quantum-c#: add hash operation instance

fcasal · fcasal · commit a3e93ceefc00 · 2025-06-24T11:23:34.000+01:00
diff --git a/csharp/ql/lib/experimental/quantum/dotnet/Cryptography.qll b/csharp/ql/lib/experimental/quantum/dotnet/Cryptography.qll
@@ -197,11 +197,29 @@ class HashUse extends MethodCall {
         .getName()
         .matches([
             "ComputeHash", "ComputeHashAsync", "HashCore", "HashData", "HashDataAsync",
-            "TransformBlock", "TransformFinalBlock", "TryComputeHash", "TryHashData", "TryHashFinal"
+            "TransformBlock", "TransformFinalBlock", "TryComputeHash", "TryHashData",
+            "TryHashFinal", "HashFinal"
           ])
   }
 
   predicate isIntermediate() { this.getTarget().hasName("HashCore") }
+
+  Expr getOutputArtifact() {
+    not this.isIntermediate() and
+    // some functions receive the destination as a parameter
+    if
+      this.getTarget().getName() = ["TryComputeHash", "TryHashFinal", "TryHashData"]
+      or
+      this.getTarget().getName() = ["HashData"] and this.getNumberOfArguments() = 2
+      or
+      this.getTarget().getName() = ["HashDataAsync"] and this.getNumberOfArguments() = 3
+    then result = this.getArgument(1)
+    else result = this
+  }
+
+  Expr getInputConsumer() {
+    not this.getTarget().getName() = "HashFinal" and result = this.getArgument(0)
+  }
 }
 
 class SignerUse extends MethodCall {
diff --git a/csharp/ql/lib/experimental/quantum/dotnet/OperationInstances.qll b/csharp/ql/lib/experimental/quantum/dotnet/OperationInstances.qll
@@ -50,9 +50,13 @@ class HashOperationInstance extends Crypto::HashOperationInstance instanceof Has
 
   HashOperationInstance() { creator = HashCreateToUseFlow::getCreationFromUse(this, _, _) }
 
-  override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { none() }
+  override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() {
+    result = DataFlow::exprNode(this.(HashUse).getOutputArtifact())
+  }
 
-  override Crypto::ConsumerInputDataFlowNode getInputConsumer() { none() }
+  override Crypto::ConsumerInputDataFlowNode getInputConsumer() {
+    result = DataFlow::exprNode(this.(HashUse).getInputConsumer())
+  }
 
   override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { none() }
 }
