithmInstan } override Crypto::PaddingAlgorithmInstance getPaddingAlgorithm() { - //TODO: the padding is either self, or it flows through getter ctx to a set padding call - // like EVP_PKEY_CTX_set_rsa_padding result = this - // TODO or trace through getter ctx to set padding + or + exists(OperationStep s | + this.getAvc().(AvcContextCreationStep).flowsToOperationStep(s) and + s.getAlgorithmValueConsumerForInput(PaddingAlgorithmIO()) = + result.(OpenSslAlgorithmInstance).getAvc() + ) } override string getRawAlgorithmName() { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll index 97b183b7e7d3..b6d6112e1c6c 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll @@ -2,12 +2,13 @@ import cpp private import experimental.quantum.Language private import KnownAlgorithmConstants private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers -private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstanceBase +private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstances private import experimental.quantum.OpenSSL.Operations.OpenSSLOperations +private import Crypto::KeyOpAlg as KeyOpAlg private import AlgToAVCFlow class KnownOpenSslMacConstantAlgorithmInstance extends OpenSslAlgorithmInstance, - Crypto::MacAlgorithmInstance instanceof KnownOpenSslMacAlgorithmExpr + Crypto::KeyOperationAlgorithmInstance instanceof KnownOpenSslMacAlgorithmExpr { OpenSslAlgorithmValueConsumer getterCall; @@ -33,17 +34,34 @@ class KnownOpenSslMacConstantAlgorithmInstance extends OpenSslAlgorithmInstance, override OpenSslAlgorithmValueConsumer getAvc() { result = getterCall } - override string getRawMacAlgorithmName() { + override string getRawAlgorithmName() { result = this.(Literal).getValue().toString() or result = this.(Call).getTarget().getName() } - override Crypto::MacType getMacType() { - this instanceof KnownOpenSslHMacAlgorithmExpr and result = Crypto::HMAC() - or - this instanceof KnownOpenSslCMacAlgorithmExpr and result = Crypto::CMAC() + override Crypto::KeyOpAlg::AlgorithmType getAlgorithmType() { + if this instanceof KnownOpenSslHMacAlgorithmExpr + then result = KeyOpAlg::TMac(KeyOpAlg::HMAC()) + else + if this instanceof KnownOpenSslCMacAlgorithmExpr + then result = KeyOpAlg::TMac(KeyOpAlg::CMAC()) + else result = KeyOpAlg::TMac(KeyOpAlg::OtherMacAlgorithmType()) + } + + override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { + // TODO: trace to any key size initializer? + none() + } + + override int getKeySizeFixed() { + // TODO: are there known fixed key sizes to consider? + none() } + + override Crypto::ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() { none() } + + override Crypto::PaddingAlgorithmInstance getPaddingAlgorithm() { none() } } class KnownOpenSslHMacConstantAlgorithmInstance extends Crypto::HmacAlgorithmInstance, @@ -60,9 +78,13 @@ class KnownOpenSslHMacConstantAlgorithmInstance extends Crypto::HmacAlgorithmIns // where the current AVC traces to a HashAlgorithmIO consuming operation step. // TODO: need to consider getting reset values, tracing down to the first set for now exists(OperationStep s, AvcContextCreationStep avc | - avc = this.getAvc() and + avc = super.getAvc() and avc.flowsToOperationStep(s) and s.getAlgorithmValueConsumerForInput(HashAlgorithmIO()) = result ) } + + override Crypto::ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() { none() } + + override Crypto::PaddingAlgorithmInstance getPaddingAlgorithm() { none() } } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll index d487e05d0660..c9d2c7a21b6b 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll @@ -1,10 +1,10 @@ import cpp private import experimental.quantum.Language private import OpenSSLAlgorithmInstanceBase +private import experimental.quantum.OpenSSL.Operations.OpenSSLOperationBase private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmConstants private import AlgToAVCFlow -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase +private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers private import codeql.quantum.experimental.Standardization::Types::KeyOpAlg as KeyOpAlg /** @@ -18,13 +18,14 @@ private import codeql.quantum.experimental.Standardization::Types::KeyOpAlg as K * # define RSA_PKCS1_WITH_TLS_PADDING 7 * # define RSA_PKCS1_NO_IMPLICIT_REJECT_PADDING 8 */ -class OpenSslPaddingLiteral extends Literal { +class OpenSslSpecialPaddingLiteral extends Literal { // TODO: we can be more specific about where the literal is in a larger expression // to avoid literals that are clealy not representing an algorithm, e.g., array indices. - OpenSslPaddingLiteral() { this.getValue().toInt() in [0, 1, 3, 4, 5, 6, 7, 8] } + OpenSslSpecialPaddingLiteral() { this.getValue().toInt() in [0, 1, 3, 4, 5, 6, 7, 8] } } /** + * Holds if `e` has the given `type`. * Given a `KnownOpenSslPaddingAlgorithmExpr`, converts this to a padding family type. * Does not bind if there is no mapping (no mapping to 'unknown' or 'other'). */ @@ -45,9 +46,6 @@ predicate knownOpenSslConstantToPaddingFamilyType( ) } -//abstract class OpenSslPaddingAlgorithmInstance extends OpenSslAlgorithmInstance, Crypto::PaddingAlgorithmInstance{} -// TODO: need to alter this to include known padding constants which don't have the -// same mechanics as those with known nids class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInstance, Crypto::PaddingAlgorithmInstance instanceof Expr { @@ -79,7 +77,7 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta isPaddingSpecificConsumer = false or // Possibility 3: padding-specific literal - this instanceof OpenSslPaddingLiteral and + this instanceof OpenSslSpecialPaddingLiteral and exists(DataFlow::Node src, DataFlow::Node sink | // Sink is an argument to a CipherGetterCall sink = getterCall.getInputNode() and @@ -124,44 +122,6 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta } } -// // Values used for EVP_PKEY_CTX_set_rsa_padding, these are -// // not the same as 'typical' constants found in the set of known algorithm constants -// // they do not have an NID -// // TODO: what about setting the padding directly? -// class KnownRSAPaddingConstant extends OpenSslPaddingAlgorithmInstance, Crypto::PaddingAlgorithmInstance instanceof Literal -// { -// KnownRSAPaddingConstant() { -// // from rsa.h in openssl: -// // # define RSA_PKCS1_PADDING 1 -// // # define RSA_NO_PADDING 3 -// // # define RSA_PKCS1_OAEP_PADDING 4 -// // # define RSA_X931_PADDING 5 -// // /* EVP_PKEY_ only */ -// // # define RSA_PKCS1_PSS_PADDING 6 -// // # define RSA_PKCS1_WITH_TLS_PADDING 7 -// // /* internal RSA_ only */ -// // # define RSA_PKCS1_NO_IMPLICIT_REJECT_PADDING 8 -// this instanceof Literal and -// this.getValue().toInt() in [0, 1, 3, 4, 5, 6, 7, 8] -// // TODO: trace to padding-specific consumers -// RsaPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow -// } -// override string getRawPaddingAlgorithmName() { result = this.(Literal).getValue().toString() } -// override Crypto::TPaddingType getPaddingType() { -// if this.(Literal).getValue().toInt() in [1, 6, 7, 8] -// then result = Crypto::PKCS1_v1_5() -// else -// if this.(Literal).getValue().toInt() = 3 -// then result = Crypto::NoPadding() -// else -// if this.(Literal).getValue().toInt() = 4 -// then result = Crypto::OAEP() -// else -// if this.(Literal).getValue().toInt() = 5 -// then result = Crypto::ANSI_X9_23() -// else result = Crypto::OtherPadding() -// } -// } class OaepPaddingAlgorithmInstance extends Crypto::OaepPaddingAlgorithmInstance, KnownOpenSslPaddingConstantAlgorithmInstance { @@ -170,10 +130,18 @@ class OaepPaddingAlgorithmInstance extends Crypto::OaepPaddingAlgorithmInstance, } override Crypto::HashAlgorithmInstance getOaepEncodingHashAlgorithm() { - none() //TODO + exists(OperationStep s | + this.getAvc().(AvcContextCreationStep).flowsToOperationStep(s) and + s.getAlgorithmValueConsumerForInput(HashAlgorithmOaepIO()) = + result.(OpenSslAlgorithmInstance).getAvc() + ) } override Crypto::HashAlgorithmInstance getMgf1HashAlgorithm() { - none() //TODO + exists(OperationStep s | + this.getAvc().(AvcContextCreationStep).flowsToOperationStep(s) and + s.getAlgorithmValueConsumerForInput(HashAlgorithmMgf1IO()) = + result.(OpenSslAlgorithmInstance).getAvc() + ) } } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll index 44e30ddf9fc9..d5fe4e383f4d 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll @@ -3,6 +3,26 @@ private import OpenSSLOperationBase private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers import EVPPKeyCtxInitializer +/** + * A base class for all final cipher operation steps. + */ +abstract class FinalCipherOperationStep extends OperationStep { + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * A base configuration for all EVP cipher operations. + */ +abstract class EvpCipherOperationFinalStep extends FinalCipherOperationStep { + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } +} + /** * A base class for all EVP cipher operations. */ @@ -155,21 +175,6 @@ class EvpCipherUpdateCall extends OperationStep { override OperationStepType getStepType() { result = UpdateStep() } } -/** - * A base configuration for all EVP cipher operations. - */ -abstract class EvpCipherOperationFinalStep extends OperationStep { - override DataFlow::Node getInput(IOType type) { - result.asExpr() = this.getArgument(0) and type = ContextIO() - } - - override DataFlow::Node getOutput(IOType type) { - result.asExpr() = this.getArgument(0) and type = ContextIO() - } - - override OperationStepType getStepType() { result = FinalStep() } -} - /** * A Call to EVP_Cipher. */ @@ -216,7 +221,14 @@ class EvpCipherFinalCall extends EvpCipherOperationFinalStep { */ class EvpPKeyCipherOperation extends EvpCipherOperationFinalStep { EvpPKeyCipherOperation() { - this.getTarget().getName() in ["EVP_PKEY_encrypt", "EVP_PKEY_decrypt"] + this.getTarget().getName() in ["EVP_PKEY_encrypt", "EVP_PKEY_decrypt"] and + // TODO: for now ignore this operation entirely if it is setting the cipher text to null + // this needs to be re-evalauted if this scenario sets other values worth tracking + ( + exists(this.(Call).getArgument(1).getValue()) + implies + this.(Call).getArgument(1).getValue().toInt() != 0 + ) } override DataFlow::Node getInput(IOType type) { @@ -228,16 +240,31 @@ class EvpPKeyCipherOperation extends EvpCipherOperationFinalStep { override DataFlow::Node getOutput(IOType type) { super.getOutput(type) = result or - result.asExpr() = this.getArgument(1) and type = CiphertextIO() + result.asExpr() = this.getArgument(1) and + type = CiphertextIO() and + this.getStepType() = FinalStep() // TODO: could indicate text lengths here, as well } + + override OperationStepType getStepType() { + // When the output buffer is null, the step is not a final step + // it is used to get the buffer size, if 0 consider it an initialization step + // NOTE/TODO: not tracing 0 to the arg, just looking for 0 directly in param + // the assumption is this is the common case, but we may want to make this more + // robust and support a dataflow. + result = FinalStep() and + (exists(super.getArgument(1).getValue()) implies super.getArgument(1).getValue().toInt() != 0) + or + result = InitializerStep() and + super.getArgument(1).getValue().toInt() = 0 + } } /** * An EVP cipher operation instance. * Any operation step that is a final operation step for EVP cipher operation steps. */ -class EvpCipherOperationInstance extends Crypto::KeyOperationInstance instanceof EvpCipherOperationFinalStep +class OpenSslCipherOperationInstance extends Crypto::KeyOperationInstance instanceof FinalCipherOperationStep { override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { super.getPrimaryAlgorithmValueConsumer() = result diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll index 2208407e53ca..9d9b14c6d2fc 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll @@ -71,19 +71,42 @@ class EvpCtxSetEcParamgenCurveNidInitializer extends OperationStep { * - `EVP_PKEY_CTX_set_ecdh_kdf_md` */ class EvpCtxSetHashInitializer extends OperationStep { + boolean isOaep; + boolean isMgf1; + EvpCtxSetHashInitializer() { this.getTarget().getName() in [ - "EVP_PKEY_CTX_set_signature_md", "EVP_PKEY_CTX_set_rsa_mgf1_md_name", - "EVP_PKEY_CTX_set_rsa_mgf1_md", "EVP_PKEY_CTX_set_rsa_oaep_md_name", - "EVP_PKEY_CTX_set_rsa_oaep_md", "EVP_PKEY_CTX_set_dsa_paramgen_md", + "EVP_PKEY_CTX_set_signature_md", "EVP_PKEY_CTX_set_dsa_paramgen_md", "EVP_PKEY_CTX_set_dh_kdf_md", "EVP_PKEY_CTX_set_ecdh_kdf_md" - ] + ] and + isOaep = false and + isMgf1 = false + or + this.getTarget().getName() in [ + "EVP_PKEY_CTX_set_rsa_mgf1_md_name", "EVP_PKEY_CTX_set_rsa_mgf1_md" + ] and + isOaep = false and + isMgf1 = true + or + this.getTarget().getName() in [ + "EVP_PKEY_CTX_set_rsa_oaep_md_name", + "EVP_PKEY_CTX_set_rsa_oaep_md" + ] and + isOaep = true and + isMgf1 = false } override DataFlow::Node getInput(IOType type) { result.asExpr() = this.getArgument(0) and type = ContextIO() or - result.asExpr() = this.getArgument(1) and type = HashAlgorithmIO() + result.asExpr() = this.getArgument(1) and + type = HashAlgorithmIO() and + isOaep = false and + isMgf1 = false + or + result.asExpr() = this.getArgument(1) and type = HashAlgorithmOaepIO() and isOaep = true + or + result.asExpr() = this.getArgument(1) and type = HashAlgorithmMgf1IO() and isMgf1 = true } override DataFlow::Node getOutput(IOType type) { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll index 1878bfbe09f2..1922f04c3c64 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll @@ -6,6 +6,13 @@ private import experimental.quantum.Language private import OpenSSLOperationBase private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers +/** + * A base class for final digest operations. + */ +abstract class FinalDigestOperation extends OperationStep { + override OperationStepType getStepType() { result = FinalStep() } +} + /** * A call to and EVP digest initializer, such as: * - `EVP_DigestInit` @@ -51,18 +58,11 @@ class EvpDigestUpdateCall extends OperationStep instanceof Call { override OperationStepType getStepType() { result = UpdateStep() } } -/** - * A base class for final digest operations. - */ -abstract class EvpFinalDigestOperationStep extends OperationStep { - override OperationStepType getStepType() { result = FinalStep() } -} - /** * A call to `EVP_Q_digest` * https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis */ -class EvpQDigestOperation extends EvpFinalDigestOperationStep instanceof Call { +class EvpQDigestOperation extends FinalDigestOperation instanceof Call { EvpQDigestOperation() { this.getTarget().getName() = "EVP_Q_digest" } override DataFlow::Node getInput(IOType type) { @@ -81,7 +81,7 @@ class EvpQDigestOperation extends EvpFinalDigestOperationStep instanceof Call { } } -class EvpDigestOperation extends EvpFinalDigestOperationStep instanceof Call { +class EvpDigestOperation extends FinalDigestOperation instanceof Call { EvpDigestOperation() { this.getTarget().getName() = "EVP_Digest" } override DataFlow::Node getInput(IOType type) { @@ -98,7 +98,7 @@ class EvpDigestOperation extends EvpFinalDigestOperationStep instanceof Call { /** * A call to EVP_DigestFinal variants */ -class EvpDigestFinalCall extends EvpFinalDigestOperationStep instanceof Call { +class EvpDigestFinalCall extends FinalDigestOperation instanceof Call { EvpDigestFinalCall() { this.getTarget().getName() in ["EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF"] } @@ -118,7 +118,7 @@ class EvpDigestFinalCall extends EvpFinalDigestOperationStep instanceof Call { /** * An openssl digest final hash operation instance */ -class EvpDigestFinalOperationInstance extends Crypto::HashOperationInstance instanceof EvpFinalDigestOperationStep +class OpenSslDigestFinalOperationInstance extends Crypto::HashOperationInstance instanceof FinalDigestOperation { override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { super.getPrimaryAlgorithmValueConsumer() = result diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll index 2c146aec97f5..0685938b8850 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll @@ -43,6 +43,9 @@ class EvpKeyGenInitialize extends OperationStep { override OperationStepType getStepType() { result = InitializerStep() } } +/** + * A base class for final key generation operation steps. + */ abstract class KeyGenFinalOperationStep extends OperationStep { override OperationStepType getStepType() { result = FinalStep() } } @@ -165,7 +168,7 @@ class EvpNewMacKey extends KeyGenFinalOperationStep { /** * An `KeyGenerationOperationInstance` for the for all key gen final operation steps. */ -class KeyGenOperationInstance extends Crypto::KeyGenerationOperationInstance instanceof KeyGenFinalOperationStep +class OpenSslKeyGenOperationInstance extends Crypto::KeyGenerationOperationInstance instanceof KeyGenFinalOperationStep { override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { super.getPrimaryAlgorithmValueConsumer() = result diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll index f1ab394ad787..bddb7ef0728c 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll @@ -58,7 +58,11 @@ newtype TIOType = // For OSSL_PARAM and OSSL_LIB_CTX use of OsslParamIO and OsslLibContextIO ContextIO() or DigestIO() or + // For OAEP and MGF1 hashes, there is a special IO type for these hashes + // it is recommended to set the most explicit type known, not both HashAlgorithmIO() or + HashAlgorithmOaepIO() or + HashAlgorithmMgf1IO() or IVorNonceIO() or KeyIO() or KeyOperationSubtypeIO() or @@ -123,7 +127,6 @@ class IOType extends TIOType { } } -//TODO: add more initializers as needed /** * The type of step in an `OperationStep`. * - `ContextCreationStep`: the creation of a context from an algorithm or key. @@ -245,8 +248,10 @@ abstract class OperationStep extends Call { /** * Gets an AVC for the primary algorithm for this operation. - * A primary algorithm is an AVC that flows to a ctx input directly or - * an AVC that flows to a primary algorithm input directly. + * A primary algorithm is an AVC that either: + * 1) flows to a ctx input directly or + * 2) flows to a primary algorithm input directly + * 3) flows to a key input directly (algorithm held in a key will be considered primary) * See `AvcContextCreationStep` for details about resetting scenarios. * Gets the first OperationStep an AVC flows to. If a context input, * the AVC is considered primary. @@ -254,18 +259,19 @@ abstract class OperationStep extends Call { * operation step (dominating operation step, see `getDominatingInitializersToStep`). */ Crypto::AlgorithmValueConsumer getPrimaryAlgorithmValueConsumer() { - exists(DataFlow::Node src, DataFlow::Node sink, IOType t, OperationStep avcSucc | - (t = PrimaryAlgorithmIO() or t = ContextIO()) and - avcSucc.flowsToOperationStep(this) and + exists(DataFlow::Node src, DataFlow::Node sink, IOType t, OperationStep avcConsumingPred | + (t = PrimaryAlgorithmIO() or t = ContextIO() or t = KeyIO()) and + avcConsumingPred.flowsToOperationStep(this) and