@@ -762,3 +762,50 @@ module Logging {
762762 abstract DataFlow:: Node getAnInput ( ) ;
763763 }
764764}
765+
766+ module Cryptography {
767+ import security.CryptoAlgorithms
768+
769+ /**
770+ * A data-flow node that is an application of a cryptographic algorithm. For example,
771+ * encryption, decryption, signature-validation.
772+ *
773+ * Extend this class to refine existing API models. If you want to model new APIs,
774+ * extend `CryptographicOperation::Range` instead.
775+ */
776+ class CryptographicOperation extends DataFlow:: Node {
777+ CryptographicOperation:: Range range ;
778+
779+ CryptographicOperation ( ) { this = range }
780+
781+ /** Gets the algorithm used, if it matches a known `CryptographicAlgorithm`. */
782+ CryptographicAlgorithm getAlgorithm ( ) { result = range .getAlgorithm ( ) }
783+
784+ /** Gets an input the algorithm is used on, for example the plain text input to be encrypted. */
785+ DataFlow:: Node getAnInput ( ) { result = range .getAnInput ( ) }
786+
787+ /** Holds if this encryption operation is known to be weak. */
788+ predicate isWeak ( ) { range .isWeak ( ) }
789+ }
790+
791+ /** Provides classes for modeling new applications of a cryptographic algorithms. */
792+ module CryptographicOperation {
793+ /**
794+ * A data-flow node that is an application of a cryptographic algorithm. For example,
795+ * encryption, decryption, signature-validation.
796+ *
797+ * Extend this class to model new APIs. If you want to refine existing API models,
798+ * extend `CryptographicOperation` instead.
799+ */
800+ abstract class Range extends DataFlow:: Node {
801+ /** Gets the algorithm used, if it matches a known `CryptographicAlgorithm`. */
802+ abstract CryptographicAlgorithm getAlgorithm ( ) ;
803+
804+ /** Gets an input the algorithm is used on, for example the plain text input to be encrypted. */
805+ abstract DataFlow:: Node getAnInput ( ) ;
806+
807+ /** Holds if this encryption operation is known to be weak. */
808+ abstract predicate isWeak ( ) ;
809+ }
810+ }
811+ }
0 commit comments