quantum-c#: Add HashAlgorithmInstance

Author: fcasal

csharp/ql/lib/experimental/quantum/dotnet/AlgorithmInstances.qll

@@ -24,3 +24,20 @@ class SigningNamedCurveAlgorithmInstance extends Crypto::EllipticCurveInstance i
     Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.getRawEllipticCurveName(), result, _)
   }
 }
+
+class HashAlgorithmInstance extends Crypto::HashAlgorithmInstance instanceof HashAlgorithmName {
+  HashAlgorithmConsumer consumer;
+
+  HashAlgorithmInstance() {
+    HashAlgorithmNameToUse::flow(DataFlow::exprNode(this), consumer.getInputNode())
+  }
+
+  // Q: super.getHashFamily does not work because it is ambigous. But super.(HashAlgorithmName) does not work either.
+  override Crypto::THashType getHashFamily() { result = this.(HashAlgorithmName).getHashFamily() }
+
+  override string getRawHashAlgorithmName() { result = super.getAlgorithmName() }
+
+  override int getFixedDigestLength() { result = this.(HashAlgorithmName).getFixedDigestLength() }
+
+  Crypto::AlgorithmValueConsumer getConsumer() { result = consumer }
+}

csharp/ql/lib/experimental/quantum/dotnet/AlgorithmValueConsumers.qll

@@ -14,3 +14,15 @@ class ECDsaAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer {
     exists(SigningNamedCurveAlgorithmInstance l | l.getConsumer() = this and result = l)
   }
 }
+
+class HashAlgorithmConsumer extends Crypto::AlgorithmValueConsumer {
+  HashAlgorithmUser call;
+
+  HashAlgorithmConsumer() { this = call.getHashAlgorithmUser() }
+
+  override Crypto::ConsumerInputDataFlowNode getInputNode() { result.asExpr() = this }
+
+  override Crypto::AlgorithmInstance getAKnownAlgorithmSource() {
+    exists(HashAlgorithmInstance l | l.getConsumer() = this and result = l)
+  }
+}

csharp/ql/lib/experimental/quantum/dotnet/Cryptography.qll

@@ -1,4 +1,5 @@
 private import csharp
+private import experimental.quantum.Language
 
 // This class models Create calls for the ECDsa and RSA classes in .NET.
 class CryptographyCreateCall extends MethodCall {
@@ -14,6 +15,15 @@ class CryptographyCreateCall extends MethodCall {
     or
     result = this.(ECDsaCreateCallWithECCurve).getArgument(0)
   }
+
+  Expr getKeyConsumer() {
+    this.hasNoArguments() and result = this
+    or
+    result = this.(ECDsaCreateCallWithParameters).getArgument(0)
+    or
+    result = this.(ECDsaCreateCallWithECCurve)
+  }
+
 }
 
 class ECDsaCreateCall extends CryptographyCreateCall {
@@ -73,6 +83,42 @@ class HashAlgorithmName extends PropertyAccess {
   }
 
   string getAlgorithmName() { result = algorithmName }
+
+  Crypto::THashType getHashFamily() { hashAlgorithmToFamily(this.getAlgorithmName(), result, _) }
+
+  int getFixedDigestLength() { hashAlgorithmToFamily(this.getAlgorithmName(), _, result) }
+}
+
+private predicate hashAlgorithmToFamily(
+  string hashName, Crypto::THashType hashFamily, int digestLength
+) {
+  hashName = "MD5" and hashFamily = Crypto::MD5() and digestLength = 128
+  or
+  hashName = "SHA1" and hashFamily = Crypto::SHA1() and digestLength = 160
+  or
+  hashName = "SHA256" and hashFamily = Crypto::SHA2() and digestLength = 256
+  or
+  hashName = "SHA384" and hashFamily = Crypto::SHA2() and digestLength = 384
+  or
+  hashName = "SHA512" and hashFamily = Crypto::SHA2() and digestLength = 512
+  or
+  hashName = "SHA3_256" and hashFamily = Crypto::SHA3() and digestLength = 256
+  or
+  hashName = "SHA3_384" and hashFamily = Crypto::SHA3() and digestLength = 384
+  or
+  hashName = "SHA3_512" and hashFamily = Crypto::SHA3() and digestLength = 512
+  // Q: is there an idiomatic way to add a default type here?
+}
+
+class HashAlgorithmUser extends MethodCall {
+  Expr arg;
+
+  HashAlgorithmUser() {
+    arg = this.getAnArgument() and
+    arg.getType() instanceof HashAlgorithmNameType
+  }
+
+  Expr getHashAlgorithmUser() { result = arg }
 }
 
 /**

csharp/ql/lib/experimental/quantum/dotnet/FlowAnalysis.qll

@@ -30,3 +30,13 @@ private module CreateToUseFlowConfig implements DataFlow::ConfigSig {
 }
 
 module CryptographyCreateToUseFlow = DataFlow::Global<CreateToUseFlowConfig>;
+
+module HashAlgorithmNameToUseConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node src) { src.asExpr() instanceof HashAlgorithmName }
+
+  predicate isSink(DataFlow::Node sink) {
+    exists(HashAlgorithmConsumer consumer | sink = consumer.getInputNode())
+  }
+}
+
+module HashAlgorithmNameToUse = DataFlow::Global<HashAlgorithmNameToUseConfig>;

csharp/ql/lib/experimental/quantum/dotnet/OperationInstances.qll

@@ -15,7 +15,6 @@ class ECDsaORRSASigningOperationInstance extends Crypto::SignatureOperationInsta
   override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() {
     result = creator.getAlgorithmArg()
     or
-    // FIXME: currently not working
     result = super.getHashAlgorithmArg()
   }
 
@@ -28,9 +27,8 @@ class ECDsaORRSASigningOperationInstance extends Crypto::SignatureOperationInsta
       else result = Crypto::TUnknownKeyOperationMode()
   }
 
-  // TODO FIXME
   override Crypto::ConsumerInputDataFlowNode getKeyConsumer() {
-    result.asExpr() = creator.getAlgorithmArg()
+    result.asExpr() = creator.getKeyConsumer()
   }
 
   override Crypto::ConsumerInputDataFlowNode getNonceConsumer() { none() }