src.asExpr() = result and - sink = avcSucc.getInput(t) and + sink = avcConsumingPred.getInput(t) and AvcToOperationStepFlow::flow(src, sink) and ( - // Case 1: the avcSucc step is a dominating initialization step - t = PrimaryAlgorithmIO() and - avcSucc = this.getDominatingInitializersToStep(PrimaryAlgorithmIO()) + // Case 1: the avcConsumingPred step is a dominating primary algorithm initialization step + // or dominating key initialization step + (t = PrimaryAlgorithmIO() or t = KeyIO()) and + avcConsumingPred = this.getDominatingInitializersToStep(t) or - // Case 2: the succ is a context input (any avcSucc is valid) + // Case 2: the pred is a context input t = ContextIO() ) ) @@ -277,6 +283,8 @@ abstract class OperationStep extends Call { * TODO: generalize to use this for `getPrimaryAlgorithmValueConsumer` */ Crypto::AlgorithmValueConsumer getAlgorithmValueConsumerForInput(IOType type) { + result = this and this.setsValue(type) + or exists(DataFlow::Node src, DataFlow::Node sink | AvcToOperationStepFlow::flow(src, sink) and src.asExpr() = result and @@ -387,7 +395,9 @@ private class CtxCopyReturnCall extends CtxPassThroughCall, CtxPointerExpr { override DataFlow::Node getNode2() { result.asExpr() = this } } -// TODO: is this still needed? +// TODO: is this still needed? It appears to be (tests fail without it) but +// I don't know why as EVP_PKEY_paramgen is an operation step and we pass through +// operation steps already. /** * A call to `EVP_PKEY_paramgen` acts as a kind of pass through. * It's output pkey is eventually used in a new operation generating @@ -414,28 +424,6 @@ private class CtxParamGenCall extends CtxPassThroughCall { override DataFlow::Node getNode2() { result = n2 } } -//TODO: I am not sure CallArgToCtxRet is needed anymore -/** - * If the current node is an argument to a function - * that returns a pointer type, immediately flow through. - * NOTE: this passthrough is required if we allow - * intermediate steps to go into variables that are not a CTX type. - * See for example `CtxParamGenCall`. - */ -private class CallArgToCtxRet extends CtxPassThroughCall, CtxPointerExpr { - DataFlow::Node n1; - DataFlow::Node n2; - - CallArgToCtxRet() { - this.getAnArgument() = n1.asExpr() and - n2.asExpr() = this - } - - override DataFlow::Node getNode1() { result = n1 } - - override DataFlow::Node getNode2() { result = n2 } -} - /** * A flow configuration from any non-final `OperationStep` to any other `OperationStep`. */ diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll index b9b498ee8df3..d097f68a4945 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll @@ -6,12 +6,24 @@ private import experimental.quantum.Language private import experimental.quantum.OpenSSL.AvcFlow private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers private import experimental.quantum.OpenSSL.Operations.OpenSSLOperations +private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstances -// TODO: verification functions /** * A base class for final signature operations. + * The operation must be known to always be a signature operation, + * and not a MAC operation. + * NOTE: even an operation that may be a mac or signature but is known to take in + * only signature configurations should extend `SignatureOrMacFinalOperation`. */ -abstract class EvpSignatureFinalOperation extends OperationStep { +abstract class SignatureFinalOperation extends OperationStep { + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * A base class for final signature or MAC operations. + * The operation must be known to always be a signature or MAC operation. + */ +abstract class SignatureOrMacFinalOperation extends OperationStep { override OperationStepType getStepType() { result = FinalStep() } } @@ -141,7 +153,7 @@ class EvpSignatureUpdateCall extends OperationStep { /** * A call to EVP_SignFinal or EVP_SignFinal_ex. */ -class EvpSignFinal extends EvpSignatureFinalOperation { +class EvpSignFinal extends SignatureFinalOperation { EvpSignFinal() { this.getTarget().getName() in ["EVP_SignFinal_ex", "EVP_SignFinal"] } override DataFlow::Node getInput(IOType type) { @@ -162,10 +174,10 @@ class EvpSignFinal extends EvpSignatureFinalOperation { } /** - * A call to EVP_DigestSign or EVP_PKEY_sign. + * A call to EVP_PKEY_sign. */ -class EvpDigestSign extends EvpSignatureFinalOperation { - EvpDigestSign() { this.getTarget().getName() in ["EVP_DigestSign", "EVP_PKEY_sign"] } +class EvpPkeySign extends SignatureFinalOperation { + EvpPkeySign() { this.getTarget().getName() = "EVP_PKEY_sign" } override DataFlow::Node getInput(IOType type) { result.asExpr() = this.getArgument(0) and type = ContextIO() @@ -181,15 +193,30 @@ class EvpDigestSign extends EvpSignatureFinalOperation { } /** - * A call to EVP_DigestSignFinal or EVP_PKEY_sign_message_final. + * A call to EVP_DigestSign. + * This is a mac or sign operation. */ -class EvpDigestAndPkeySignFinal extends EvpSignatureFinalOperation { - EvpDigestAndPkeySignFinal() { - this.getTarget().getName() in [ - "EVP_DigestSignFinal", - "EVP_PKEY_sign_message_final" - ] +class EvpDigestSign extends SignatureOrMacFinalOperation { + EvpDigestSign() { this.getTarget().getName() = "EVP_DigestSign" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(3) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SignatureIO() } +} + +/** + * A call to EVP_PKEY_sign_message_final. + */ +class EvpPkeySignFinal extends SignatureFinalOperation { + EvpPkeySignFinal() { this.getTarget().getName() = "EVP_PKEY_sign_message_final" } override DataFlow::Node getInput(IOType type) { result.asExpr() = this.getArgument(0) and type = ContextIO() @@ -205,9 +232,124 @@ class EvpDigestAndPkeySignFinal extends EvpSignatureFinalOperation { } /** - * An EVP signature operation instance. + * A call to EVP_DigestSignFinal. + * This is a mac or sign operation. + */ +class EvpDigestSignFinal extends SignatureOrMacFinalOperation { + EvpDigestSignFinal() { this.getTarget().getName() = "EVP_DigestSignFinal" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SignatureIO() + } + + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * A call to EVP_DigestVerifyInit or EVP_DigestVerifyInit_ex. + */ +class EvpDigestVerifyInit extends OperationStep { + EvpDigestVerifyInit() { + this.getTarget().getName() in ["EVP_DigestVerifyInit", "EVP_DigestVerifyInit_ex"] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(2) and type = HashAlgorithmIO() + or + this.getTarget().getName() = "EVP_DigestVerifyInit_ex" and + result.asExpr() = this.getArgument(3) and + type = OsslLibContextIO() + or + this.getTarget().getName() = "EVP_DigestVerifyInit_ex" and + result.asExpr() = this.getArgument(5) and + type = KeyIO() + or + this.getTarget().getName() = "EVP_DigestVerifyInit" and + result.asExpr() = this.getArgument(4) and + type = KeyIO() + or + this.getTarget().getName() = "EVP_DigestVerifyInit_ex" and + result.asExpr() = this.getArgument(6) and + type = OsslParamIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +/** + * A call to EVP_DigestVerifyUpdate. */ -class EvpSignatureOperationInstance extends Crypto::SignatureOperationInstance instanceof EvpSignatureFinalOperation +class EvpDigestVerifyUpdate extends OperationStep { + EvpDigestVerifyUpdate() { this.getTarget().getName() = "EVP_DigestVerifyUpdate" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = UpdateStep() } +} + +/** + * A call to EVP_DigestVerifyFinal + */ +class EvpDigestVerifyFinal extends SignatureFinalOperation { + EvpDigestVerifyFinal() { this.getTarget().getName() = "EVP_DigestVerifyFinal" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SignatureIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } +} + +/** + * A call to EVP_DigestVerify + */ +class EvpDigestVerify extends SignatureFinalOperation { + EvpDigestVerify() { this.getTarget().getName() = "EVP_DigestVerify" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SignatureIO() + or + result.asExpr() = this.getArgument(3) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } +} + +/** + * An instance of a signature operation. + * This is an OpenSSL specific class that extends the base SignatureOperationInstance. + */ +class OpenSslSignatureOperationInstance extends Crypto::SignatureOperationInstance instanceof SignatureFinalOperation { override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { super.getPrimaryAlgorithmValueConsumer() = result @@ -217,7 +359,7 @@ class EvpSignatureOperationInstance extends Crypto::SignatureOperationInstance i * Signing, verification or unknown. */ override Crypto::KeyOperationSubtype getKeyOperationSubtype() { - // TODO: if this KeyOperationSubtype does not match initialization call's KeyOperationSubtype then we found a bug + // NOTE: if this KeyOperationSubtype does not match initialization call's KeyOperationSubtype then we found a bug if super.getTarget().getName().toLowerCase().matches("%sign%") then result instanceof Crypto::TSignMode else @@ -227,18 +369,18 @@ class EvpSignatureOperationInstance extends Crypto::SignatureOperationInstance i } override Crypto::ConsumerInputDataFlowNode getNonceConsumer() { - // TODO: some signing operations may have explicit nonce generators - none() + // some signing operations may have explicit nonce generators + super.getDominatingInitializersToStep(IVorNonceIO()).getInput(IVorNonceIO()) = result } - /** - * Keys provided in the initialization call or in a context are found by this method. - * Keys in explicit arguments are found