Crypto: Add missing cipher algorithms to JCA. Update node tests to account for missing cipher algorithms.

Author: bdrodes

java/ql/lib/experimental/quantum/JCA.qll

@@ -26,7 +26,8 @@ module JCAModel {
     algo.toUpperCase()
         .matches([
             "AES", "AESWrap", "AESWrapPad", "ARCFOUR", "Blowfish", "ChaCha20", "ChaCha20-Poly1305",
-            "DES", "DESede", "DESedeWrap", "ECIES", "PBEWith%", "RC2", "RC4", "RC5", "RSA"
+            "DES", "DESede", "DESedeWrap", "ECIES", "PBEWith%", "RC2", "RC4", "RC5", "RSA",
+            "Skipjack", "Idea"
           ].toUpperCase())
   }
 
@@ -190,7 +191,8 @@ module JCAModel {
       upper.matches("AES%") and
       type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::AES())
       or
-      upper = "DES" and
+      // NOTE: there is DES and DESede
+      upper.matches("DES%") and
       type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DES())
       or
       upper = "TRIPLEDES" and
@@ -205,6 +207,9 @@ module JCAModel {
       upper = "CHACHA20" and
       type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::CHACHA20())
       or
+      upper = "RC2" and
+      type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::RC2())
+      or
       upper = "RC4" and
       type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::RC4())
       or
@@ -213,6 +218,12 @@ module JCAModel {
       or
       upper = "RSA" and
       type = KeyOpAlg::TAsymmetricCipher(KeyOpAlg::RSA())
+      or
+      upper = "SKIPJACK" and
+      type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::SKIPJACK())
+      or
+      upper = "BLOWFISH" and
+      type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::BLOWFISH())
     )
   }
 

java/ql/test/experimental/library-tests/quantum/node_properties.expected

@@ -1546,8 +1546,10 @@
 | jca/SymmetricAlgorithm.java:151:29:151:53 | EncryptOperation | KeyOperationSubtype | Encrypt | jca/SymmetricAlgorithm.java:151:29:151:53 | jca/SymmetricAlgorithm.java:151:29:151:53 |
 | jca/SymmetricAlgorithm.java:167:42:167:54 | Parameter | Description | key | jca/SymmetricAlgorithm.java:167:42:167:54 | jca/SymmetricAlgorithm.java:167:42:167:54 |
 | jca/SymmetricAlgorithm.java:167:57:167:72 | Parameter | Description | plaintext | jca/SymmetricAlgorithm.java:167:57:167:72 | jca/SymmetricAlgorithm.java:167:57:167:72 |
-| jca/SymmetricAlgorithm.java:168:44:168:68 | KeyOperationAlgorithm | Name | Unknown | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |
+| jca/SymmetricAlgorithm.java:168:44:168:68 | KeyOperationAlgorithm | KeySize | 56 | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |
+| jca/SymmetricAlgorithm.java:168:44:168:68 | KeyOperationAlgorithm | Name | DES | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |
 | jca/SymmetricAlgorithm.java:168:44:168:68 | KeyOperationAlgorithm | RawName | DESede/CBC/PKCS5Padding | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |
+| jca/SymmetricAlgorithm.java:168:44:168:68 | KeyOperationAlgorithm | Structure | Block | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |
 | jca/SymmetricAlgorithm.java:168:44:168:68 | ModeOfOperation | Name | CBC | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |
 | jca/SymmetricAlgorithm.java:168:44:168:68 | ModeOfOperation | RawName | CBC | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |
 | jca/SymmetricAlgorithm.java:168:44:168:68 | PaddingAlgorithm | Name | PKCS7 | jca/SymmetricAlgorithm.java:168:44:168:68 | jca/SymmetricAlgorithm.java:168:44:168:68 |

shared/quantum/codeql/quantum/experimental/Standardization.qll

@@ -39,6 +39,7 @@ module Types {
       RC5() or
       SEED() or
       SM4() or
+      SKIPJACK() or
       OtherSymmetricCipherType()
 
     newtype TAsymmetricCipherType =
@@ -118,6 +119,8 @@ module Types {
       or
       type = SM4() and name = "SM4" and s = Block()
       or
+      type = SKIPJACK() and name = "Skipjack" and s = Block()
+      or
       type = OtherSymmetricCipherType() and
       name = "UnknownSymmetricCipher" and
       s = OtherCipherStructureType()