Skip to content

Quantum: Initial support for BouncyCastle signature algorithms #19568

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 23 commits into
base: main
Choose a base branch
from
Open

Quantum: Initial support for BouncyCastle signature algorithms #19568

wants to merge 23 commits into from

Conversation

fegge
Copy link
Contributor

@fegge fegge commented May 23, 2025

To be reviewed by @nicolaswill.

@fegge fegge requested a review from a team as a code owner May 23, 2025 09:59
@github-actions github-actions bot added the Java label May 23, 2025
@fegge fegge marked this pull request as draft May 23, 2025 10:11
@fegge fegge force-pushed the fegge/bouncycastle branch 2 times, most recently from 8d2ec44 to 5884c71 Compare May 29, 2025 11:21
@fegge fegge marked this pull request as ready for review May 30, 2025 08:36
@fegge fegge requested a review from a team as a code owner May 30, 2025 08:36
@fegge fegge marked this pull request as draft May 30, 2025 08:41
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 2, 2025
View reviewed changes
Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

@nicolaswill nicolaswill marked this pull request as ready for review June 2, 2025 15:05
@nicolaswill nicolaswill requested review from nicolaswill and removed request for a team June 2, 2025 15:06
nicolaswill
nicolaswill requested changes Jun 2, 2025
View reviewed changes
Copy link
Contributor

@nicolaswill nicolaswill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The BouncyCastle stubs need a copy of the license file:
https://github.com/bcgit/bc-java/blob/main/LICENSE.md

Aside from that, please resolve the QL for QL Code Scanning alerts (with the exception of class naming to match camelCase or PascalCase for acronyms... we can do that later).

I have not yet reviewed all of the modeling.

fegge added 16 commits June 3, 2025 15:50
@fegge
Added initial support for BouncyCastle signers
800e2e1
@fegge
Removed unused getIntermediateUse function
05cc062
@fegge
Multiple bug fixes in BouncyCastle signature model
96d1f71
@fegge
Added support for BouncyCastle key generation algorithms
311eb95 
This commit adds the `KeyGenerationOperationInstance` and
`KeyGenerationAlgorithmInstance` types to the BouncyCastle model.

It also adds data flow support from key pairs to the corresponding
public and private components.
@fegge
Refactored algorithm instances
489d95e 
This commit also adds associated elliptic curves to the key generation
and key nodes.
@fegge
Updated returned key sizes to be integers
1efa920
@fegge
Added stubs for BouncyCastle EdDSA signature algorithms and key gener…
66f9513 
…ators
@fegge
Added unit tests for BouncyCastle EdDSA signatures and key generators
d3f6270
@fegge
Added support for BouncyCast ECDSA
def3f07 
This commit adds support for ECDSA. This includes tracking the
instantiated curve parameters using data flow.

It also adds SignatureArtifactInstance and SignatureOperationInstance
types to the shared model.
@fegge
Added signature input nodes to signature verify operation nodes
ec91eb9
@fegge
Updated signature operations test query
e08f534
@fegge
Created additional stubs for ECDSA
5008950
@fegge
Added EllipticCurveConsumingAlgorithmInstance to Model.qll
a9a1068 
This commit adds EllipticCurveConsumingAlgorithmInstance to the shared
model, allowing us to model and graph elliptic curve algorithms.
@fegge
Added documentation for the isConsumedEllipticCurve workaround
805019f
@fegge
Added support for EllipticCurveConsumingAlgorithm
28a8e80
@fegge
Added LMS and ML-DSA names to Model.qll
37d3b88
@fegge fegge force-pushed the fegge/bouncycastle branch from a365ff4 to 6c71893 Compare June 3, 2025 14:01
nicolaswill
nicolaswill previously approved these changes Jun 3, 2025
View reviewed changes
Copy link
Contributor

@nicolaswill nicolaswill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

aibaars
aibaars reviewed Jun 3, 2025
View reviewed changes
@fegge @aibaars
Removed duplicate condition in Model.qll
6a691ea 
Co-authored-by: Arthur Baars <aibaars@github.com>
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 4, 2025
View reviewed changes
java/ql/lib/experimental/quantum/BouncyCastle/AlgorithmInstances.qll
Comment on lines +90 to +93
* algorithm and elliptic curve are implicitly defined by the underlying type.
*/
abstract class KnownEllipticCurveSignatureAlgorithmInstance extends KnownEllipticCurveInstance,
SignatureAlgorithmInstance