by overridden methods in extending classes. - */ override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { super.getDominatingInitializersToStep(KeyIO()).getInput(KeyIO()) = result } + override Crypto::ConsumerInputDataFlowNode getSignatureConsumer() { + super.getDominatingInitializersToStep(SignatureIO()).getInput(SignatureIO()) = result + } + override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { super.getOutputStepFlowingToStep(SignatureIO()).getOutput(SignatureIO()) = result } @@ -247,14 +389,58 @@ class EvpSignatureOperationInstance extends Crypto::SignatureOperationInstance i super.getDominatingInitializersToStep(PlaintextIO()).getInput(PlaintextIO()) = result } + override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { + super + .getDominatingInitializersToStep(HashAlgorithmIO()) + .getAlgorithmValueConsumerForInput(HashAlgorithmIO()) = result + } + + override predicate hasHashAlgorithmConsumer() { + exists(super.getDominatingInitializersToStep(HashAlgorithmIO())) + } +} + +/** + * A class for signature or MAC operation instances. + * This is an OpenSSL specific class that extends the base SignatureOrMacOperationInstance. + */ +class OpenSslSignatureOrMacOperationInstance extends Crypto::SignatureOrMacOperationInstance instanceof SignatureOrMacFinalOperation +{ + override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { + super.getPrimaryAlgorithmValueConsumer() = result + } + /** - * TODO: only signing operations for now, change when verificaiton is added + * Signing, verification or unknown. */ - override Crypto::ConsumerInputDataFlowNode getSignatureConsumer() { none() } + override Crypto::KeyOperationSubtype getKeyOperationSubtype() { + result instanceof Crypto::TSignMode or result instanceof Crypto::TMacMode + } + + override Crypto::ConsumerInputDataFlowNode getNonceConsumer() { + // some signing operations may have explicit nonce generators + super.getDominatingInitializersToStep(IVorNonceIO()).getInput(IVorNonceIO()) = result + } + + override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { + super.getDominatingInitializersToStep(KeyIO()).getInput(KeyIO()) = result + } + + override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { + super.getOutputStepFlowingToStep(SignatureIO()).getOutput(SignatureIO()) = result + } + + override Crypto::ConsumerInputDataFlowNode getInputConsumer() { + super.getDominatingInitializersToStep(PlaintextIO()).getInput(PlaintextIO()) = result + } override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { super .getDominatingInitializersToStep(HashAlgorithmIO()) .getAlgorithmValueConsumerForInput(HashAlgorithmIO()) = result } + + override predicate hasHashAlgorithmConsumer() { + exists(super.getDominatingInitializersToStep(HashAlgorithmIO())) + } } diff --git a/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected b/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected index 27be8e5cfba5..348ba678bc63 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected @@ -34,15 +34,30 @@ | openssl_basic.c:155:22:155:41 | KeyGeneration | Algorithm | openssl_basic.c:155:22:155:41 | KeyGeneration | | openssl_basic.c:155:22:155:41 | KeyGeneration | KeyInput | openssl_basic.c:155:64:155:66 | Key | | openssl_basic.c:155:22:155:41 | KeyGeneration | Output | openssl_basic.c:155:22:155:41 | Key | -| openssl_basic.c:155:43:155:55 | MACAlgorithm | H | openssl_basic.c:160:39:160:48 | HashAlgorithm | +| openssl_basic.c:155:43:155:55 | HMACAlgorithm | H | openssl_basic.c:160:39:160:48 | HashAlgorithm | | openssl_basic.c:155:64:155:66 | Key | Source | openssl_basic.c:179:43:179:76 | Constant | | openssl_basic.c:160:59:160:62 | Key | Source | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:163:35:163:41 | Message | Source | openssl_basic.c:181:49:181:87 | Constant | -| openssl_basic.c:167:9:167:27 | SignOperation | Algorithm | openssl_basic.c:167:9:167:27 | SignOperation | -| openssl_basic.c:167:9:167:27 | SignOperation | HashAlgorithm | openssl_basic.c:160:39:160:48 | HashAlgorithm | -| openssl_basic.c:167:9:167:27 | SignOperation | Input | openssl_basic.c:163:35:163:41 | Message | -| openssl_basic.c:167:9:167:27 | SignOperation | Key | openssl_basic.c:160:59:160:62 | Key | -| openssl_basic.c:167:9:167:27 | SignOperation | Output | openssl_basic.c:167:34:167:36 | SignatureOutput | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | Algorithm | openssl_basic.c:155:43:155:55 | HMACAlgorithm | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | HashAlgorithm | openssl_basic.c:160:39:160:48 | HashAlgorithm | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | Input | openssl_basic.c:163:35:163:41 | Message | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | Key | openssl_basic.c:160:59:160:62 | Key | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | Nonce | openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | Output | openssl_basic.c:167:34:167:36 | SignatureOutput | +| openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | Mode | openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | +| openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | Padding | openssl_basic.c:249:51:249:72 | PaddingAlgorithm | +| openssl_basic.c:238:9:238:25 | KeyGeneration | Algorithm | openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | +| openssl_basic.c:238:9:238:25 | KeyGeneration | Output | openssl_basic.c:238:39:238:43 | Key | +| openssl_basic.c:238:39:238:43 | Key | Algorithm | openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | +| openssl_basic.c:243:52:243:55 | Key | Source | openssl_basic.c:238:39:238:43 | Key | +| openssl_basic.c:249:51:249:72 | PaddingAlgorithm | MD | openssl_basic.c:250:51:250:60 | HashAlgorithm | +| openssl_basic.c:249:51:249:72 | PaddingAlgorithm | MGF1Hash | openssl_basic.c:251:51:251:60 | HashAlgorithm | +| openssl_basic.c:262:24:262:39 | EncryptOperation | Algorithm | openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | +| openssl_basic.c:262:24:262:39 | EncryptOperation | Input | openssl_basic.c:263:64:263:70 | Message | +| openssl_basic.c:262:24:262:39 | EncryptOperation | Key | openssl_basic.c:243:52:243:55 | Key | +| openssl_basic.c:262:24:262:39 | EncryptOperation | Nonce | openssl_basic.c:262:24:262:39 | EncryptOperation | +| openssl_basic.c:262:24:262:39 | EncryptOperation | Output | openssl_basic.c:262:54:262:63 | KeyOperationOutput | +| openssl_basic.c:263:64:263:70 | Message | Source | openssl_basic.c:231:27:231:49 | Constant | | openssl_pkey.c:21:10:21:28 | KeyGeneration | Algorithm | openssl_pkey.c:21:10:21:28 | KeyGeneration | | openssl_pkey.c:21:10:21:28 | KeyGeneration | Output | openssl_pkey.c:21:30:21:32 | Key | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | Mode | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | @@ -83,37 +98,67 @@ | openssl_signature.c:133:52:133:55 | Key | Source | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:133:52:133:55 | Key | Source | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:134:38:134:44 | Message | Source | openssl_signature.c:602:37:602:77 | Constant | -| openssl_signature.c:135:9:135:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | -| openssl_signature.c:135:9:135:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | -| openssl_signature.c:135:9:135:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | -| openssl_signature.c:135:9:135:27 | SignOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | -| openssl_signature.c:135:9:135:27 | SignOperation | Input | openssl_signature.c:134:38:134:44 | Message | -| openssl_signature.c:135:9:135:27 | SignOperation | Key | openssl_signature.c:133:52:133:55 | Key | -| openssl_signature.c:135:9:135:27 | SignOperation | Output | openssl_signature.c:135:37:135:40 | SignatureOutput | -| openssl_signature.c:142:9:142:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | -| openssl_signature.c:142:9:142:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | -| openssl_signature.c:142:9:142:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | -| openssl_signature.c:142:9:142:27 | SignOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | -| openssl_signature.c:142:9:142:27 | SignOperation | Input | openssl_signature.c:134:38:134:44 | Message | -| openssl_signature.c:142:9:142:27 | SignOperation | Key | openssl_signature.c:133:52:133:55 | Key | -| openssl_signature.c:142:9:142:27 | SignOperation | Output | openssl_signature.c:142:37:142:46 | SignatureOutput | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | Input | openssl_signature.c:134:38:134:44 | Message | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | Key | openssl_signature.c:133:52:133:55 | Key | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | Nonce | openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | Output | openssl_signature.c:135:37:135:40 | SignatureOutput | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | Input | openssl_signature.c:134:38:134:44 | Message | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | Key | openssl_signature.c:133:52:133:55 | Key | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | Nonce | openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | Output | openssl_signature.c:142:37:142:46 | SignatureOutput | +| openssl_signature.c:165:54:165:57 | Key | Source | openssl_signature.c:548:34:548:37 | Key | +| openssl_signature.c:165:54:165:57 | Key | Source | openssl_signature.c:578:34:578:37 | Key | +| openssl_signature.c:166:40:166:46 | Message | Source | openssl_signature.c:602:37:602:77 | Constant | +| openssl_signature.c:167:9:167:29 | VerifyOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:167:9:167:29 | VerifyOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:167:9:167:29 | VerifyOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:167:9:167:29 | VerifyOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:167:9:167:29 | VerifyOperation | Input | openssl_signature.c:134:38:134:44 | Message | +| openssl_signature.c:167:9:167:29 | VerifyOperation | Input | openssl_signature.c:166:40:166:46 | Message | +| openssl_signature.c:167:9:167:29 | VerifyOperation | Key | openssl_signature.c:133:52:133:55 | Key | +| openssl_signature.c:167:9:167:29 | VerifyOperation | Key | openssl_signature.c:165:54:165:57 | Key | +| openssl_signature.c:167:9:167:29 | VerifyOperation | Signature | openssl_signature.c:167:39:167:47 | SignatureInput | +| openssl_signature.c:167:39:167:47 | SignatureInput | Source | openssl_signature.c:142:37:142:46 | SignatureOutput | | openssl_signature.c:190:57:190:60 | Key | Source | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:190:57:190:60 | Key | Source | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:196:38:196:44 | Message | Source | openssl_signature.c:602:37:602:77 | Constant | -| openssl_signature.c:197:9:197:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | -| openssl_signature.c:197:9:197:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | -| openssl_signature.c:197:9:197:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | -| openssl_signature.c:197:9:197:27 | SignOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | -| openssl_signature.c:197:9:197:27 | SignOperation | Input | openssl_signature.c:196:38:196:44 | Message | -| openssl_signature.c:197:9:197:27 | SignOperation | Key | openssl_signature.c:190:57:190:60 | Key | -| openssl_signature.c:197:9:197:27 | SignOperation | Output | openssl_signature.c:197:37:197:40 | SignatureOutput | -| openssl_signature.c:204:9:204:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | -| openssl_signature.c:204:9:204:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | -| openssl_signature.c:204:9:204:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | -| openssl_signature.c:204:9:204:27 | SignOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | -| openssl_signature.c:204:9:204:27 | SignOperation | Input | openssl_signature.c:196:38:196:44 | Message | -| openssl_signature.c:204:9:204:27 | SignOperation | Key | openssl_signature.c:190:57:190:60 | Key | -| openssl_signature.c:204:9:204:27 | SignOperation | Output | openssl_signature.c:204:37:204:46 | SignatureOutput | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | Input | openssl_signature.c:196:38:196:44 | Message | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | Key | openssl_signature.c:190:57:190:60 | Key | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | Nonce | openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | Output | openssl_signature.c:197:37:197:40 | SignatureOutput | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | Input | openssl_signature.c:196:38:196:44 | Message | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | Key | openssl_signature.c:190:57:190:60 | Key | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | Nonce | openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | Output | openssl_signature.c:204:37:204:46 | SignatureOutput | +| openssl_signature.c:228:59:228:62 | Key | Source | openssl_signature.c:548:34:548:37 | Key | +| openssl_signature.c:228:59:228:62 | Key | Source | openssl_signature.c:578:34:578:37 | Key | +| openssl_signature.c:234:40:234:46 | Message | Source | openssl_signature.c:602:37:602:77 | Constant | +| openssl_signature.c:235:9:235:29 | VerifyOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:235:9:235:29 | VerifyOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:235:9:235:29 | VerifyOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:235:9:235:29 | VerifyOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:235:9:235:29 | VerifyOperation | Input | openssl_signature.c:196:38:196:44 | Message | +| openssl_signature.c:235:9:235:29 | VerifyOperation | Input | openssl_signature.c:234:40:234:46 | Message | +| openssl_signature.c:235:9:235:29 | VerifyOperation | Key | openssl_signature.c:190:57:190:60 | Key | +| openssl_signature.c:235:9:235:29 | VerifyOperation | Key | openssl_signature.c:228:59:228:62 | Key | +| openssl_signature.c:235:9:235:29 | VerifyOperation | Signature | openssl_signature.c:235:39:235:47 | SignatureInput | +| openssl_signature.c:235:39:235:47 | SignatureInput | Source | openssl_signature.c:204:37:204:46 | SignatureOutput | | openssl_signature.c:260:39:260:42 | Key | Source | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:260:39:260:42 | Key | Source | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:263:9:263:21 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | diff --git a/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected b/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected index 52a7c61502bd..2acaf5b0ed88 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected @@ -21,18 +21,34 @@ | openssl_basic.c:144:67:144:73 | HashAlgorithm | Name | MD5 | openssl_basic.c:144:67:144:73 | openssl_basic.c:144:67:144:73 | | openssl_basic.c:144:67:144:73 | HashAlgorithm | RawName | EVP_md5 | openssl_basic.c:144:67:144:73 | openssl_basic.c:144:67:144:73 | | openssl_basic.c:155:22:155:41 | Key | KeyType | Asymmetric | openssl_basic.c:155:22:155:41 | openssl_basic.c:155:22:155:41 | -| openssl_basic.c:155:43:155:55 | MACAlgorithm | Name | HMAC | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | -| openssl_basic.c:155:43:155:55 | MACAlgorithm | RawName | 855 | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | +| openssl_basic.c:155:43:155:55 | HMACAlgorithm | Name | HMAC | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | +| openssl_basic.c:155:43:155:55 | HMACAlgorithm | RawName | 855 | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | | openssl_basic.c:155:64:155:66 | Key | KeyType | Unknown | openssl_basic.c:155:64:155:66 | openssl_basic.c:155:64:155:66 | | openssl_basic.c:160:39:160:48 | HashAlgorithm | DigestSize | 256 | openssl_basic.c:160:39:160:48 | openssl_basic.c:160:39:160:48 | | openssl_basic.c:160:39:160:48 | HashAlgorithm | Name | SHA2 | openssl_basic.c:160:39:160:48 | openssl_basic.c:160:39:160:48 | | openssl_basic.c:160:39:160:48 | HashAlgorithm | RawName | EVP_sha256 | openssl_basic.c:160:39:160:48 | openssl_basic.c:160:39:160:48 | | openssl_basic.c:160:59:160:62 | Key | KeyType | Unknown | openssl_basic.c:160:59:160:62 | openssl_basic.c:160:59:160:62 | -| openssl_basic.c:167:9:167:27 | SignOperation | KeyOperationSubtype | Sign | openssl_basic.c:167:9:167:27 | openssl_basic.c:167:9:167:27 | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | KeyOperationSubtype | Mac | openssl_basic.c:167:9:167:27 | openssl_basic.c:167:9:167:27 | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | KeyOperationSubtype | Sign | openssl_basic.c:167:9:167:27 | openssl_basic.c:167:9:167:27 | | openssl_basic.c:179:43:179:76 | Constant | Description | 01234567890123456789012345678901 | openssl_basic.c:179:43:179:76 | openssl_basic.c:179:43:179:76 | | openssl_basic.c:180:42:180:59 | Constant | Description | 0123456789012345 | openssl_basic.c:180:42:180:59 | openssl_basic.c:180:42:180:59 | | openssl_basic.c:181:49:181:87 | Constant | Description | This is a test message for encryption | openssl_basic.c:181:49:181:87 | openssl_basic.c:181:49:181:87 | | openssl_basic.c:218:32:218:33 | Constant | Description | 32 | openssl_basic.c:218:32:218:33 | openssl_basic.c:218:32:218:33 | +| openssl_basic.c:231:27:231:49 | Constant | Description | Encrypt me with OAEP! | openssl_basic.c:231:27:231:49 | openssl_basic.c:231:27:231:49 | +| openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | Name | RSA | openssl_basic.c:235:51:235:55 | openssl_basic.c:235:51:235:55 | +| openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | RawName | RSA | openssl_basic.c:235:51:235:55 | openssl_basic.c:235:51:235:55 | +| openssl_basic.c:237:54:237:57 | Constant | Description | 2048 | openssl_basic.c:237:54:237:57 | openssl_basic.c:237:54:237:57 | +| openssl_basic.c:238:39:238:43 | Key | KeyType | Asymmetric | openssl_basic.c:238:39:238:43 | openssl_basic.c:238:39:238:43 | +| openssl_basic.c:243:52:243:55 | Key | KeyType | Unknown | openssl_basic.c:243:52:243:55 | openssl_basic.c:243:52:243:55 | +| openssl_basic.c:249:51:249:72 | PaddingAlgorithm | Name | OAEP | openssl_basic.c:249:51:249:72 | openssl_basic.c:249:51:249:72 | +| openssl_basic.c:249:51:249:72 | PaddingAlgorithm | RawName | 4 | openssl_basic.c:249:51:249:72 | openssl_basic.c:249:51:249:72 | +| openssl_basic.c:250:51:250:60 | HashAlgorithm | DigestSize | 256 | openssl_basic.c:250:51:250:60 | openssl_basic.c:250:51:250:60 | +| openssl_basic.c:250:51:250:60 | HashAlgorithm | Name | SHA2 | openssl_basic.c:250:51:250:60 | openssl_basic.c:250:51:250:60 | +| openssl_basic.c:250:51:250:60 | HashAlgorithm | RawName | EVP_sha256 | openssl_basic.c:250:51:250:60 | openssl_basic.c:250:51:250:60 | +| openssl_basic.c:251:51:251:60 | HashAlgorithm | DigestSize | 256 | openssl_basic.c:251:51:251:60 | openssl_basic.c:251:51:251:60 | +| openssl_basic.c:251:51:251:60 | HashAlgorithm | Name | SHA2 | openssl_basic.c:251:51:251:60 | openssl_basic.c:251:51:251:60 | +| openssl_basic.c:251:51:251:60 | HashAlgorithm | RawName | EVP_sha256 | openssl_basic.c:251:51:251:60 | openssl_basic.c:251:51:251:60 | +| openssl_basic.c:262:24:262:39 | EncryptOperation | KeyOperationSubtype | Encrypt | openssl_basic.c:262:24:262:39 | openssl_basic.c:262:24:262:39 | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | Name | RSA | openssl_pkey.c:21:10:21:28 | openssl_pkey.c:21:10:21:28 | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | RawName | RSA_generate_key_ex | openssl_pkey.c:21:10:21:28 | openssl_pkey.c:21:10:21:28 | | openssl_pkey.c:21:30:21:32 | Key | KeyType | Asymmetric | openssl_pkey.c:21:30:21:32 | openssl_pkey.c:21:30:21:32 | @@ -46,11 +62,19 @@ | openssl_signature.c:80:9:80:21 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:80:9:80:21 | openssl_signature.c:80:9:80:21 | | openssl_signature.c:80:53:80:56 | Key | KeyType | Unknown | openssl_signature.c:80:53:80:56 | openssl_signature.c:80:53:80:56 | | openssl_signature.c:133:52:133:55 | Key | KeyType | Unknown | openssl_signature.c:133:52:133:55 | openssl_signature.c:133:52:133:55 | -| openssl_signature.c:135:9:135:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:135:9:135:27 | openssl_signature.c:135:9:135:27 | -| openssl_signature.c:142:9:142:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:142:9:142:27 | openssl_signature.c:142:9:142:27 | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | KeyOperationSubtype | Mac | openssl_signature.c:135:9:135:27 | openssl_signature.c:135:9:135:27 | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | KeyOperationSubtype | Sign | openssl_signature.c:135:9:135:27 | openssl_signature.c:135:9:135:27 | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | KeyOperationSubtype | Mac | openssl_signature.c:142:9:142:27 | openssl_signature.c:142:9:142:27 | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | KeyOperationSubtype | Sign | openssl_signature.c:142:9:142:27 | openssl_signature.c:142:9:142:27 | +| openssl_signature.c:165:54:165:57 | Key | KeyType | Unknown | openssl_signature.c:165:54:165:57 | openssl_signature.c:165:54:165:57 | +| openssl_signature.c:167:9:167:29 | VerifyOperation | KeyOperationSubtype | Verify | openssl_signature.c:167:9:167:29 | openssl_signature.c:167:9:167:29 | | openssl_signature.c:190:57:190:60 | Key | KeyType | Unknown | openssl_signature.c:190:57:190:60 | openssl_signature.c:190:57:190:60 | -| openssl_signature.c:197:9:197:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:197:9:197:27 | openssl_signature.c:197:9:197:27 | -| openssl_signature.c:204:9:204:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:204:9:204:27 | openssl_signature.c:204:9:204:27 | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | KeyOperationSubtype | Mac | openssl_signature.c:197:9:197:27 | openssl_signature.c:197:9:197:27 | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | KeyOperationSubtype | Sign | openssl_signature.c:197:9:197:27 | openssl_signature.c:197:9:197:27 | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | KeyOperationSubtype | Mac | openssl_signature.c:204:9:204:27 | openssl_signature.c:204:9:204:27 | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | KeyOperationSubtype | Sign | openssl_signature.c:204:9:204:27 | openssl_signature.c:204:9:204:27 | +| openssl_signature.c:228:59:228:62 | Key | KeyType | Unknown | openssl_signature.c:228:59:228:62 | openssl_signature.c:228:59:228:62 | +| openssl_signature.c:235:9:235:29 | VerifyOperation | KeyOperationSubtype | Verify | openssl_signature.c:235:9:235:29 | openssl_signature.c:235:9:235:29 | | openssl_signature.c:260:39:260:42 | Key | KeyType | Unknown | openssl_signature.c:260:39:260:42 | openssl_signature.c:260:39:260:42 | | openssl_signature.c:263:9:263:21 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:263:9:263:21 | openssl_signature.c:263:9:263:21 | | openssl_signature.c:270:9:270:21 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:270:9:270:21 | openssl_signature.c:270:9:270:21 | diff --git a/cpp/ql/test/experimental/library-tests/quantum/nodes.expected b/cpp/ql/test/experimental/library-tests/quantum/nodes.expected index 223f7bfca6c5..6245926f2110 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/nodes.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/nodes.expected @@ -24,17 +24,29 @@ | openssl_basic.c:144:67:144:73 | HashAlgorithm | | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:155:22:155:41 | KeyGeneration | -| openssl_basic.c:155:43:155:55 | MACAlgorithm | +| openssl_basic.c:155:43:155:55 | HMACAlgorithm | | openssl_basic.c:155:64:155:66 | Key | | openssl_basic.c:160:39:160:48 | HashAlgorithm | | openssl_basic.c:160:59:160:62 | Key | | openssl_basic.c:163:35:163:41 | Message | -| openssl_basic.c:167:9:167:27 | SignOperation | +| openssl_basic.c:167:9:167:27 | SignatureOrMACOperation | | openssl_basic.c:167:34:167:36 | SignatureOutput | | openssl_basic.c:179:43:179:76 | Constant | | openssl_basic.c:180:42:180:59 | Constant | | openssl_basic.c:181:49:181:87 | Constant | | openssl_basic.c:218:32:218:33 | Constant | +| openssl_basic.c:231:27:231:49 | Constant | +| openssl_basic.c:235:51:235:55 | KeyOperationAlgorithm | +| openssl_basic.c:237:54:237:57 | Constant | +| openssl_basic.c:238:9:238:25 | KeyGeneration | +| openssl_basic.c:238:39:238:43 | Key | +| openssl_basic.c:243:52:243:55 | Key | +| openssl_basic.c:249:51:249:72 | PaddingAlgorithm | +| openssl_basic.c:250:51:250:60 | HashAlgorithm | +| openssl_basic.c:251:51:251:60 | HashAlgorithm | +| openssl_basic.c:262:24:262:39 | EncryptOperation | +| openssl_basic.c:262:54:262:63 | KeyOperationOutput | +| openssl_basic.c:263:64:263:70 | Message | | openssl_pkey.c:21:10:21:28 | KeyGeneration | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | | openssl_pkey.c:21:30:21:32 | Key | @@ -57,16 +69,24 @@ | openssl_signature.c:80:53:80:56 | Key | | openssl_signature.c:133:52:133:55 | Key | | openssl_signature.c:134:38:134:44 | Message | -| openssl_signature.c:135:9:135:27 | SignOperation | +| openssl_signature.c:135:9:135:27 | SignatureOrMACOperation | | openssl_signature.c:135:37:135:40 | SignatureOutput | -| openssl_signature.c:142:9:142:27 | SignOperation | +| openssl_signature.c:142:9:142:27 | SignatureOrMACOperation | | openssl_signature.c:142:37:142:46 | SignatureOutput | +| openssl_signature.c:165:54:165:57 | Key | +| openssl_signature.c:166:40:166:46 | Message | +| openssl_signature.c:167:9:167:29 | VerifyOperation | +| openssl_signature.c:167:39:167:47 | SignatureInput | | openssl_signature.c:190:57:190:60 | Key | | openssl_signature.c:196:38:196:44 | Message | -| openssl_signature.c:197:9:197:27 | SignOperation | +| openssl_signature.c:197:9:197:27 | SignatureOrMACOperation | | openssl_signature.c:197:37:197:40 | SignatureOutput | -| openssl_signature.c:204:9:204:27 | SignOperation | +| openssl_signature.c:204:9:204:27 | SignatureOrMACOperation | | openssl_signature.c:204:37:204:46 | SignatureOutput | +| openssl_signature.c:228:59:228:62 | Key | +| openssl_signature.c:234:40:234:46 | Message | +| openssl_signature.c:235:9:235:29 | VerifyOperation | +| openssl_signature.c:235:39:235:47 | SignatureInput | | openssl_signature.c:260:39:260:42 | Key | | openssl_signature.c:263:9:263:21 | SignOperation | | openssl_signature.c:263:33:263:36 | SignatureOutput | diff --git a/cpp/ql/test/experimental/library-tests/quantum/openssl_basic.c b/cpp/ql/test/experimental/library-tests/quantum/openssl_basic.c index f1ffbfa24d36..04504070ddd7 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/openssl_basic.c +++ b/cpp/ql/test/experimental/library-tests/quantum/openssl_basic.c @@ -1,7 +1,7 @@ #include "openssl/evp.h" #include "openssl/obj_mac.h" #include "openssl/rand.h" - +#include "openssl/rsa.h" size_t strlen(const char* str); // Sample OpenSSL code that demonstrates various cryptographic operations @@ -218,4 +218,58 @@ int test_main() { calculate_hmac_sha256(key, 32, plaintext, plaintext_len, hmac); return 0; -} \ No newline at end of file +} + +/** + * Simplified signature test + */ +int test_rsa_oaep_basic(void) { + EVP_PKEY_CTX *keygen_ctx = NULL, *encrypt_ctx = NULL; + EVP_PKEY *pkey = NULL; + unsigned char *ciphertext = NULL; + size_t ciphertext_len = 0; + const char *message = "Encrypt me with OAEP!"; + int ret = 1; + + // Generate RSA key + keygen_ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); + if (!keygen_ctx || EVP_PKEY_keygen_init(keygen_ctx) <= 0 || + EVP_PKEY_CTX_set_rsa_keygen_bits(keygen_ctx, 2048) <= 0 || + EVP_PKEY_generate(keygen_ctx, &pkey) <= 0) { + goto cleanup; + } + + // Create encryption context + encrypt_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL); + if (!encrypt_ctx || EVP_PKEY_encrypt_init(encrypt_ctx) <= 0) { + goto cleanup; + } + + // Set OAEP padding + if (EVP_PKEY_CTX_set_rsa_padding(encrypt_ctx, RSA_PKCS1_OAEP_PADDING) <= 0 || + EVP_PKEY_CTX_set_rsa_oaep_md(encrypt_ctx, EVP_sha256()) <= 0 || + EVP_PKEY_CTX_set_rsa_mgf1_md(encrypt_ctx, EVP_sha256()) <= 0) { + goto cleanup; + } + + // Determine buffer size + if (EVP_PKEY_encrypt(encrypt_ctx, NULL, &ciphertext_len, + (const unsigned char *)message, strlen(message)) <= 0) { + goto cleanup; + } + + ciphertext = OPENSSL_malloc(ciphertext_len); + if (!ciphertext || EVP_PKEY_encrypt(encrypt_ctx, ciphertext, &ciphertext_len, + (const unsigned char *)message, strlen(message)) <= 0) { + goto cleanup; + } + + ret = 0; + +cleanup: + EVP_PKEY_CTX_free(keygen_ctx); + EVP_PKEY_CTX_free(encrypt_ctx); + EVP_PKEY_free(pkey); + OPENSSL_free(ciphertext); + return ret; +} \ No newline at end of file diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index dc86c4637505..f6f5ba71ec2a 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -205,12 +205,6 @@ module JCAModel { ) } - bindingset[name] - predicate mac_name_to_mac_type_known(Crypto::TMacType type, string name) { - type = Crypto::HMAC() and - name.toUpperCase().matches("HMAC%") - } - bindingset[name] predicate key_agreement_name_to_type_known(Crypto::TKeyAgreementType type, string name) { type = Crypto::DH() and @@ -1480,7 +1474,7 @@ module JCAModel { module MacInitCallToMacOperationFlow = DataFlow::Global; - class KnownMacAlgorithm extends Crypto::MacAlgorithmInstance instanceof StringLiteral { + class KnownMacAlgorithm extends Crypto::KeyOperationAlgorithmInstance instanceof StringLiteral { MacGetInstanceAlgorithmValueConsumer consumer; KnownMacAlgorithm() { @@ -1490,13 +1484,30 @@ module JCAModel { MacGetInstanceAlgorithmValueConsumer getConsumer() { result = consumer } - override string getRawMacAlgorithmName() { result = super.getValue() } + override string getRawAlgorithmName() { result = super.getValue() } - override Crypto::MacType getMacType() { - if mac_name_to_mac_type_known(_, super.getValue()) - then mac_name_to_mac_type_known(result, super.getValue()) - else result = Crypto::OtherMacType() + override Crypto::KeyOpAlg::AlgorithmType getAlgorithmType() { + if super.getValue().toUpperCase().matches("HMAC%") + then result = KeyOpAlg::TMac(KeyOpAlg::HMAC()) + else + if super.getValue().toUpperCase().matches("CMAC%") + then result = KeyOpAlg::TMac(KeyOpAlg::CMAC()) + else result = KeyOpAlg::TMac(KeyOpAlg::OtherMacAlgorithmType()) + } + + override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { + // TODO: trace to any key size initializer? + none() } + + override int getKeySizeFixed() { + // TODO: are there known fixed key sizes to consider? + none() + } + + override Crypto::ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() { none() } + + override Crypto::PaddingAlgorithmInstance getPaddingAlgorithm() { none() } } class MacGetInstanceCall extends MethodCall { @@ -1566,7 +1577,7 @@ module JCAModel { ) } - override Crypto::ConsumerInputDataFlowNode getMessageConsumer() { + override Crypto::ConsumerInputDataFlowNode getInputConsumer() { result.asExpr() = super.getArgument(0) and super.getMethod().getParameterType(0).hasName("byte[]") } diff --git a/shared/quantum/codeql/quantum/experimental/Model.qll b/shared/quantum/codeql/quantum/experimental/Model.qll index d8b1402b5e88..ec09468b5d2f 100644 --- a/shared/quantum/codeql/quantum/experimental/Model.qll +++ b/shared/quantum/codeql/quantum/experimental/Model.qll @@ -409,8 +409,6 @@ module CryptographyBase Input> { or exists(KeyDerivationOperationInstance op | inputNode = op.getInputConsumer()) or - exists(MacOperationInstance op | inputNode = op.getMessageConsumer()) - or exists(HashOperationInstance op | inputNode = op.getInputConsumer()) ) and this = Input::dfn_to_element(inputNode) @@ -545,8 +543,6 @@ module CryptographyBase Input> { or exists(KeyGenerationOperationInstance op | inputNode = op.getKeyValueConsumer()) or - exists(MacOperationInstance op | inputNode = op.getKeyConsumer()) - or exists(KeyAgreementSecretGenerationOperationInstance op | inputNode = op.getServerKeyConsumer() or inputNode = op.getPeerKeyConsumer() @@ -562,9 +558,10 @@ module CryptographyBase Input> { /** * A key-based cryptographic operation instance, encompassing: - * 1. **Ciphers**: Encryption and decryption, both symmetric and asymmetric - * 1. **Signing**: Signing and verifying, **NOT** including MACs (see `MACOperationInstance`) - * 1. **Key encapsulation**: Key wrapping and unwrapping + * - **Ciphers**: Encryption and decryption, both symmetric and asymmetric + * - **Signing**: Signing and verifying + * - **MACs**: Mac generation + * - **Key encapsulation**: Key wrapping and unwrapping * * This class represents a generic key operation that transforms input data * using a cryptographic key, producing an output artifact such as ciphertext, @@ -598,7 +595,8 @@ module CryptographyBase Input> { /** * Gets the consumer of the primary message input for this key operation. * For example: plaintext (for encryption), ciphertext (for decryption), - * message to be signed, or wrapped key to be unwrapped. + * a message to be signed or verified, the message on which a mac is generated, + * or a wrapped key to be unwrapped. */ abstract ConsumerInputDataFlowNode getInputConsumer(); @@ -614,25 +612,6 @@ module CryptographyBase Input> { abstract ArtifactOutputDataFlowNode getOutputArtifact(); } - /** - * A key operation instance representing a signature being generated or verified. - */ - abstract class SignatureOperationInstance extends KeyOperationInstance { - /** - * Gets the consumer of the signature that is being verified in case of a - * verification operation. - */ - abstract ConsumerInputDataFlowNode getSignatureConsumer(); - - /** - * Gets the consumer of a hash algorithm. - * This is intended for signature operations they are explicitly configured - * with a hash algorithm. If a signature is not configured with an explicit - * hash algorithm, users do not need to provide a consumer (set none()). - */ - abstract AlgorithmValueConsumer getHashAlgorithmValueConsumer(); - } - /** * A key-based algorithm instance used in cryptographic operations such as encryption, decryption, * signing, verification, and key wrapping. @@ -651,6 +630,7 @@ module CryptographyBase Input> { * - `TSymmetricCipher(OtherSymmetricCipherType())` * - `TAsymmetricCipher(OtherAsymmetricCipherType())` * - `TSignature(OtherSignatureAlgorithmType())` + * - `TMacAlgorithm(OtherMacAlgorithmType())` * - `TKeyEncapsulation(OtherKEMAlgorithmType())` * * If the category of algorithm is not known, the following type should be used: @@ -710,6 +690,41 @@ module CryptographyBase Input> { predicate shouldHavePaddingScheme() { any() } } + abstract class HmacAlgorithmInstance extends KeyOperationAlgorithmInstance { + HmacAlgorithmInstance() { this.getAlgorithmType() = KeyOpAlg::TMac(KeyOpAlg::HMAC()) } + + /** + * Gets the hash algorithm used by this HMAC algorithm. + */ + abstract AlgorithmValueConsumer getHashAlgorithmValueConsumer(); + + /** + * CMACs will have algorithms that have modes of operation but that + * is associated with the cipher algorithm, that is itself + * associated to the MAC algorithm. + */ + override predicate shouldHaveModeOfOperation() { none() } + + override ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() { none() } + + /** + * CMACs may have padding but the padding is associated with the cipher algorithm, + * that is itself associated to the MAC algorithm. + */ + override predicate shouldHavePaddingScheme() { none() } + + override PaddingAlgorithmInstance getPaddingAlgorithm() { none() } + } + + abstract class CmacAlgorithmInstance extends KeyOperationAlgorithmInstance { + CmacAlgorithmInstance() { this.getAlgorithmType() = KeyOpAlg::TMac(KeyOpAlg::CMAC()) } + + /** + * Gets the cipher algorithm used by this CMAC algorithm. + */ + abstract AlgorithmValueConsumer getCipherAlgorithmValueConsumer(); + } + abstract class ModeOfOperationAlgorithmInstance extends AlgorithmInstance { /** * Gets the type of this mode of operation, e.g., "ECB" or "CBC". @@ -760,40 +775,47 @@ module CryptographyBase Input> { abstract HashAlgorithmInstance getMgf1HashAlgorithm(); } - abstract class MacAlgorithmInstance extends AlgorithmInstance { + /** + * A parent class for signature and MAC operations. + * Signatures and macs are the asymmetric and symmetric analogs of each other, + * and some APIs can reuse a single operation to do either signing on mac. + * Users should extend this class when an operation can be either a signature or a MAC, + * and where the instance is not obviously one or the other from use. + */ + abstract class SignatureOrMacOperationInstance extends KeyOperationInstance { /** - * Gets the type of this MAC algorithm, e.g., "HMAC" or "CMAC". + * Gets the consumer of a hash algorithm. + * This is intended for mac/signing operations they are explicitly configured + * with a hash algorithm. If the operation is not configured with an explicit + * hash algorithm, users do not need to provide a consumer (set none()). */ - abstract MacType getMacType(); + abstract AlgorithmValueConsumer getHashAlgorithmValueConsumer(); /** - * Gets the isolated name as it appears in source, e.g., "HMAC-SHA256" in "HMAC-SHA256/UnrelatedInformation". - * - * This name should not be parsed or formatted beyond isolating the raw MAC name if necessary. + * Holds if this operation has a hash algorithm consumer. + * I.e., holds if the operation is configured to perform a hash + * on a message before signing and algorithm is passed in. + * The hash algorithm consumer must be specified through + * `getHashAlgorithmValueConsumer()`. */ - abstract string getRawMacAlgorithmName(); + abstract predicate hasHashAlgorithmConsumer(); } - abstract class MacOperationInstance extends OperationInstance { - /** - * Gets the message input used in this operation. - */ - abstract ConsumerInputDataFlowNode getMessageConsumer(); - + /** + * A key operation instance representing a signature being generated or verified. + * Note: These instances are known to always be signature operations. + * If an API allows an operation to be used for both MAC and signature, + * it