hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Removing old ReusedNonce query.

Browse Source
This commit is contained in:
REDMOND\brodes
2025-03-03 16:51:30 -05:00
parent 2ee1681126
commit 8865d89fe9
1 changed files with 0 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
java/ql/src/experimental/Quantum/ReusedNonce.ql
View File

@@ -1,21 +0,0 @@
/**
* @name Unsafe nonce source or reuse
* @id java/unsafe-nonce-source-or-reuse
*/
import experimental.Quantum.Language
import semmle.code.java.dataflow.DataFlow
Crypto::NodeBase getNonceOrigin(Crypto::NonceNode nonce) {
// TODO: this check is currently ultra hacky just for demoing
result = nonce.getSourceNode()
}
from Crypto::CipherOperationNode op, Crypto::NonceNode nonce1, Crypto::NonceNode nonce2
where
op.asElement().(Expr).getEnclosingCallable().getName() = "encrypt" and
nonce1 = op.getANonce() and
nonce2 = op.getANonce() and
not nonce1 = nonce2 and
getNonceOrigin(nonce1) = getNonceOrigin(nonce2)
select op, nonce1, nonce2