Additional crypto libs for python (#73)

prabhu · web-flow · commit ab80745ca53b · 2024-04-30T13:24:29.000+01:00
* Additional crypto libs

Signed-off-by: Prabhu Subramanian &lt;prabhu@appthreat.com&gt;

* Additional desc tags

Signed-off-by: Prabhu Subramanian &lt;prabhu@appthreat.com&gt;

* Update eclipse cdt jar

Signed-off-by: Prabhu Subramanian &lt;prabhu@appthreat.com&gt;

---------

Signed-off-by: Prabhu Subramanian &lt;prabhu@appthreat.com&gt;
diff --git a/build.sbt b/build.sbt
@@ -1,6 +1,6 @@
 name                     := "chen"
 ThisBuild / organization := "io.appthreat"
-ThisBuild / version      := "2.0.10"
+ThisBuild / version      := "2.0.11"
 ThisBuild / scalaVersion := "3.4.1"
 
 val cpgVersion = "1.0.0"
diff --git a/codemeta.json b/codemeta.json
@@ -7,7 +7,7 @@
   "downloadUrl": "https://github.com/AppThreat/chen",
   "issueTracker": "https://github.com/AppThreat/chen/issues",
   "name": "chen",
-  "version": "2.0.10",
+  "version": "2.0.11",
   "description": "Code Hierarchy Exploration Net (chen) is an advanced exploration toolkit for your application source code and its dependency hierarchy.",
   "applicationCategory": "code-analysis",
   "keywords": [
diff --git a/meta.yaml b/meta.yaml
@@ -1,4 +1,4 @@
-{% set version = "2.0.10" %}
+{% set version = "2.0.11" %}
 
 package:
   name: chen
diff --git a/platform/frontends/c2cpg/lib/README.md b/platform/frontends/c2cpg/lib/README.md
@@ -0,0 +1,3 @@
+org.eclipse.cdt jars were downloaded from
+
+https://download.eclipse.org/tools/cdt/releases/11.5/cdt-11.5.0/plugins/
diff --git a/platform/frontends/c2cpg/lib/org.eclipse.cdt.core_8.4.0.202402110645.jar b/platform/frontends/c2cpg/lib/org.eclipse.cdt.core_8.4.0.202402110645.jar
diff --git a/platform/frontends/x2cpg/src/main/scala/io/appthreat/x2cpg/passes/taggers/CdxPass.scala b/platform/frontends/x2cpg/src/main/scala/io/appthreat/x2cpg/passes/taggers/CdxPass.scala
@@ -338,6 +338,14 @@ class CdxPass(atom: Cpg) extends CpgPass(atom):
                                             atom.method.fullName(bpkg).newTagNode(t).store()(
                                               dstGraph
                                             )
+                                            if language == Languages.PYTHON || language == Languages.PYTHONSRC
+                                            then
+                                                atom.call.where(
+                                                  _.methodFullName(bpkg)
+                                                ).newTagNode(t).store()(dstGraph)
+                                                atom.identifier.typeFullName(bpkg).newTagNode(
+                                                  t
+                                                ).store()(dstGraph)
                                     }
                                 end if
                             }
diff --git a/platform/frontends/x2cpg/src/main/scala/io/appthreat/x2cpg/passes/taggers/EasyTagsPass.scala b/platform/frontends/x2cpg/src/main/scala/io/appthreat/x2cpg/passes/taggers/EasyTagsPass.scala
@@ -155,15 +155,20 @@ class EasyTagsPass(atom: Cpg) extends CpgPass(atom):
             ).newTagNode("crypto-algorithm").store()(dstGraph)
         end if
         if language == Languages.PYTHON || language == Languages.PYTHONSRC then
-            atom.identifier.typeFullName("cryptography.*").newTagNode("crypto").store()(dstGraph)
-            atom.call.methodFullName("cryptography.*").newTagNode("crypto").store()(dstGraph)
+            val known_crypto_libs = "(cryptography|Crypto|ecdsa|nacl).*"
+            atom.identifier.typeFullName(known_crypto_libs).newTagNode(
+              "crypto"
+            ).store()(dstGraph)
+            atom.call.methodFullName(known_crypto_libs).newTagNode(
+              "crypto"
+            ).store()(dstGraph)
             atom.call.methodFullName(
-              "cryptography.*(generate|encrypt|decrypt|derive|sign|public_bytes|private_bytes|exchange).*"
+              s"${known_crypto_libs}(generate|encrypt|decrypt|derive|sign|public_bytes|private_bytes|exchange|new|update|export_key|import_key|from_string|from_pem|to_pem).*"
             ).newTagNode(
               "crypto-generate"
             ).store()(dstGraph)
             atom.call.name("[A-Z0-9]+").methodFullName(
-              "cryptography.*(primitives|serialization).*"
+              s"${known_crypto_libs}(primitives|serialization).*"
             ).argument.inCall.newTagNode(
               "crypto-algorithm"
             ).store()(dstGraph)
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "appthreat-chen"
-version = "2.0.10"
+version = "2.0.11"
 description = "Code Hierarchy Exploration Net (chen)"
 authors = ["Team AppThreat <cloud@appthreat.com>"]
 license = "Apache-2.0"

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-{% set version = "2.0.10" %}`
	`1`	`+{% set version = "2.0.11" %}`
`2`	`2`
`3`	`3`	`package:`
`4`	`4`	`name: chen`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+org.eclipse.cdt jars were downloaded from`
	`2`	`+`
	`3`	`+https://download.eclipse.org/tools/cdt/releases/11.5/cdt-11.5.0/plugins/`
Original file line number	Diff line number	Diff line change
`@@ -338,6 +338,14 @@ class CdxPass(atom: Cpg) extends CpgPass(atom):`
`338`	`338`	`atom.method.fullName(bpkg).newTagNode(t).store()(`
`339`	`339`	`dstGraph`
`340`	`340`	`)`
	`341`	`+ if language == Languages.PYTHON \|\| language == Languages.PYTHONSRC`
	`342`	`+ then`
	`343`	`+ atom.call.where(`
	`344`	`+ _.methodFullName(bpkg)`
	`345`	`+ ).newTagNode(t).store()(dstGraph)`
	`346`	`+ atom.identifier.typeFullName(bpkg).newTagNode(`
	`347`	`+ t`
	`348`	`+ ).store()(dstGraph)`
`341`	`349`	`}`
`342`	`350`	`end if`
`343`	`351`	`}`