should be modeled as a `SignatureOrMacOperationInstance` instead, + * even if all configuration paths to the current operation only configure it as a signature operation. + */ + abstract class SignatureOperationInstance extends SignatureOrMacOperationInstance { /** - * Gets the key used in this operation. + * Gets the consumer of the signature when this operation is a verification operation. */ - abstract ConsumerInputDataFlowNode getKeyConsumer(); + abstract ConsumerInputDataFlowNode getSignatureConsumer(); } - abstract class HmacAlgorithmInstance extends MacAlgorithmInstance { - HmacAlgorithmInstance() { this.getMacType() = HMAC() } - - /** - * Gets the hash algorithm used by this HMAC algorithm. - */ - abstract AlgorithmValueConsumer getHashAlgorithmValueConsumer(); - } + abstract class MacOperationInstance extends SignatureOrMacOperationInstance { } abstract class EllipticCurveInstance extends AlgorithmInstance { /** @@ -1063,11 +1085,6 @@ module CryptographyBase Input> { exists(KeyOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) } - private predicate isMacAvc(AlgorithmValueConsumer avc) { - exists(MacOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) or - exists(Pbkdf2AlgorithmInstance alg | avc = alg.getHmacAlgorithmValueConsumer()) - } - private predicate isKeyDerivationAvc(AlgorithmValueConsumer avc) { exists(KeyDerivationOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) } @@ -1091,9 +1108,6 @@ module CryptographyBase Input> { final private class HashAlgorithmInstanceOrValueConsumer = AlgorithmInstanceOrValueConsumer::Union; - final private class MacAlgorithmInstanceOrValueConsumer = - AlgorithmInstanceOrValueConsumer::Union; - final private class KeyDerivationAlgorithmInstanceOrValueConsumer = AlgorithmInstanceOrValueConsumer::Union; @@ -1128,13 +1142,11 @@ module CryptographyBase Input> { TPaddingAlgorithm(PaddingAlgorithmInstance e) or // All other operations THashOperation(HashOperationInstance e) or - TMacOperation(MacOperationInstance e) or TKeyAgreementOperation(KeyAgreementSecretGenerationOperationInstance e) or // All other algorithms TEllipticCurve(EllipticCurveInstanceOrValueConsumer e) or THashAlgorithm(HashAlgorithmInstanceOrValueConsumer e) or TKeyDerivationAlgorithm(KeyDerivationAlgorithmInstanceOrValueConsumer e) or - TMacAlgorithm(MacAlgorithmInstanceOrValueConsumer e) or TKeyAgreementAlgorithm(KeyAgreementAlgorithmInstanceOrValueConsumer e) or // Generic source nodes, i.e., sources of data that are not resolvable to a specific known asset. TGenericSourceNode(GenericSourceInstance e) { @@ -1582,57 +1594,36 @@ module CryptographyBase Input> { /** * A MAC operation that produces a MAC value. */ - final class MacOperationNode extends OperationNode, TMacOperation { - MacOperationInstance instance; - - MacOperationNode() { this = TMacOperation(instance) } + final class MacOperationNode extends SignatureOrMacOperationNode { + MacOperationNode() { + this.getKeyOperationSubtype() = TMacMode() and + // If the type could be a mac, then we will not consider it a mac operation exclusively. + not exists(KeyOperationSubtype t | t = this.getKeyOperationSubtype() and t = TMacMode()) + } final override string getInternalType() { result = "MACOperation" } override LocatableElement asElement() { result = instance } - override predicate isCandidateAlgorithmNode(AlgorithmNode node) { - node instanceof MacAlgorithmNode - } - MessageArtifactNode getAMessage() { - result.asElement() = instance.getMessageConsumer().getConsumer() + result.asElement() = instance.getInputConsumer().getConsumer() } - KeyArtifactNode getAKey() { result.asElement() = instance.getKeyConsumer().getConsumer() } - override NodeBase getChild(string edgeName) { result = super.getChild(edgeName) or // [KNOWN_OR_UNKNOWN] edgeName = "Message" and - if exists(this.getAMessage()) then result = this.getAMessage() else result = this - or - // [KNOWN_OR_UNKNOWN] - edgeName = "Key" and - if exists(this.getAKey()) then result = this.getAKey() else result = this + (if exists(this.getAMessage()) then result = this.getAMessage() else result = this) } } - /** - * A MAC algorithm, such as HMAC or CMAC. - */ - class MacAlgorithmNode extends AlgorithmNode, TMacAlgorithm { - MacAlgorithmInstanceOrValueConsumer instance; - - MacAlgorithmNode() { this = TMacAlgorithm(instance) } - - final override string getInternalType() { result = "MACAlgorithm" } - - override LocatableElement asElement() { result = instance } - - final override string getRawAlgorithmName() { - result = instance.asAlg().getRawMacAlgorithmName() + abstract class MacAlgorithmNode extends KeyOperationAlgorithmNode { + MacAlgorithmNode() { + instance.(KeyOperationAlgorithmInstance).getAlgorithmType() = KeyOpAlg::TMac(_) } - MacType getMacType() { result = instance.asAlg().getMacType() } - - override string getAlgorithmName() { result = this.getMacType().toString() } + override string getInternalType() { result = "MACAlgorithm" } } final class HmacAlgorithmNode extends MacAlgorithmNode { @@ -1640,6 +1631,8 @@ module CryptographyBase Input> { HmacAlgorithmNode() { hmacInstance = instance.asAlg() } + override string getInternalType() { result = "HMACAlgorithm" } + NodeBase getHashAlgorithmOrUnknown() { result.asElement() = hmacInstance.getHashAlgorithmValueConsumer().getASource() } @@ -1655,6 +1648,7 @@ module CryptographyBase Input> { } } + // TODO: CMAC model class KeyAgreementOperationNode extends OperationNode, TKeyAgreementOperation { KeyAgreementSecretGenerationOperationInstance instance; @@ -1871,6 +1865,7 @@ module CryptographyBase Input> { TUnwrapMode() or TSignMode() or TVerifyMode() or + TMacMode() or TUnknownKeyOperationMode() /** @@ -1890,6 +1885,8 @@ module CryptographyBase Input> { or result = "Verify" and this = TVerifyMode() or + result = "Mac" and this = TMacMode() + or result = "Unknown" and this = TUnknownKeyOperationMode() } } @@ -2001,14 +1998,44 @@ module CryptographyBase Input> { override string getInternalType() { result = nodeName } } - class SignatureOperationNode extends KeyOperationNode { + class SignatureOrMacOperationNode extends KeyOperationNode { + override SignatureOrMacOperationInstance instance; + + SignatureOrMacOperationNode() { + this.getKeyOperationSubtype() = TSignMode() + or + this.getKeyOperationSubtype() = TVerifyMode() + or + this.getKeyOperationSubtype() = TMacMode() + } + + override string getInternalType() { result = "SignatureOrMACOperation" } + + HashAlgorithmNode getHashAlgorithm() { + result = instance.getHashAlgorithmValueConsumer().getAKnownSourceNode() + } + + override NodeBase getChild(string key) { + result = super.getChild(key) + or + // [KNOWN_OR_UNKNOWN] + key = "HashAlgorithm" and + (if exists(this.getHashAlgorithm()) then result = this.getHashAlgorithm() else result = this) + } + } + + class SignatureOperationNode extends SignatureOrMacOperationNode { override SignatureOperationInstance instance; string nodeName; SignatureOperationNode() { - this.getKeyOperationSubtype() = TSignMode() and nodeName = "SignOperation" - or - this.getKeyOperationSubtype() = TVerifyMode() and nodeName = "VerifyOperation" + ( + this.getKeyOperationSubtype() = TSignMode() and nodeName = "SignOperation" + or + this.getKeyOperationSubtype() = TVerifyMode() and nodeName = "VerifyOperation" + ) and + // If the type could be a mac, then we will not consider it a signature operation exclusively. + not exists(KeyOperationSubtype t | t = this.getKeyOperationSubtype() and t = TMacMode()) } override string getInternalType() { result = nodeName } @@ -2017,10 +2044,6 @@ module CryptographyBase Input> { result.asElement() = instance.getSignatureConsumer().getConsumer() } - HashAlgorithmNode getHashAlgorithm() { - result = instance.getHashAlgorithmValueConsumer().getAKnownSourceNode() - } - override NodeBase getChild(string key) { result = super.getChild(key) or diff --git a/shared/quantum/codeql/quantum/experimental/Standardization.qll b/shared/quantum/codeql/quantum/experimental/Standardization.qll index 29c5b58d343a..929c92aefff1 100644 --- a/shared/quantum/codeql/quantum/experimental/Standardization.qll +++ b/shared/quantum/codeql/quantum/experimental/Standardization.qll @@ -14,6 +14,7 @@ module Types { TSymmetricCipher(TSymmetricCipherType t) or TAsymmetricCipher(TAsymmetricCipherType t) or TSignature(TSignatureAlgorithmType t) or + TMac(TMacAlgorithmType t) or TKeyEncapsulation(TKemAlgorithmType t) or TUnknownKeyOperationAlgorithmType() @@ -55,6 +56,11 @@ module Types { FRODO_KEM() or OtherKemAlgorithmType() + newtype TMacAlgorithmType = + HMAC() or + CMAC() or + OtherMacAlgorithmType() + newtype TCipherStructureType = Block() or Stream() or @@ -143,6 +149,13 @@ module Types { or this = TKeyEncapsulation(OtherKemAlgorithmType()) and result = "UnknownKEM" or + // MAC algorithms + this = TMac(HMAC()) and result = "HMAC" + or + this = TMac(CMAC()) and result = "CMAC" + or + this = TMac(OtherMacAlgorithmType()) and result = "UnknownMac" + or // Unknown this = TUnknownKeyOperationAlgorithmType() and result = "Unknown" } @@ -305,21 +318,6 @@ module Types { } } - newtype TMacType = - HMAC() or - CMAC() or - OtherMacType() - - class MacType extends TMacType { - string toString() { - this = HMAC() and result = "HMAC" - or - this = CMAC() and result = "CMAC" - or - this = OtherMacType() and result = "UnknownMacType" - } - } - // Key agreement algorithms newtype TKeyAgreementType = DH() or // Diffie-Hellman pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy