github
diff --git a/‎cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll‎
Lines changed: 131 additions & 4 deletions b/‎cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll‎
Lines changed: 131 additions & 4 deletions
diff --git a/‎cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll‎
Lines changed: 66 additions & 0 deletions b/‎cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll‎
Lines changed: 66 additions & 0 deletions
@@ -134,6 +134,30 @@ class KnownOpenSSLHashAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorith
   }
 }
 
+class KnownOpenSSLMACAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
+  KnownOpenSSLMACAlgorithmExpr() { resolveAlgorithmFromExpr(this, _, "MAC") }
+}
+
+class KnownOpenSSLHMACAlgorithmExpr extends Expr instanceof KnownOpenSSLMACAlgorithmExpr {
+  KnownOpenSSLHMACAlgorithmExpr() { resolveAlgorithmFromExpr(this, "HMAC", "MAC") }
+
+  /**
+   * Gets an explicit cipher algorithm for this MAC algorithm.
+   * This occurs when the MAC specifies the algorithm at the same time "HMAC-SHA-256"
+   */
+  KnownOpenSSLHashAlgorithmExpr getExplicitHashAlgorithm() { result = this }
+}
+
+class KnownOpenSSLCMACAlgorithmExpr extends Expr instanceof KnownOpenSSLMACAlgorithmExpr {
+  KnownOpenSSLCMACAlgorithmExpr() { resolveAlgorithmFromExpr(this, "CMAC", "MAC") }
+
+  /**
+   * Gets an explicit cipher algorithm for this MAC algorithm.
+   * This occurs when the MAC specifies the algorithm at the same time "HMAC-SHA-256"
+   */
+  KnownOpenSSLCipherAlgorithmExpr getExplicitCipherAlgorithm() { result = this }
+}
+
 class KnownOpenSSLEllipticCurveAlgorithmExpr extends Expr instanceof KnownOpenSSLAlgorithmExpr {
   KnownOpenSSLEllipticCurveAlgorithmExpr() { resolveAlgorithmFromExpr(this, _, "ELLIPTIC_CURVE") }
 }
@@ -946,6 +970,8 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "id-alg-dh-sig-hmac-sha1" and nid = 325 and normalized = "DH" and algType = "KEY_AGREEMENT"
   or
+  name = "id-alg-dh-sig-hmac-sha1" and nid = 325 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "aes-128-ofb" and nid = 420 and normalized = "AES-128" and algType = "SYMMETRIC_ENCRYPTION"
   or
   name = "aes-128-ofb" and nid = 420 and normalized = "OFB" and algType = "BLOCK_MODE"
@@ -1124,8 +1150,12 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "hmac-md5" and nid = 780 and normalized = "MD5" and algType = "HASH"
   or
+  name = "hmac-md5" and nid = 780 and normalized = "HMAC" and algType = "HASH"
+  or
   name = "hmac-sha1" and nid = 781 and normalized = "SHA1" and algType = "HASH"
   or
+  name = "hmac-sha1" and nid = 781 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "md_gost94" and nid = 809 and normalized = "GOST94" and algType = "HASH"
   or
   name = "gost94" and nid = 812 and normalized = "GOST94" and algType = "HASH"
@@ -1200,10 +1230,14 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "rc4-hmac-md5" and nid = 915 and normalized = "MD5" and algType = "HASH"
   or
+  name = "rc4-hmac-md5" and nid = 915 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "rc4-hmac-md5" and nid = 915 and normalized = "RC4" and algType = "SYMMETRIC_ENCRYPTION"
   or
   name = "aes-128-cbc-hmac-sha1" and nid = 916 and normalized = "SHA1" and algType = "HASH"
   or
+  name = "aes-128-cbc-hmac-sha1" and nid = 916 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "aes-128-cbc-hmac-sha1" and
   nid = 916 and
   normalized = "AES-128" and
@@ -1213,6 +1247,8 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "aes-192-cbc-hmac-sha1" and nid = 917 and normalized = "SHA1" and algType = "HASH"
   or
+  name = "aes-192-cbc-hmac-sha1" and nid = 917 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "aes-192-cbc-hmac-sha1" and
