add support for AlgorithmParameterGenerator

Author: Jami Cogswell

java/ql/lib/semmle/code/java/security/Encryption.qll

@@ -389,7 +389,7 @@ class JavaSecuritySignature extends JavaSecurityAlgoSpec {
   override Expr getAlgoSpec() { result = this.(ConstructorCall).getArgument(0) }
 }
 
-/** A method call to the Java class `java.security.KeyPairGenerator`. */
+/** An instance of a `java.security.KeyPairGenerator`. */
 class JavaSecurityKeyPairGenerator extends JavaSecurityAlgoSpec {
   JavaSecurityKeyPairGenerator() {
     exists(Constructor c | c.getAReference() = this |
@@ -405,6 +405,41 @@ class JavaSecurityKeyPairGenerator extends JavaSecurityAlgoSpec {
   override Expr getAlgoSpec() { result = this.(Call).getArgument(0) }
 }
 
+/** The Java class `java.security.AlgorithmParameterGenerator`. */
+class AlgorithmParameterGenerator extends RefType {
+  AlgorithmParameterGenerator() {
+    this.hasQualifiedName("java.security", "AlgorithmParameterGenerator")
+  }
+}
+
+/** The `init` method declared in `java.security.AlgorithmParameterGenerator`. */
+class AlgoParamGeneratorInitMethod extends Method {
+  AlgoParamGeneratorInitMethod() {
+    this.getDeclaringType() instanceof AlgorithmParameterGenerator and
+    this.hasName("init")
+  }
+}
+
+/** An instance of a `java.security.AlgorithmParameterGenerator`. */
+class JavaSecurityAlgoParamGenerator extends JavaSecurityAlgoSpec {
+  JavaSecurityAlgoParamGenerator() {
+    exists(Constructor c | c.getAReference() = this |
+      c.getDeclaringType() instanceof AlgorithmParameterGenerator
+    )
+    or
+    exists(Method m | m.getAReference() = this |
+      m.getDeclaringType() instanceof AlgorithmParameterGenerator and
+      m.getName() = "getInstance"
+    )
+  }
+
+  override Expr getAlgoSpec() {
+    exists(Call c | c = this |
+      if c.getNumArgument() = 3 then result = c.getArgument(2) else result = c.getArgument(0)
+    )
+  }
+}
+
 /** The Java interface `java.security.spec.AlgorithmParameterSpec` */
 abstract class AlgorithmParameterSpec extends RefType { }
 

java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll

@@ -131,7 +131,10 @@ abstract class KeyGenInitMethodAccess extends MethodAccess {
 
 /** A call to the `initialize` method declared in `java.security.KeyPairGenerator`. */
 private class AsymmetricInitMethodAccess extends KeyGenInitMethodAccess {
-  AsymmetricInitMethodAccess() { this.getMethod() instanceof KeyPairGeneratorInitMethod }
+  AsymmetricInitMethodAccess() {
+    this.getMethod() instanceof KeyPairGeneratorInitMethod or
+    this.getMethod() instanceof AlgoParamGeneratorInitMethod
+  }
 }
 
 /** A call to the `init` method declared in `javax.crypto.KeyGenerator`. */
@@ -146,16 +149,19 @@ abstract class KeyGeneratorObject extends CryptoAlgoSpec {
 
 /** An instance of a `java.security.KeyPairGenerator`. */
 private class AsymmetricKeyGenerator extends KeyGeneratorObject {
-  AsymmetricKeyGenerator() { this instanceof JavaSecurityKeyPairGenerator }
+  AsymmetricKeyGenerator() {
+    this instanceof JavaSecurityKeyPairGenerator or
+    this instanceof JavaSecurityAlgoParamGenerator
+  }
 
-  override Expr getAlgoSpec() { result = this.(MethodAccess).getArgument(0) }
+  override Expr getAlgoSpec() { result = this.getAlgoSpec() }
 }
 
 /** An instance of a `javax.crypto.KeyGenerator`. */
 private class SymmetricKeyGenerator extends KeyGeneratorObject {
   SymmetricKeyGenerator() { this instanceof JavaxCryptoKeyGenerator }
 
-  override Expr getAlgoSpec() { result = this.(MethodAccess).getArgument(0) }
+  override Expr getAlgoSpec() { result = this.getAlgoSpec() }
 }
 
 /** An instance of an algorithm specification. */