Fixed QL for QL code scanning results for .NET

fegge · fegge · commit 81f06d997de2 · 2025-07-04T13:55:18.000+02:00
diff --git a/csharp/ql/lib/experimental/quantum/dotnet/AlgorithmInstances.qll b/csharp/ql/lib/experimental/quantum/dotnet/AlgorithmInstances.qll
@@ -7,8 +7,6 @@ private import FlowAnalysis
 
 class NamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance instanceof NamedCurvePropertyAccess
 {
-  NamedCurveAlgorithmInstance() { this instanceof NamedCurvePropertyAccess }
-
   override string getRawEllipticCurveName() { result = super.getCurveName() }
 
   override Crypto::TEllipticCurveType getEllipticCurveType() {
diff --git a/csharp/ql/lib/experimental/quantum/dotnet/Cryptography.qll b/csharp/ql/lib/experimental/quantum/dotnet/Cryptography.qll
@@ -6,16 +6,16 @@ class CryptographyType extends Type {
   CryptographyType() { this.hasFullyQualifiedName("System.Security.Cryptography", _) }
 }
 
-class ECParameters extends CryptographyType {
-  ECParameters() { this.hasName("ECParameters") }
+class EcParameters extends CryptographyType {
+  EcParameters() { this.hasName("ECParameters") }
 }
 
-class RSAParameters extends CryptographyType {
-  RSAParameters() { this.hasName("RSAParameters") }
+class RsaParameters extends CryptographyType {
+  RsaParameters() { this.hasName("RSAParameters") }
 }
 
-class ECCurve extends CryptographyType {
-  ECCurve() { this.hasName("ECCurve") }
+class EcCurve extends CryptographyType {
+  EcCurve() { this.hasName("ECCurve") }
 }
 
 class HashAlgorithmType extends CryptographyType {
@@ -71,12 +71,12 @@ class EcdsaCreateCall extends CryptographyCreateCall {
 }
 
 // This class is used to model the `ECDsa.Create(ECParameters)` call
-class ECDsaCreateCallWithParameters extends EcdsaCreateCall {
-  ECDsaCreateCallWithParameters() { this.getArgument(0).getType() instanceof ECParameters }
+class EcdsaCreateCallWithParameters extends EcdsaCreateCall {
+  EcdsaCreateCallWithParameters() { this.getArgument(0).getType() instanceof EcParameters }
 }
 
-class ECDsaCreateCallWithECCurve extends EcdsaCreateCall {
-  ECDsaCreateCallWithECCurve() { this.getArgument(0).getType() instanceof ECCurve }
+class EcdsaCreateCallWithECCurve extends EcdsaCreateCall {
+  EcdsaCreateCallWithECCurve() { this.getArgument(0).getType() instanceof EcCurve }
 }
 
 class RsaCreateCall extends CryptographyCreateCall {
@@ -127,7 +127,7 @@ class NamedCurvePropertyAccess extends PropertyAccess {
 
   NamedCurvePropertyAccess() {
     super.getType().getName() = "ECCurve" and
-    eccurveNameMapping(super.getProperty().toString().toUpperCase(), curveName)
+    ecCurveNameMapping(super.getProperty().toString().toUpperCase(), curveName)
   }
 
   string getCurveName() { result = curveName }
@@ -196,7 +196,7 @@ class HashAlgorithmNameUser extends MethodCall {
  * Private predicate mapping NIST names to SEC names and leaving all others the same.
  */
 bindingset[nist]
-private predicate eccurveNameMapping(string nist, string secp) {
+private predicate ecCurveNameMapping(string nist, string secp) {
   if nist.matches("NIST%")
   then
     nist = "NISTP256" and secp = "secp256r1"
@@ -208,28 +208,28 @@ private predicate eccurveNameMapping(string nist, string secp) {
 }
 
 // OPERATION INSTANCES
-private class ECDsaClass extends CryptographyType {
-  ECDsaClass() { this.hasName("ECDsa") }
+private class EcdsaClass extends CryptographyType {
+  EcdsaClass() { this.hasName("ECDsa") }
 }
 
-private class RSAClass extends CryptographyType {
-  RSAClass() { this.hasName("RSA") }
+private class RsaClass extends CryptographyType {
+  RsaClass() { this.hasName("RSA") }
 }
 
-private class RSAPKCS1SignatureFormatter extends CryptographyType {
-  RSAPKCS1SignatureFormatter() { this.hasName("RSAPKCS1SignatureFormatter") }
+private class RsaPkcs1SignatureFormatter extends CryptographyType {
+  RsaPkcs1SignatureFormatter() { this.hasName("RSAPKCS1SignatureFormatter") }
 }
 