   nid = 917 and
   normalized = "AES-192" and
@@ -1227,6 +1263,8 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "aes-256-cbc-hmac-sha1" and nid = 918 and normalized = "CBC" and algType = "BLOCK_MODE"
   or
+  name = "aes-256-cbc-hmac-sha1" and nid = 918 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "aes-128-cbc-hmac-sha256" and nid = 948 and normalized = "SHA-256" and algType = "HASH"
   or
   name = "aes-128-cbc-hmac-sha256" and
@@ -1238,6 +1276,8 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "aes-192-cbc-hmac-sha256" and nid = 949 and normalized = "SHA-256" and algType = "HASH"
   or
+  name = "aes-192-cbc-hmac-sha256" and nid = 949 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "aes-192-cbc-hmac-sha256" and
   nid = 949 and
   normalized = "AES-192" and
@@ -1247,6 +1287,8 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "aes-256-cbc-hmac-sha256" and nid = 950 and normalized = "SHA-256" and algType = "HASH"
   or
+  name = "aes-256-cbc-hmac-sha256" and nid = 950 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "aes-256-cbc-hmac-sha256" and
   nid = 950 and
   normalized = "AES-256" and
@@ -1286,6 +1328,11 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   normalized = "CAMELLIA-128" and
   algType = "SYMMETRIC_ENCRYPTION"
   or
+  name = "camellia-128-cmac" and
+  nid = 964 and
+  normalized = "CMAC" and
+  algType = "MAC"
+  or
   name = "camellia-192-gcm" and
   nid = 965 and
   normalized = "CAMELLIA-192" and
@@ -1338,6 +1385,11 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   normalized = "CAMELLIA-256" and
   algType = "SYMMETRIC_ENCRYPTION"
   or
+  name = "camellia-256-cmac" and
+  nid = 972 and
+  normalized = "CMAC" and
+  algType = "MAC"
+  or
   name = "id-scrypt" and nid = 973 and normalized = "SCRYPT" and algType = "KEY_DERIVATION"
   or
   name = "gost89-cnt-12" and
@@ -1351,11 +1403,13 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "md_gost12_512" and nid = 983 and normalized = "GOST" and algType = "HASH"
   or
+  // TODO: re-evaluate: this is a signing algorithm using hashing and curves
   name = "id-tc26-signwithdigest-gost3410-2012-256" and
   nid = 985 and
   normalized = "GOST34102012" and
   algType = "SYMMETRIC_ENCRYPTION"
   or
+  // TODO: re-evaluate: this is a signing algorithm using hashing and curves
   name = "id-tc26-signwithdigest-gost3410-2012-512" and
   nid = 986 and
   normalized = "GOST34102012" and
@@ -1364,22 +1418,42 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   name = "id-tc26-hmac-gost-3411-2012-256" and
   nid = 988 and
   normalized = "GOST34112012" and
-  algType = "SYMMETRIC_ENCRYPTION"
+  algType = "HASH"
+  or
+  name = "id-tc26-hmac-gost-3411-2012-256" and
+  nid = 988 and
+  normalized = "HMAC" and
+  algType = "MAC"
   or
   name = "id-tc26-hmac-gost-3411-2012-512" and
   nid = 989 and
   normalized = "GOST34112012" and
-  algType = "SYMMETRIC_ENCRYPTION"
+  algType = "HASH"
+  or
+  name = "id-tc26-hmac-gost-3411-2012-512" and
+  nid = 989 and
+  normalized = "HMAC" and
+  algType = "MAC"
   or
   name = "id-tc26-agreement-gost-3410-2012-256" and
   nid = 992 and
   normalized = "GOST34102012" and
-  algType = "SYMMETRIC_ENCRYPTION"
+  algType = "ELLIPTIC_CURVE"
+  or
+  name = "id-tc26-agreement-gost-3410-2012-256" and
+  nid = 992 and
+  normalized = "GOST34102012" and
+  algType = "KEY_AGREEMENT"
   or
   name = "id-tc26-agreement-gost-3410-2012-512" and
   nid = 993 and
   normalized = "GOST34102012" and
-  algType = "SYMMETRIC_ENCRYPTION"
+  algType = "ELLIPTIC_CURVE"
+  or
+  name = "id-tc26-agreement-gost-3410-2012-512" and
+  nid = 993 and
+  normalized = "GOST34102012" and
+  algType = "KEY_AGREEMENT"
   or
   name = "id-tc26-gost-3410-2012-512-constants" and
   nid = 996 and
@@ -1467,12 +1541,20 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "hmac-sha3-224" and nid = 1102 and normalized = "SHA3-224" and algType = "HASH"
   or
+  name = "hmac-sha3-224" and nid = 1102 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmac-sha3-256" and nid = 1103 and normalized = "SHA3-256" and algType = "HASH"
   or
+  name = "hmac-sha3-256" and nid = 1103 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmac-sha3-384" and nid = 1104 and normalized = "SHA3-384" and algType = "HASH"
   or
+  name = "hmac-sha3-384" and nid = 1104 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmac-sha3-512" and nid = 1105 and normalized = "SHA3-512" and algType = "HASH"
   or
+  name = "hmac-sha3-512" and nid = 1105 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "id-dsa-with-sha384" and nid = 1106 and normalized = "DSA" and algType = "SIGNATURE"
   or
   name = "id-dsa-with-sha384" and nid = 1106 and normalized = "SHA-384" and algType = "HASH"
@@ -2240,34 +2322,67 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   normalized = "GOST" and
   algType = "SYMMETRIC_ENCRYPTION"
   or
+  name = "hmac gost 34.11-2012 256 bit" and
+  nid = 988 and
+  normalized = "HMAC" and
+  algType = "MAC"
+  or
   name = "hmac gost 34.11-2012 512 bit" and
   nid = 989 and
   normalized = "GOST" and
   algType = "SYMMETRIC_ENCRYPTION"
   or
+  name = "hmac gost 34.11-2012 512 bit" and
+  nid = 989 and
+  normalized = "HMAC" and
+  algType = "MAC"
+  or
   name = "hmac gost 34.11-94" and
   nid = 810 and
   normalized = "GOST" and
   algType = "SYMMETRIC_ENCRYPTION"
   or
+  name = "hmac gost 34.11-94" and
+  nid = 810 and
+  normalized = "HMAC" and
+  algType = "MAC"
+  or
   name = "hmacwithmd5" and nid = 797 and normalized = "MD5" and algType = "HASH"
   or
+  name = "hmacwithmd5" and nid = 797 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsha1" and nid = 163 and normalized = "SHA1" and algType = "HASH"
   or
+  name = "hmacwithsha1" and nid = 163 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsha224" and nid = 798 and normalized = "SHA-224" and algType = "HASH"
   or
+  name = "hmacwithsha224" and nid = 798 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsha256" and nid = 799 and normalized = "SHA-256" and algType = "HASH"
   or
+  name = "hmacwithsha256" and nid = 799 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsha384" and nid = 800 and normalized = "SHA-384" and algType = "HASH"
   or
+  name = "hmacwithsha384" and nid = 800 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsha512" and nid = 801 and normalized = "SHA-512" and algType = "HASH"
   or
+  name = "hmacwithsha512" and nid = 801 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsha512-224" and nid = 1193 and normalized = "SHA-512-224" and algType = "HASH"
   or
+  name = "hmacwithsha512-224" and nid = 1193 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsha512-256" and nid = 1194 and normalized = "SHA-512-256" and algType = "HASH"
   or
+  name = "hmacwithsha512-256" and nid = 1194 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "hmacwithsm3" and nid = 1281 and normalized = "SM3" and algType = "HASH"
   or
+  name = "hmacwithsm3" and nid = 1281 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "id-aes128-ccm" and
   nid = 896 and
   normalized = "AES-128" and
@@ -2517,12 +2632,20 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   or
   name = "id-hmacwithsha3-224" and nid = 1102 and normalized = "SHA3-224" and algType = "HASH"
   or
+  name = "id-hmacwithsha3-224" and nid = 1102 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "id-hmacwithsha3-256" and nid = 1103 and normalized = "SHA3-256" and algType = "HASH"
   or
+  name = "id-hmacwithsha3-256" and nid = 1103 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "id-hmacwithsha3-384" and nid = 1104 and normalized = "SHA3-384" and algType = "HASH"
   or
+  name = "id-hmacwithsha3-384" and nid = 1104 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "id-hmacwithsha3-512" and nid = 1105 and normalized = "SHA3-512" and algType = "HASH"
   or
+  name = "id-hmacwithsha3-512" and nid = 1105 and normalized = "HMAC" and algType = "MAC"
+  or
   name = "id-regctrl" and nid = 313 and normalized = "CTR" and algType = "BLOCK_MODE"
   or
   name = "id-smime-alg-3deswrap" and
@@ -3080,4 +3203,8 @@ predicate knownOpenSSLAlgorithmLiteral(string name, int nid, string normalized,
   algType = "SIGNATURE"
   or
   name = "sm3withrsaencryption" and nid = 1144 and normalized = "SM3" and algType = "HASH"
+  or
+  name = "hmac" and nid = 855 and normalized = "HMAC" and algType = "MAC"
+  or
+  name = "cmac" and nid = 894 and normalized = "CMAC" and algType = "MAC"
 }
@@ -0,0 +1,66 @@
+import cpp
+private import experimental.quantum.Language
+private import KnownAlgorithmConstants
+private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
+private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmInstanceBase
+private import experimental.quantum.OpenSSL.Operations.OpenSSLOperations
+private import AlgToAVCFlow
+
+class KnownOpenSSLMACConstantAlgorithmInstance extends OpenSSLAlgorithmInstance,
+  Crypto::MACAlgorithmInstance instanceof KnownOpenSSLMACAlgorithmExpr
+{
+  OpenSSLAlgorithmValueConsumer getterCall;
+
+  KnownOpenSSLMACConstantAlgorithmInstance() {
+    // Two possibilities:
+    // 1) The source is a literal and flows to a getter, then we know we have an instance
+    // 2) The source is a KnownOpenSSLAlgorithm is call, and we know we have an instance immediately from that
+    // Possibility 1:
+    this instanceof OpenSSLAlgorithmLiteral and
+    exists(DataFlow::Node src, DataFlow::Node sink |
+      // Sink is an argument to a CipherGetterCall
+      sink = getterCall.(OpenSSLAlgorithmValueConsumer).getInputNode() and
+      // Source is `this`
+      src.asExpr() = this and
+      // This traces to a getter
+      KnownOpenSSLAlgorithmToAlgorithmValueConsumerFlow::flow(src, sink)
+    )
+    or
+    // Possibility 2:
+    this instanceof OpenSSLAlgorithmCall and
+    getterCall = this
+  }
+
+  override OpenSSLAlgorithmValueConsumer getAVC() { result = getterCall }
+
+  override string getRawMACAlgorithmName() {
+    result = this.(Literal).getValue().toString()
+    or
+    result = this.(Call).getTarget().getName()
+  }
+
+  override Crypto::TMACType getMACType() {
+    this instanceof KnownOpenSSLHMACAlgorithmExpr and result instanceof Crypto::THMAC
+    or
+    this instanceof KnownOpenSSLCMACAlgorithmExpr and result instanceof Crypto::TCMAC
+  }
+}
+
+class KnownOpenSSLHMACConstantAlgorithmInstance extends Crypto::HMACAlgorithmInstance,
+  KnownOpenSSLMACConstantAlgorithmInstance
+{
+  override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() {
+    if exists(this.(KnownOpenSSLHMACAlgorithmExpr).getExplicitHashAlgorithm())
+    then
+      // ASSUMPTION: if there is an explicit hash algorithm, it is already modeled
+      // and we can simply grab that model's AVC
+      exists(OpenSSLAlgorithmInstance inst | inst.getAVC() = result and inst = this)
+    else
+      // ASSUMPTION: If no explicit algorithm is given, then it is assumed to be configured by
+      // a signature operation
+      exists(Crypto::SignatureOperationInstance s |
+        s.getHashAlgorithmValueConsumer() = result and
+        s.getAnAlgorithmValueConsumer() = this.getAVC()
+      )
+  }
+}