jorgectf
diff --git a/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng.ql renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WinCng.ql
Lines changed: 1 addition & 1 deletion b/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng.ql renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WinCng.ql
Lines changed: 1 addition & 1 deletion
diff --git a/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WindowsCng.qll renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WindowsCng.qll b/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WindowsCng.qll renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WindowsCng.qll
diff --git a/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WindowsCngPQCVAsymmetricKeyUsage.ql renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WindowsCngPQCVulnerableUsage.ql b/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WindowsCngPQCVAsymmetricKeyUsage.ql renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WindowsCngPQCVulnerableUsage.ql
diff --git a/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WindowsCngPQCVAsymmetricKeyUsage.qll renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WindowsCngPQCVulnerableUsage.qll
Lines changed: 12 additions & 2 deletions b/‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WindowsCngPQCVAsymmetricKeyUsage.qll renamed to ‎cpp/ql/src/experimental/campaigns/nccoe-pqc-migration/QuantumVulnerableDiscovery/WinCng/WindowsCngPQCVulnerableUsage.qll
Lines changed: 12 additions & 2 deletions
@@ -14,7 +14,7 @@
 import cpp
 import DataFlow::PathGraph
 import WindowsCng
-import WindowsCngPQCVAsymmetricKeyUsage
+import WindowsCngPQCVulnerableUsage
 
 // CNG-specific DataFlow configuration
 class BCryptConfiguration extends TaintTracking::Configuration {
 
@@ -1,11 +1,21 @@
 import cpp
 import WindowsCng
+
+predicate vulnerableCngFunctionName(string name) {
+    name in ["BCryptSignHash", "BCryptEncrypt"]
+}
+
+predicate vulnerableCngFunction(Function f)
+{
+    exists(string name | f.hasGlobalName(name) and vulnerableCngFunctionName(name))
+}
+
 //TODO: Verify NCrypt calls (parameters) & find all other APIs that should be included (i.e. decrypt, etc.)
 predicate isExprKeyHandleForBCryptSignHash(Expr e){
     exists( FunctionCall call |
         e = call.getArgument(0)
-         and
-         call.getTarget().hasGlobalName("BCryptSignHash")
+        and
+        vulnerableCngFunction(call.getTarget())
     )
 }