quantum-c#: Add HashAlgorithmInstance

Author: fcasal

csharp/ql/lib/experimental/quantum/dotnet/AlgorithmInstances.qll

@@ -4,11 +4,11 @@ private import AlgorithmValueConsumers
 private import Cryptography
 private import FlowAnalysis
 
-class SigningNamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance instanceof SigningNamedCurvePropertyAccess
+class NamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance instanceof SigningNamedCurvePropertyAccess
 {
   ECDsaAlgorithmValueConsumer consumer;
 
-  SigningNamedCurveAlgorithmInstance() {
+  NamedCurveAlgorithmInstance() {
     SigningNamedCurveToSignatureCreateFlow::flow(DataFlow::exprNode(this), consumer.getInputNode())
   }
 
@@ -25,6 +25,30 @@ class SigningNamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance i
   }
 }
 
+class EcdsaAlgorithmInstance extends Crypto::KeyOperationAlgorithmInstance instanceof ECDsaCreateCall
+{
+  EcdsaAlgorithmInstance() {
+    // SigningNamedCurveToSignatureCreateFlow::flow(DataFlow::exprNode(this), consumer.getInputNode())
+    this instanceof ECDsaCreateCall
+  }
+
+  ECDsaAlgorithmValueConsumer getConsumer() { result = super.getQualifier() }
+
+  override string getRawAlgorithmName() { result = "ECDsa" }
+
+  override Crypto::ModeOfOperationAlgorithmInstance getModeOfOperationAlgorithm() { none() }
+
+  // TODO: PaddingAlgorithmInstance errors with "call to empty relation: class test for Model::CryptographyBase::PaddingAlgorithmInstance"
+  override Crypto::PaddingAlgorithmInstance getPaddingAlgorithm() { none() }
+  override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { none() }
+
+  override int getKeySizeFixed() { none() }
+
+  override Crypto::KeyOpAlg::Algorithm getAlgorithmType() {
+    result = Crypto::KeyOpAlg::TSignature(Crypto::KeyOpAlg::ECDSA())
+  }
+}
+
 class HashAlgorithmNameInstance extends Crypto::HashAlgorithmInstance instanceof HashAlgorithmName {
   HashAlgorithmNameConsumer consumer;
 

csharp/ql/lib/experimental/quantum/dotnet/AlgorithmValueConsumers.qll

@@ -11,7 +11,7 @@ class ECDsaAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer {
   override Crypto::ConsumerInputDataFlowNode getInputNode() { result.asExpr() = this }
 
   override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
-    exists(SigningNamedCurveAlgorithmInstance l | l.getConsumer() = this and result = l)
+    exists(NamedCurveAlgorithmInstance l | l.getConsumer() = this and result = l)
   }
 }
 

csharp/ql/lib/experimental/quantum/dotnet/Cryptography.qll

@@ -17,9 +17,25 @@ class ECCurve extends CryptographyType {
   ECCurve() { this.hasName("ECCurve") }
 }
 
+class HashAlgorithmType extends CryptographyType {
+  HashAlgorithmType() {
+    this.hasName([
+        "MD5",
+        "RIPEMD160",
+        "SHA1",
+        "SHA256",
+        "SHA384",
+        "SHA512",
+        "SHA3_256",
+        "SHA3_384",
+        "SHA3_512"
+      ])
+  }
+}
+
 // This class models Create calls for the ECDsa and RSA classes in .NET.
-class SigningCreateCall extends MethodCall {
-  SigningCreateCall() {
+class CryptographyCreateCall extends MethodCall {
+  CryptographyCreateCall() {
     this.getTarget().getName() = "Create" and
     this.getQualifier().getType() instanceof CryptographyType
   }
@@ -41,7 +57,7 @@ class SigningCreateCall extends MethodCall {
   }
 }
 
-class ECDsaCreateCall extends SigningCreateCall {
+class ECDsaCreateCall extends CryptographyCreateCall {
   ECDsaCreateCall() { this.getQualifier().getType().hasName("ECDsa") }
 }
 
@@ -54,28 +70,21 @@ class ECDsaCreateCallWithECCurve extends ECDsaCreateCall {
   ECDsaCreateCallWithECCurve() { this.getArgument(0).getType() instanceof ECCurve }
 }
 
