Removing old ReusedNonce query.

This commit is contained in:
REDMOND\brodes
2025-03-03 16:51:30 -05:00
parent 2ee1681126
commit 8865d89fe9

View File

@@ -1,21 +0,0 @@
/**
* @name Unsafe nonce source or reuse
* @id java/unsafe-nonce-source-or-reuse
*/
import experimental.Quantum.Language
import semmle.code.java.dataflow.DataFlow
Crypto::NodeBase getNonceOrigin(Crypto::NonceNode nonce) {
// TODO: this check is currently ultra hacky just for demoing
result = nonce.getSourceNode()
}
from Crypto::CipherOperationNode op, Crypto::NonceNode nonce1, Crypto::NonceNode nonce2
where
op.asElement().(Expr).getEnclosingCallable().getName() = "encrypt" and
nonce1 = op.getANonce() and
nonce2 = op.getANonce() and
not nonce1 = nonce2 and
getNonceOrigin(nonce1) = getNonceOrigin(nonce2)
select op, nonce1, nonce2