-private class RSAPKCS1SignatureDeformatter extends CryptographyType {
-  RSAPKCS1SignatureDeformatter() { this.hasName("RSAPKCS1SignatureDeformatter") }
+private class RsaPkcs1SignatureDeformatter extends CryptographyType {
+  RsaPkcs1SignatureDeformatter() { this.hasName("RSAPKCS1SignatureDeformatter") }
 }
 
 private class SignerType extends Type {
   SignerType() {
-    this instanceof ECDsaClass or
-    this instanceof RSAClass or
-    this instanceof RSAPKCS1SignatureFormatter or
-    this instanceof RSAPKCS1SignatureDeformatter
+    this instanceof EcdsaClass or
+    this instanceof RsaClass or
+    this instanceof RsaPkcs1SignatureFormatter or
+    this instanceof RsaPkcs1SignatureDeformatter
   }
 }
 
@@ -631,8 +631,8 @@ class MacAlgorithmType extends CryptographyType {
   MacAlgorithmType() { this.getName().matches(["HMAC%", "KeyedHashAlgorithm"]) }
 }
 
-class HMACCreation extends ObjectCreation {
-  HMACCreation() { this.getObjectType() instanceof MacAlgorithmType }
+class HmacCreation extends ObjectCreation {
+  HmacCreation() { this.getObjectType() instanceof MacAlgorithmType }
 
   Expr getKeyArg() { if this.hasNoArguments() then result = this else result = this.getArgument(0) }
 
@@ -674,7 +674,7 @@ class MacUse extends Crypto::AlgorithmValueConsumer instanceof MethodCall {
   Expr getKeyArg() {
     if not super.getTarget().getName().matches("ComputeHash%")
     then result = super.getArgument(0)
-    else result = HMACFlow::getCreationFromUse(this, _, _).getKeyArg()
+    else result = HmacFlow::getCreationFromUse(this, _, _).getKeyArg()
   }
 
   override Crypto::AlgorithmInstance getAKnownAlgorithmSource() { result = super.getQualifier() }
@@ -684,16 +684,16 @@ class MacUse extends Crypto::AlgorithmValueConsumer instanceof MethodCall {
   Expr getQualifier() { result = super.getQualifier() }
 }
 
-class HMACAlgorithmInstance extends Crypto::MACAlgorithmInstance instanceof Expr {
-  HMACAlgorithmInstance() { this = any(MacUse c).getQualifier() }
+class HmacAlgorithmInstance extends Crypto::MACAlgorithmInstance instanceof Expr {
+  HmacAlgorithmInstance() { this = any(MacUse c).getQualifier() }
 
   override Crypto::TMACType getMACType() { result instanceof Crypto::THMAC }
 
   override string getRawMACAlgorithmName() { result = super.getType().getName() }
 }
 
-class HMACAlgorithmQualifier extends Crypto::HMACAlgorithmInstance, Crypto::AlgorithmValueConsumer,
-  HMACAlgorithmInstance, Crypto::HashAlgorithmInstance instanceof Expr
+class HmacAlgorithmQualifier extends Crypto::HMACAlgorithmInstance, Crypto::AlgorithmValueConsumer,
+  HmacAlgorithmInstance, Crypto::HashAlgorithmInstance instanceof Expr
 {
   override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { result = this }
 
@@ -718,7 +718,7 @@ class HMACAlgorithmQualifier extends Crypto::HMACAlgorithmInstance, Crypto::Algo
   private string getOriginalRawHashAlgorithmName() {
     exists(MacUse use |
       use.getQualifier() = this and
-      result = HMACFlow::getCreationFromUse(use, _, _).getRawAlgorithmName().replaceAll("HMAC", "")
+      result = HmacFlow::getCreationFromUse(use, _, _).getRawAlgorithmName().replaceAll("HMAC", "")
     )
   }
 }
diff --git a/csharp/ql/lib/experimental/quantum/dotnet/FlowAnalysis.qll b/csharp/ql/lib/experimental/quantum/dotnet/FlowAnalysis.qll
@@ -70,7 +70,7 @@ module CryptoStreamFlow = CreationToUseFlow<CryptoStreamCreation, CryptoStreamUs
 
 module AeadFlow = CreationToUseFlow<AeadCreation, AeadUse>;
 
