flows for key from contexts

Author: GrosQuildu

cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/PKeyAlgorithmValueConsumer.qll

@@ -17,13 +17,14 @@ class EVPPKeyAlgorithmConsumer extends PKeyValueConsumer {
       // in these cases, the operation will be created separately for the same function.
       this.(Call).getTarget().getName() in [
           "EVP_PKEY_CTX_new_id", "EVP_PKEY_new_raw_private_key", "EVP_PKEY_new_raw_public_key",
-          "EVP_PKEY_new_mac_key"
+          "EVP_PKEY_new_mac_key", "EVP_PKEY_CTX_new"
         ] and
       valueArgNode.asExpr() = this.(Call).getArgument(0)
       or
       this.(Call).getTarget().getName() in [
           "EVP_PKEY_CTX_new_from_name", "EVP_PKEY_new_raw_private_key_ex",
-          "EVP_PKEY_new_raw_public_key_ex", "EVP_PKEY_CTX_ctrl", "EVP_PKEY_CTX_set_group_name"
+          "EVP_PKEY_new_raw_public_key_ex", "EVP_PKEY_CTX_ctrl", "EVP_PKEY_CTX_set_group_name",
+          "EVP_PKEY_CTX_new_from_pkey"
         ] and
       valueArgNode.asExpr() = this.(Call).getArgument(1)
       or
@@ -42,6 +43,7 @@ class EVPPKeyAlgorithmConsumer extends PKeyValueConsumer {
           // All other cases
           valueArgNode.asExpr() = this.(Call).getArgument(2)
       )
+      // TODO: data flow for EVP_PKEY_CTX_dup
     )
   }
 
@@ -52,4 +54,8 @@ class EVPPKeyAlgorithmConsumer extends PKeyValueConsumer {
   override DataFlow::Node getResultNode() { result = resultNode }
 
   override Crypto::ConsumerInputDataFlowNode getInputNode() { result = valueArgNode }
+
+  // expose the valueArg as an Expr to avoid circular dependency that may arise
+  // when trying to get the valueArg with getInputNode.
+  Expr getValueArgExpr() { result = valueArgNode.asExpr() }
 }

cpp/ql/lib/experimental/quantum/OpenSSL/CtxFlow.qll

@@ -100,7 +100,7 @@ private class CtxCopyReturnCall extends Call, CtxPointerExpr {
  * Flow from any CtxPointerArgument to any other CtxPointerArgument
  */
 module OpenSSLCtxArgumentFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CtxPointerArgument }
+  predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CtxPointerExpr }
 
   predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof CtxPointerArgument }
 
@@ -128,7 +128,8 @@ module OpenSSLCtxArgumentFlowConfig implements DataFlow::ConfigSig {
 module OpenSSLCtxArgumentFlow = DataFlow::Global<OpenSSLCtxArgumentFlowConfig>;
 
 /**
- * Holds if there is a context flow from the source to the sink.
+ * Holds if there is a context flow from the source to the sink,
+ * where the source and sink are arguments to function calls.
  */
 predicate ctxArgFlowsToCtxArg(CtxPointerArgument source, CtxPointerArgument sink) {
   exists(DataFlow::Node a, DataFlow::Node b |
@@ -137,3 +138,15 @@ predicate ctxArgFlowsToCtxArg(CtxPointerArgument source, CtxPointerArgument sink
     b.asExpr() = sink
   )
 }
+
+/**
+ * Holds if there is a context flow from the source to the sink,
+ * where the source is a variable and the sink is an argument to a function call.
+ */
+predicate ctxFlowsToCtxArg(CtxPointerExpr source, CtxPointerArgument sink) {
+  exists(DataFlow::Node a, DataFlow::Node b |
+    OpenSSLCtxArgumentFlow::flow(a, b) and
+    a.asExpr() = source and
+    b.asExpr() = sink
+  )
+}

cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPSignatureOperation.qll

@@ -4,7 +4,8 @@
 
 private import experimental.quantum.Language
 private import OpenSSLOperationBase
-private import experimental.quantum.OpenSSL.CtxFlow as CTXFlow
+private import experimental.quantum.OpenSSL.CtxFlow
+private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.PKeyAlgorithmValueConsumer
 
 // TODO: verification functions
 class EVP_Signature_Initializer extends EVPInitialize {
@@ -44,14 +45,20 @@ class EVP_Signature_Initializer extends EVPInitialize {
 
   /**
    * Returns the key argument if there is one.
-   * They key could be provided in the context or in a later call (final or one-shot).
+   * If the key was provided via the context, we track it to the context.
    */
   override Expr getKeyArg() {
     this.(Call).getTarget().getName() = "EVP_DigestSignInit" and
     result = this.(Call).getArgument(4)
     or
     this.(Call).getTarget().getName() = "EVP_DigestSignInit_ex" and
     result = this.(Call).getArgument(5)
+    or
+    this.(Call).getTarget().getName().matches("EVP_PKEY_%") and
+    exists(EVPPKeyAlgorithmConsumer source |
+      result = source.getValueArgExpr() and
+      ctxFlowsToCtxArg(source.getResultNode().asExpr(), this.getContextArg())
+    )
   }
 
   /**
@@ -123,8 +130,10 @@ abstract class EVP_Signature_Operation extends EVPOperation, Crypto::SignatureOp
   }
 
   override Crypto::ConsumerInputDataFlowNode getKeyConsumer() {
-    result = DataFlow::exprNode(this.getInitCall().getKeyArg())
-    // TODO: or track to the EVP_PKEY_CTX_new
+    // TODO: move to EVPOperation similarly to getAlgorithmArg
+    if exists(this.getInitCall().getKeyArg())
+    then result = DataFlow::exprNode(this.getInitCall().getKeyArg())
+    else none()
   }
 
   override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
@@ -139,7 +148,6 @@ abstract class EVP_Signature_Operation extends EVPOperation, Crypto::SignatureOp
    * TODO: only signing operations for now, change when verificaiton is added
    */
   override Crypto::ConsumerInputDataFlowNode getSignatureConsumer() { none() }
-
 }
 
 class EVP_Signature_Call extends EVPOperation, EVP_Signature_Operation {
@@ -163,6 +171,12 @@ class EVP_Signature_Final_Call extends EVPFinal, EVP_Signature_Operation {
       ]
   }
 
+  override Crypto::ConsumerInputDataFlowNode getKeyConsumer() {
+    if this.(Call).getTarget().getName() in ["EVP_SignFinal", "EVP_SignFinal_ex"]
+    then result = DataFlow::exprNode(this.(Call).getArgument(3))
+    else none()
+  }
+
   /**
    * Output is the signature.
    */