Skip to content

Commit 6f6566f

Browse files
committed
Crypto: Initial test case and test case infrastructure for openssl. The current expected file in this commit is empty, i.e., tests will fail.
1 parent 007683f commit 6f6566f

File tree

7 files changed

+8970
-1
lines changed

7 files changed

+8970
-1
lines changed

cpp/ql/lib/experimental/quantum/OpenSSL/CtxFlow.qll

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,19 @@ import semmle.code.cpp.dataflow.new.DataFlow
2929
* - EVP_PKEY_CTX
3030
*/
3131
private class CtxType extends Type {
32-
CtxType() { this.getUnspecifiedType().stripType().getName().matches("evp_%ctx_%st") }
32+
CtxType() {
33+
// It is possible for users to use the underlying type of the CTX variables
34+
// these have a name matching 'evp_%ctx_%st
35+
this.getUnspecifiedType().stripType().getName().matches("evp_%ctx_%st")
36+
or
37+
// In principal the above check should be sufficient, but in case of build mode none issues
38+
// i.e., if a typedef cannot be resolved,
39+
// or issues with properly stubbing test cases, we also explicitly check for the wrapping type defs
40+
// i.e., patterns matching 'EVP_%_CTX'
41+
exists(Type base | base = this or base = this.(DerivedType).getBaseType() |
42+
base.getName().matches("EVP_%_CTX")
43+
)
44+
}
3345
}
3446

3547
/**

cpp/ql/test/library-tests/quantum/openssl/cipher_operations.expected

Whitespace-only changes.
Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
import cpp
2+
import experimental.quantum.Language
3+
4+
from Crypto::CipherOperationNode n
5+
select n, n.getAnInputArtifact(), n.getAnOutputArtifact(), n.getAKey(), n.getANonce(),
6+
n.getAKnownAlgorithm(), n.getKeyOperationSubtype()

cpp/ql/test/library-tests/quantum/openssl/includes/alg_macro_stubs.h

Lines changed: 3741 additions & 0 deletions
Large diffs are not rendered by default.

0 commit comments

Comments
 (0)