-module HMACFlow = CreationToUseFlow<HMACCreation, MacUse>;
+module HmacFlow = CreationToUseFlow<HmacCreation, MacUse>;
 
 module SymmetricAlgorithmFlow =
   CreationToUseFlow<SymmetricAlgorithmCreation, SymmetricAlgorithmUse>;
@@ -263,17 +263,16 @@ module SigningCreateToUseFlow {
       sink.asExpr() = any(SignerUse use).(QualifiableExpr).getQualifier()
     }
 
-    /**
-     * An additional flow step across new object creations that use the original objects.
-     *
-     * Example:
-     * ```
-     * RSA rsa = RSA.Create()
-     * RSAPKCS1SignatureFormatter rsaFormatter = new(rsa);
-     * rsaFormatter.SetHashAlgorithm(nameof(SHA256));
-     * signedHash = rsaFormatter.CreateSignature(hash);
-     * ```
-     */
+    // Holds if the incoming node is an argument of the constructor call
+    // represented by the outgoing node.
+    //
+    // Example:
+    // ```
+    // RSA rsa = RSA.Create()
+    // RSAPKCS1SignatureFormatter rsaFormatter = new(rsa);
+    // rsaFormatter.SetHashAlgorithm(nameof(SHA256));
+    // signedHash = rsaFormatter.CreateSignature(hash);
+    // ```
     predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
       exists(ObjectCreation create |
         node2.asExpr() = create and node1.asExpr() = create.getAnArgument()
diff --git a/csharp/ql/lib/experimental/quantum/dotnet/OperationInstances.qll b/csharp/ql/lib/experimental/quantum/dotnet/OperationInstances.qll
@@ -210,8 +210,8 @@ class AeadOperationInstance extends Crypto::KeyOperationInstance instanceof Aead
   }
 }
 
-class HMACOperationInstance extends Crypto::MACOperationInstance instanceof MacUse {
-  HMACOperationInstance() { not super.isIntermediate() }
+class HmacOperationInstance extends Crypto::MACOperationInstance instanceof MacUse {
+  HmacOperationInstance() { not super.isIntermediate() }
 
   override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
     result = super.getQualifier()

