quantum-c#: refactoring

Author: fcasal

csharp/ql/lib/experimental/quantum/dotnet/AlgorithmInstances.qll

@@ -5,15 +5,9 @@ private import OperationInstances
 private import Cryptography
 private import FlowAnalysis
 
-class NamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance instanceof SigningNamedCurvePropertyAccess
+class NamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance instanceof NamedCurvePropertyAccess
 {
-  ECDsaAlgorithmValueConsumer consumer;
-
-  NamedCurveAlgorithmInstance() {
-    SigningNamedCurveToSignatureCreateFlow::flow(DataFlow::exprNode(this), consumer.getInputNode())
-  }
-
-  ECDsaAlgorithmValueConsumer getConsumer() { result = consumer }
+  NamedCurveAlgorithmInstance() { this instanceof NamedCurvePropertyAccess }
 
   override string getRawEllipticCurveName() { result = super.getCurveName() }
 
@@ -26,30 +20,40 @@ class NamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance instance
   }
 }
 
-class EcdsaAlgorithmInstance extends Crypto::KeyOperationAlgorithmInstance instanceof ECDsaCreateCall
-{
-  EcdsaAlgorithmInstance() {
-    // SigningNamedCurveToSignatureCreateFlow::flow(DataFlow::exprNode(this), consumer.getInputNode())
-    this instanceof ECDsaCreateCall
-  }
-
-  ECDsaAlgorithmValueConsumer getConsumer() { result = super.getQualifier() }
-
-  override string getRawAlgorithmName() { result = "ECDsa" }
-
+abstract class SigningAlgorithmInstance extends Crypto::KeyOperationAlgorithmInstance {
   override Crypto::ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() { none() }
 
-  // TODO: PaddingAlgorithmInstance errors with "call to empty relation: class test for Model::CryptographyBase::PaddingAlgorithmInstance"
   override Crypto::PaddingAlgorithmInstance getPaddingAlgorithm() { none() }
+
   override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { none() }
 
+
   override int getKeySizeFixed() { none() }
+}
+
+class EcdsaAlgorithmInstance extends SigningAlgorithmInstance instanceof SigningCreateCall {
+  EcdsaAlgorithmInstance() { this instanceof ECDsaCreateCall }
+
+  EcdsaAlgorithmValueConsumer getConsumer() { result = super.getQualifier() }
+
+  override string getRawAlgorithmName() { result = "ECDsa" }
 
   override Crypto::KeyOpAlg::Algorithm getAlgorithmType() {
     result = Crypto::KeyOpAlg::TSignature(Crypto::KeyOpAlg::ECDSA())
   }
 }
 
+class RsaAlgorithmInstance extends SigningAlgorithmInstance {
+  RsaAlgorithmInstance() { this = any(RSACreateCall c).getQualifier() }
+
+  override string getRawAlgorithmName() { result = "RSA" }
+
+  override Crypto::KeyOpAlg::Algorithm getAlgorithmType() {
+    // TODO there is no RSA TSignature type, so we use OtherSignatureAlgorithmType
+    result = Crypto::KeyOpAlg::TSignature(Crypto::KeyOpAlg::OtherSignatureAlgorithmType())
+  }
+}
+
 class HashAlgorithmNameInstance extends Crypto::HashAlgorithmInstance instanceof HashAlgorithmName {
   HashAlgorithmNameConsumer consumer;
 

csharp/ql/lib/experimental/quantum/dotnet/AlgorithmValueConsumers.qll

@@ -4,15 +4,15 @@ private import AlgorithmInstances
 private import OperationInstances
 private import Cryptography
 
-class ECDsaAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer {
+class EcdsaAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer {
   ECDsaCreateCall call;
 
-  ECDsaAlgorithmValueConsumer() { this = call.getAlgorithmArg() }
+  EcdsaAlgorithmValueConsumer() { this = call.getAlgorithmArg() }
 
   override Crypto::ConsumerInputDataFlowNode getInputNode() { result.asExpr() = this }
 
   override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
-    exists(NamedCurveAlgorithmInstance l | l.getConsumer() = this and result = l)
+    exists(EcdsaAlgorithmInstance l | l.getConsumer() = this and result = l)
   }
 }
 

csharp/ql/lib/experimental/quantum/dotnet/Cryptography.qll

@@ -85,10 +85,10 @@ class HashAlgorithmCreateCall extends CryptographyCreateCall {
   HashAlgorithmCreateCall() { this.getQualifier().getType() instanceof HashAlgorithmType }
 }
 
-class SigningNamedCurvePropertyAccess extends PropertyAccess {
+class NamedCurvePropertyAccess extends PropertyAccess {
   string curveName;
 
-  SigningNamedCurvePropertyAccess() {
+  NamedCurvePropertyAccess() {
     super.getType().getName() = "ECCurve" and
     eccurveNameMapping(super.getProperty().toString().toUpperCase(), curveName)
   }

csharp/ql/lib/experimental/quantum/dotnet/FlowAnalysis.qll

@@ -10,8 +10,6 @@ signature class UseCallSig instanceof QualifiableExpr {
   predicate isIntermediate();
 }
 
-
-
 module CreationToUseFlow<CreationCallSig Creation, UseCallSig Use> {
   private module CreationToUseConfig implements DataFlow::ConfigSig {
     predicate isSource(DataFlow::Node source) {
@@ -68,10 +66,10 @@ module CreationToUseFlow<CreationCallSig Creation, UseCallSig Use> {
  * Flow from a known ECDsa property access to a `ECDsa.Create(sink)` call.
  */
 module SigningNamedCurveToSignatureCreateFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SigningNamedCurvePropertyAccess }
+  predicate isSource(DataFlow::Node src) { src.asExpr() instanceof NamedCurvePropertyAccess }
 
   predicate isSink(DataFlow::Node sink) {
-    exists(ECDsaAlgorithmValueConsumer consumer | sink = consumer.getInputNode())
+    exists(EcdsaAlgorithmValueConsumer consumer | sink = consumer.getInputNode())
   }
 }