Check warning

Code scanning / CodeQL

Class QLDoc style. Warning

The QLDoc for a class should start with 'A', 'An', or 'The'.
java/ql/lib/experimental/quantum/BouncyCastle/FlowAnalysis.qll
Comment on lines +224 to +251
/**
* A flow step for parameters created from other parameters.
*
* As an example, below we want to track the flow from the `X9ECParameters`
* constructor call to the `keyPairGenerator.init()` call to be able to
* determine the curve associated with the generator.
*
* Example:
* ```
* X9ECParameters ecParams = SECNamedCurves.getByName("secp256r1");
* ECDomainParameters domainParams = new ECDomainParameters(ecParams);
* ECKeyGenerationParameters keyGenParams = new ECKeyGenerationParameters(domainParams, ...);
* ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
* keyPairGenerator.init(keyGenParams);
* ```
*
* We also want to track flow from parameters to the `init()` call
* via a curve instantiation. E.g. via a call to `getCurve()` as follows:
*
* Example:
* ```
* X9ECParameters ecParams = SECNamedCurves.getByName("secp256r1");
* ECCurve curve = ecParams.getCurve();
* ECDomainParameters domainParams = new ECDomainParameters(curve, ...);
* ECKeyGenerationParameters keyGenParams = new ECKeyGenerationParameters(domainParams, ...);
* ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
* keyPairGenerator.init(keyGenParams);
*/

Check warning

Code scanning / CodeQL

Predicate QLDoc style. Warning

The QLDoc for a predicate without a result should start with 'Holds'.
java/ql/lib/experimental/quantum/BouncyCastle/FlowAnalysis.qll
* ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
* keyPairGenerator.init(keyGenParams);
* ```
*

Check notice

Code scanning / CodeQL

Use of regexp to match a set of constant string Note

Use string comparison instead of regexp to compare against a constant set of string.
java/ql/lib/experimental/quantum/BouncyCastle/FlowAnalysis.qll
* ```
*
* We also want to track flow from parameters to the `init()` call
* via a curve instantiation. E.g. via a call to `getCurve()` as follows:

Check notice

Code scanning / CodeQL

Use of regexp to match a set of constant string Note

Use string comparison instead of regexp to compare against a constant set of string.
java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
import java

module Params {
import FlowAnalysis

Check warning

Code scanning / CodeQL

Redundant import Warning

Redundant import, the module is already imported inside
AlgorithmInstances
Loading
.
java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
* Models for the key generation algorithms defined by the `org.bouncycastle.crypto.generators` package.
*/
module Generators {
import FlowAnalysis

Check warning

Code scanning / CodeQL

Redundant import Warning

Redundant import, the module is already imported inside
AlgorithmInstances
Loading
.
java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
Comment on lines +327 to +330
/**
* This type is used to model data flow from a key pair to the private and
* public components of the key pair.
*/

Check warning

Code scanning / CodeQL

Class QLDoc style. Warning

The QLDoc for a class should start with 'A', 'An', or 'The'.
java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
* `init()` which takes a single `KeyGenerationParameters` argument.
*/
private class KeyGeneratorInitCall extends MethodCall {
KeyGenerator gen;

Check notice

Code scanning / CodeQL

Field only used in CharPred Note

Field is only used in CharPred.
java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
* `init()` which takes a single `KeyGenerationParameters` argument.
*/
private class BlockCipherModeInitCall extends MethodCall {
BlockCipherMode mode;

Check notice

Code scanning / CodeQL

Field only used in CharPred Note

Field is only used in CharPred.
java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
* decrypt data.
*/
private class BlockCipherModeUseCall extends MethodCall {
BlockCipherMode mode;

Check notice

Code scanning / CodeQL

Field only used in CharPred Note

Field is only used in CharPred.
aibaars
aibaars reviewed Jun 5, 2025
View reviewed changes
java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
Comment on lines +357 to +359
KeyGenerator gen;

KeyGeneratorInitCall() { this = gen.getAnInitCall() }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
KeyGenerator gen;
KeyGeneratorInitCall() { this = gen.getAnInitCall() }
KeyGeneratorInitCall() { this = any(KeyGenerator gen).getAnInitCall() }

java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
Comment on lines +469 to +471
BlockCipherMode mode;

BlockCipherModeInitCall() { this = mode.getAnInitCall() }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
BlockCipherMode mode;
BlockCipherModeInitCall() { this = mode.getAnInitCall() }
BlockCipherModeInitCall() { this = any(BlockCipherMode mode).getAnInitCall() }

java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
Comment on lines +484 to +486
BlockCipherMode mode;

BlockCipherModeUseCall() { this = mode.getAUseCall() }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
BlockCipherMode mode;
BlockCipherModeUseCall() { this = mode.getAUseCall() }
BlockCipherModeUseCall() { this = any(BlockCipherMode mode).getAUseCall() }

java/ql/lib/experimental/quantum/BouncyCastle/OperationInstances.qll
Comment on lines +87 to +89
/**
* Models the named elliptic curve passed to `X9ECParameters.getCurve()`.
*/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Those QLDoc style warnings are a bit nitpicky, but it would be great to maintain the style. Typically things start with something like An X9ECParametersInstantiation is ... or The class X9ECParametersInstantiation represents ... . Have a look through the API docs to get an idea of the style.

@fegge @aibaars
Update java/ql/lib/experimental/quantum/BouncyCastle/OperationInstanc…
6c68be5 
…es.qll

Co-authored-by: Arthur Baars <aibaars@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aibaars aibaars

@nicolaswill nicolaswill

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
documentation Java
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fegge @aibaars @nicolaswill