Original file line number	Diff line number	Diff line change
`@@ -7,8 +7,6 @@ private import FlowAnalysis`
`7`	`7`
`8`	`8`	`class NamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance instanceof NamedCurvePropertyAccess`
`9`	`9`	`{`
`10`		`- NamedCurveAlgorithmInstance() { this instanceof NamedCurvePropertyAccess }`
`11`		`-`
`12`	`10`	`override string getRawEllipticCurveName() { result = super.getCurveName() }`
`13`	`11`
`14`	`12`	`override Crypto::TEllipticCurveType getEllipticCurveType() {`
Original file line number	Diff line number	Diff line change
`@@ -6,16 +6,16 @@ class CryptographyType extends Type {`
`6`	`6`	`CryptographyType() { this.hasFullyQualifiedName("System.Security.Cryptography", _) }`
`7`	`7`	`}`
`8`	`8`
`9`		`-class ECParameters extends CryptographyType {`
`10`		`- ECParameters() { this.hasName("ECParameters") }`
	`9`	`+class EcParameters extends CryptographyType {`
	`10`	`+ EcParameters() { this.hasName("ECParameters") }`
`11`	`11`	`}`
`12`	`12`
`13`		`-class RSAParameters extends CryptographyType {`
`14`		`- RSAParameters() { this.hasName("RSAParameters") }`
	`13`	`+class RsaParameters extends CryptographyType {`
	`14`	`+ RsaParameters() { this.hasName("RSAParameters") }`
`15`	`15`	`}`
`16`	`16`
`17`		`-class ECCurve extends CryptographyType {`
`18`		`- ECCurve() { this.hasName("ECCurve") }`
	`17`	`+class EcCurve extends CryptographyType {`
	`18`	`+ EcCurve() { this.hasName("ECCurve") }`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`class HashAlgorithmType extends CryptographyType {`
`@@ -71,12 +71,12 @@ class EcdsaCreateCall extends CryptographyCreateCall {`
`71`	`71`	`}`
`72`	`72`
`73`	`73`	// This class is used to model the `ECDsa.Create(ECParameters)` call
`74`		`-class ECDsaCreateCallWithParameters extends EcdsaCreateCall {`
`75`		`- ECDsaCreateCallWithParameters() { this.getArgument(0).getType() instanceof ECParameters }`
	`74`	`+class EcdsaCreateCallWithParameters extends EcdsaCreateCall {`
	`75`	`+ EcdsaCreateCallWithParameters() { this.getArgument(0).getType() instanceof EcParameters }`
`76`	`76`	`}`
`77`	`77`
`78`		`-class ECDsaCreateCallWithECCurve extends EcdsaCreateCall {`
`79`		`- ECDsaCreateCallWithECCurve() { this.getArgument(0).getType() instanceof ECCurve }`
	`78`	`+class EcdsaCreateCallWithECCurve extends EcdsaCreateCall {`
	`79`	`+ EcdsaCreateCallWithECCurve() { this.getArgument(0).getType() instanceof EcCurve }`
`80`	`80`	`}`
`81`	`81`
`82`	`82`	`class RsaCreateCall extends CryptographyCreateCall {`
`@@ -127,7 +127,7 @@ class NamedCurvePropertyAccess extends PropertyAccess {`
`127`	`127`
`128`	`128`	`NamedCurvePropertyAccess() {`
`129`	`129`	`super.getType().getName() = "ECCurve" and`
`130`		`- eccurveNameMapping(super.getProperty().toString().toUpperCase(), curveName)`
	`130`	`+ ecCurveNameMapping(super.getProperty().toString().toUpperCase(), curveName)`
`131`	`131`	`}`
`132`	`132`
`133`	`133`	`string getCurveName() { result = curveName }`
`@@ -196,7 +196,7 @@ class HashAlgorithmNameUser extends MethodCall {`
`196`	`196`	`* Private predicate mapping NIST names to SEC names and leaving all others the same.`
`197`	`197`	`*/`
`198`	`198`	`bindingset[nist]`
`199`		`-private predicate eccurveNameMapping(string nist, string secp) {`
	`199`	`+private predicate ecCurveNameMapping(string nist, string secp) {`
`200`	`200`	`if nist.matches("NIST%")`
`201`	`201`	`then`
`202`	`202`	`nist = "NISTP256" and secp = "secp256r1"`
`@@ -208,28 +208,28 @@ private predicate eccurveNameMapping(string nist, string secp) {`
`208`	`208`	`}`
`209`	`209`
`210`	`210`	`// OPERATION INSTANCES`
`211`		`-private class ECDsaClass extends CryptographyType {`
`212`		`- ECDsaClass() { this.hasName("ECDsa") }`
	`211`	`+private class EcdsaClass extends CryptographyType {`
	`212`	`+ EcdsaClass() { this.hasName("ECDsa") }`
`213`	`213`	`}`
`214`	`214`
`215`		`-private class RSAClass extends CryptographyType {`
`216`		`- RSAClass() { this.hasName("RSA") }`
	`215`	`+private class RsaClass extends CryptographyType {`
	`216`	`+ RsaClass() { this.hasName("RSA") }`
`217`	`217`	`}`
`218`	`218`
`219`		`-private class RSAPKCS1SignatureFormatter extends CryptographyType {`
`220`		`- RSAPKCS1SignatureFormatter() { this.hasName("RSAPKCS1SignatureFormatter") }`
	`219`	`+private class RsaPkcs1SignatureFormatter extends CryptographyType {`
	`220`	`+ RsaPkcs1SignatureFormatter() { this.hasName("RSAPKCS1SignatureFormatter") }`
`221`	`221`	`}`
`222`	`222`
