Crypto: more ID renaming to include "examples", fix singleton issues with ql-for-ql, use formatted test for WeakAsymmetricKeyGenSize (add post processing in the qlref), misc expected files updated (test passed locally but on rerun vscode reports failures, known bug with vscode unit tests).

Author: bdrodes

java/ql/lib/experimental/quantum/JCA.qll

@@ -230,7 +230,7 @@ module JCAModel {
   bindingset[name]
   predicate key_agreement_name_to_type_known(Crypto::TKeyAgreementType type, string name) {
     type = Crypto::DH() and
-    name.toUpperCase() in ["DH"]
+    name.toUpperCase() = "DH"
     or
     type = Crypto::EDH() and
     name.toUpperCase() = "EDH"
@@ -1659,7 +1659,7 @@ module JCAModel {
     Expr getOutput() { result = output }
 
     Expr getInput() {
-      super.getMethod().hasStringSignature(["doFinal(byte[])"]) and result = this.getArgument(0)
+      super.getMethod().hasStringSignature("doFinal(byte[])") and result = this.getArgument(0)
       or
       super.getMethod().hasStringSignature("update(byte[])") and result = this.getArgument(0)
     }

java/ql/src/experimental/quantum/Examples/BadMacOrderDecryptToMac.ql

@@ -1,7 +1,7 @@
 /**
  * @name Bad MAC order: decrypt to mac
  * @description MAC should be on a cipher, not a raw message
- * @id java/quantum/bad-mac-order-decrypt-to-mac
+ * @id java/quantum/examples/bad-mac-order-decrypt-to-mac
  * @kind path-problem
  * @problem.severity error
  * @tags quantum

java/ql/src/experimental/quantum/Examples/BadMacOrderMacOnEncryptPlaintext.ql

@@ -1,7 +1,7 @@
 /**
  * @name Bad MAC order: Mac and Encryption share the same plaintext
  * @description MAC should be on a cipher, not a raw message
- * @id java/quantum/bad-mac-order-encrypt-plaintext-also-in-mac
+ * @id java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac
  * @kind path-problem
  * @problem.severity error
  * @tags quantum

java/ql/src/experimental/quantum/Examples/InsecureIVorNonceSource.ql

@@ -1,6 +1,6 @@
 /**
  * @name Insecure nonce/iv (static value or weak random source)
- * @id java/quantum/insecure-iv-or-nonce
+ * @id java/quantum/examples/insecure-iv-or-nonce
  * @description A nonce/iv is generated from a source that is not secure. This can lead to
  *              vulnerabilities such as replay attacks or key recovery. Insecure generation
  *              is any static nonce, or any known insecure source for a nonce/iv if

java/ql/src/experimental/quantum/Examples/NonAESGCMCipher.ql

@@ -1,6 +1,6 @@
 /**
  * @name Cipher not AES-GCM mode
- * @id java/quantum/non-aes-gcm
+ * @id java/quantum/examples/non-aes-gcm
  * @description An AES cipher is in use without GCM
  * @kind problem
  * @problem.severity error

java/ql/src/experimental/quantum/Examples/ReusedNonce.ql

@@ -1,7 +1,7 @@
 /**
  * @name Reuse of cryptographic nonce
  * @description Reuse of nonce in cryptographic operations can lead to vulnerabilities.
- * @id java/quantum/reused-nonce
+ * @id java/quantum/examples/reused-nonce
  * @kind path-problem
  * @problem.severity error
  * @tags quantum

java/ql/src/experimental/quantum/Examples/UnknownHash.ql

@@ -1,7 +1,7 @@
 /**
  * @name Unknown hashes
  * @description Finds uses of cryptographic hashing algorithms of unknown type.
- * @id java/quantum/unknown-hash
+ * @id java/quantum/examples/unknown-hash
  * @kind problem
  * @problem.severity error
  * @tags quantum

java/ql/src/experimental/quantum/Examples/UnknownIVorNonceSource.ql

@@ -1,6 +1,6 @@
 /**
  * @name Unknown nonce/iv source
- * @id java/quantum/unknown-iv-or-nonce-source
+ * @id java/quantum/examples/unknown-iv-or-nonce-source
  * @description A nonce/iv is generated from a source that is not secure. Failure to initialize
  *              an IV or nonce properly can lead to vulnerabilities such as replay attacks or key recovery.
  *              IV may be unknown at a decryption operation (IV would be provided alongside the ciphertext).

java/ql/src/experimental/quantum/Examples/UnknownKDFIterationCount.ql

@@ -1,7 +1,7 @@
 /**
  * @name Unknown key derivation function iteration count
  * @description Detects key derivation operations with an unknown iteration count.
- * @id java/quantum/unknown-kdf-iteration-count
+ * @id java/quantum/examples/unknown-kdf-iteration-count
  * @kind problem
  * @problem.severity error
  * @tags quantum

java/ql/src/experimental/quantum/Examples/WeakAsymmetricKeyGenSize.ql

@@ -1,6 +1,6 @@
 /**
  * @name Weak Asymmetric Key Size
- * @id java/quantum/weak-asymmetric-key-gen-size
+ * @id java/quantum/examples/weak-asymmetric-key-gen-size
  * @description An asymmetric key of known size is less than 2048 bits for any non-elliptic curve key operation.
  * @kind path-problem
  * @problem.severity error