-class RSACreateCall extends SigningCreateCall {
+class RSACreateCall extends CryptographyCreateCall {
   RSACreateCall() { this.getQualifier().getType().hasName("RSA") }
 }
 
-class HashAlgorithmCreateCall extends SigningCreateCall {
-  HashAlgorithmCreateCall() {
-    this.getQualifier()
-        .getType()
-        .hasName([
-            "MD5",
-            "RIPEMD160",
-            "SHA1",
-            "SHA256",
-            "SHA384",
-            "SHA512",
-            "SHA3_256",
-            "SHA3_384",
-            "SHA3_512"
-          ])
+class SigningCreateCall extends CryptographyCreateCall {
+  SigningCreateCall() {
+    this instanceof ECDsaCreateCall or
+    this instanceof RSACreateCall
   }
 }
 
+class HashAlgorithmCreateCall extends CryptographyCreateCall {
+  HashAlgorithmCreateCall() { this.getQualifier().getType() instanceof HashAlgorithmType }
+}
+
 class SigningNamedCurvePropertyAccess extends PropertyAccess {
   string curveName;
 
@@ -166,6 +175,13 @@ private class RSAClass extends CryptographyType {
   RSAClass() { this.hasName("RSA") }
 }
 
+private class SignerType extends Type {
+  SignerType() {
+    this instanceof ECDsaClass or
+    this instanceof RSAClass
+  }
+}
+
 class ByteArrayType extends Type {
   ByteArrayType() { this.getName() = "Byte[]" }
 }
@@ -174,8 +190,25 @@ class ReadOnlyByteSpanType extends Type {
   ReadOnlyByteSpanType() { this.getName() = "ReadOnlySpan<Byte>" }
 }
 
+class HashUse extends MethodCall {
+  HashUse() {
+    this.getQualifier().getType() instanceof HashAlgorithmType and
+    this.getTarget()
+        .getName()
+        .matches([
+            "ComputeHash", "ComputeHashAsync", "HashCore", "HashData", "HashDataAsync",
+            "TransformBlock", "TransformFinalBlock", "TryComputeHash", "TryHashData", "TryHashFinal"
+          ])
+  }
+
+  predicate isIntermediate() { this.getTarget().hasName("HashCore") }
+}
+
 class SignerUse extends MethodCall {
-  SignerUse() { this.getTarget().getName().matches(["Verify%", "Sign%"]) }
+  SignerUse() {
+    this.getTarget().getName().matches(["Verify%", "Sign%"]) and
+    this.getQualifier().getType() instanceof SignerType
+  }
 
   Expr getMessageArg() {
     // Both Sign and Verify methods take the message as the first argument.

csharp/ql/lib/experimental/quantum/dotnet/FlowAnalysis.qll

@@ -34,6 +34,8 @@ signature class UseCallSig instanceof QualifiableExpr {
 
 module SigningCreateToUseFlow = CreationToUseFlow<SigningCreateCall, SignerUse>;
 
+module HashCreateToUseFlow = CreationToUseFlow<HashAlgorithmCreateCall, HashUse>;
+
 module CreationToUseFlow<CreationCallSig Creation, UseCallSig Use> {
   private module CreationToUseConfig implements DataFlow::ConfigSig {
     predicate isSource(DataFlow::Node source) {

csharp/ql/lib/experimental/quantum/dotnet/OperationInstances.qll

@@ -14,8 +14,6 @@ class ECDsaORRSASigningOperationInstance extends Crypto::SignatureOperationInsta
 
   override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
     result = creator.getAlgorithmArg()
-    or
-    result = super.getHashAlgorithmArg()
   }
 
   override Crypto::KeyOperationSubtype getKeyOperationSubtype() {
@@ -45,3 +43,15 @@ class ECDsaORRSASigningOperationInstance extends Crypto::SignatureOperationInsta
     result.asExpr() = super.getSignatureOutput()
   }
 }
+
+class HashOperationInstance extends Crypto::HashOperationInstance instanceof HashUse {
+  HashAlgorithmCreateCall creator;
+
+  HashOperationInstance() { creator = HashCreateToUseFlow::getCreationFromUse(this, _, _) }
+
+  override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { none() }
+
+  override Crypto::ConsumerInputDataFlowNode getInputConsumer() { none() }
+
+  override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { none() }
+}