`223`		`-private class RSAPKCS1SignatureDeformatter extends CryptographyType {`
`224`		`- RSAPKCS1SignatureDeformatter() { this.hasName("RSAPKCS1SignatureDeformatter") }`
	`223`	`+private class RsaPkcs1SignatureDeformatter extends CryptographyType {`
	`224`	`+ RsaPkcs1SignatureDeformatter() { this.hasName("RSAPKCS1SignatureDeformatter") }`
`225`	`225`	`}`
`226`	`226`
`227`	`227`	`private class SignerType extends Type {`
`228`	`228`	`SignerType() {`
`229`		`- this instanceof ECDsaClass or`
`230`		`- this instanceof RSAClass or`
`231`		`- this instanceof RSAPKCS1SignatureFormatter or`
`232`		`- this instanceof RSAPKCS1SignatureDeformatter`
	`229`	`+ this instanceof EcdsaClass or`
	`230`	`+ this instanceof RsaClass or`
	`231`	`+ this instanceof RsaPkcs1SignatureFormatter or`
	`232`	`+ this instanceof RsaPkcs1SignatureDeformatter`
`233`	`233`	`}`
`234`	`234`	`}`
`235`	`235`
`@@ -631,8 +631,8 @@ class MacAlgorithmType extends CryptographyType {`
`631`	`631`	`MacAlgorithmType() { this.getName().matches(["HMAC%", "KeyedHashAlgorithm"]) }`
`632`	`632`	`}`
`633`	`633`
`634`		`-class HMACCreation extends ObjectCreation {`
`635`		`- HMACCreation() { this.getObjectType() instanceof MacAlgorithmType }`
	`634`	`+class HmacCreation extends ObjectCreation {`
	`635`	`+ HmacCreation() { this.getObjectType() instanceof MacAlgorithmType }`
`636`	`636`
`637`	`637`	`Expr getKeyArg() { if this.hasNoArguments() then result = this else result = this.getArgument(0) }`
`638`	`638`
`@@ -674,7 +674,7 @@ class MacUse extends Crypto::AlgorithmValueConsumer instanceof MethodCall {`
`674`	`674`	`Expr getKeyArg() {`
`675`	`675`	`if not super.getTarget().getName().matches("ComputeHash%")`
`676`	`676`	`then result = super.getArgument(0)`
`677`		`- else result = HMACFlow::getCreationFromUse(this, _, _).getKeyArg()`
	`677`	`+ else result = HmacFlow::getCreationFromUse(this, _, _).getKeyArg()`
`678`	`678`	`}`
`679`	`679`
`680`	`680`	`override Crypto::AlgorithmInstance getAKnownAlgorithmSource() { result = super.getQualifier() }`
`@@ -684,16 +684,16 @@ class MacUse extends Crypto::AlgorithmValueConsumer instanceof MethodCall {`
`684`	`684`	`Expr getQualifier() { result = super.getQualifier() }`
`685`	`685`	`}`
`686`	`686`
`687`		`-class HMACAlgorithmInstance extends Crypto::MACAlgorithmInstance instanceof Expr {`
`688`		`- HMACAlgorithmInstance() { this = any(MacUse c).getQualifier() }`
	`687`	`+class HmacAlgorithmInstance extends Crypto::MACAlgorithmInstance instanceof Expr {`
	`688`	`+ HmacAlgorithmInstance() { this = any(MacUse c).getQualifier() }`
`689`	`689`
`690`	`690`	`override Crypto::TMACType getMACType() { result instanceof Crypto::THMAC }`
`691`	`691`
`692`	`692`	`override string getRawMACAlgorithmName() { result = super.getType().getName() }`
`693`	`693`	`}`
`694`	`694`
`695`		`-class HMACAlgorithmQualifier extends Crypto::HMACAlgorithmInstance, Crypto::AlgorithmValueConsumer,`
`696`		`- HMACAlgorithmInstance, Crypto::HashAlgorithmInstance instanceof Expr`
	`695`	`+class HmacAlgorithmQualifier extends Crypto::HMACAlgorithmInstance, Crypto::AlgorithmValueConsumer,`
	`696`	`+ HmacAlgorithmInstance, Crypto::HashAlgorithmInstance instanceof Expr`
`697`	`697`	`{`
`698`	`698`	`override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { result = this }`
`699`	`699`
`@@ -718,7 +718,7 @@ class HMACAlgorithmQualifier extends Crypto::HMACAlgorithmInstance, Crypto::Algo`
`718`	`718`	`private string getOriginalRawHashAlgorithmName() {`
`719`	`719`	`exists(MacUse use \|`
`720`	`720`	`use.getQualifier() = this and`
`721`		`- result = HMACFlow::getCreationFromUse(use, _, _).getRawAlgorithmName().replaceAll("HMAC", "")`
	`721`	`+ result = HmacFlow::getCreationFromUse(use, _, _).getRawAlgorithmName().replaceAll("HMAC", "")`
`722`	`722`	`)`
`723`	`723`	`}`
`724`	`724`	`}`
Original file line number	Diff line number	Diff line change
`@@ -210,8 +210,8 @@ class AeadOperationInstance extends Crypto::KeyOperationInstance instanceof Aead`
`210`	`210`	`}`
`211`	`211`	`}`
`212`	`212`
`213`		`-class HMACOperationInstance extends Crypto::MACOperationInstance instanceof MacUse {`
`214`		`- HMACOperationInstance() { not super.isIntermediate() }`
	`213`	`+class HmacOperationInstance extends Crypto::MACOperationInstance instanceof MacUse {`
	`214`	`+ HmacOperationInstance() { not super.isIntermediate() }`
`215`	`215`
`216`	`216`	`override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {`
`217`	`217`	`result = super.getQualifier()`