Details
Description
The content/implementation of S2070 should "be moved" to S4790 (the key of the rule should be updated).
The issue message should also be updates:
CC_MD5(data.bytes, CC_LONG(data.length), &digest) // Noncompliant {{Make sure this weak hash algorithm is not used in a sensitive context here.}}
Hardening of ITs
The ITs should cover the latest API of CryptoSwift:
let bytes:Array<UInt8> = [0x01, 0x02, 0x03] let digest1 = input.md5() // Noncompliant let digest2 = Digest.md5(bytes) // Noncompliant var hash = "123".md5() // Noncompliant hash = data.md5() // Noncompliant hash = data.sha1() // Noncompliant hash = data.sha224() // Compliant hash = data.sha256() // Compliant hash = data.sha384() // Compliant hash = data.sha512() // Compliant
Attachments
Issue Links
- depends upon
-
SONARSWIFT-458 Deprecate S2070 in favor of S4790
-
- Closed
-
- implements
-
RSPEC-4790 Using weak hashing algorithms is security-sensitive
- Active