Skip to content

Quantum: Support for BouncyCastle signature algorithms and block cipher modes #19568

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 26 commits into
base: main
Choose a base branch
from

Conversation

fegge
Copy link
Contributor

@fegge fegge commented May 23, 2025

To be reviewed by @nicolaswill.

@fegge fegge requested a review from a team as a code owner May 23, 2025 09:59
@github-actions github-actions bot added the Java label May 23, 2025
@fegge fegge marked this pull request as draft May 23, 2025 10:11
@fegge fegge force-pushed the fegge/bouncycastle branch 2 times, most recently from 8d2ec44 to 5884c71 Compare May 29, 2025 11:21
@fegge fegge marked this pull request as ready for review May 30, 2025 08:36
@fegge fegge requested a review from a team as a code owner May 30, 2025 08:36
@fegge fegge marked this pull request as draft May 30, 2025 08:41
Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

@nicolaswill nicolaswill marked this pull request as ready for review June 2, 2025 15:05
@nicolaswill nicolaswill requested review from nicolaswill and removed request for a team June 2, 2025 15:06
Copy link
Contributor

@nicolaswill nicolaswill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The BouncyCastle stubs need a copy of the license file:
https://github.com/bcgit/bc-java/blob/main/LICENSE.md

Aside from that, please resolve the QL for QL Code Scanning alerts (with the exception of class naming to match camelCase or PascalCase for acronyms... we can do that later).

I have not yet reviewed all of the modeling.

nicolaswill
nicolaswill previously approved these changes Jun 3, 2025
Copy link
Contributor

@nicolaswill nicolaswill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

fegge added 10 commits June 12, 2025 13:44
This commit adds the `KeyGenerationOperationInstance` and
`KeyGenerationAlgorithmInstance` types to the BouncyCastle model.

It also adds data flow support from key pairs to the corresponding
public and private components.
This commit also adds associated elliptic curves to the key generation
and key nodes.
This commit adds support for ECDSA. This includes tracking the
instantiated curve parameters using data flow.

It also adds SignatureArtifactInstance and SignatureOperationInstance
types to the shared model.
@fegge fegge force-pushed the fegge/bouncycastle branch from 6c68be5 to 7969bdf Compare June 12, 2025 11:45
@fegge fegge changed the title Quantum: Initial support for BouncyCastle signature algorithms Quantum: Support for BouncyCastle signature algorithms and block cipher modes Jun 12, 2025

override Crypto::KeyOperationSubtype getKeyOperationSubtype() {
// The key operation sub-type is determined by the `encrypting` argument to `init()`.
exists(this.getInitCall()) and

Check warning

Code scanning / CodeQL

Superfluous 'exists' conjunct. Warning

This conjunct is superfluous as the existence is implied by
this conjunct
.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants