hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-13 14:34:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #11805 from geoffw0/references

Browse Source 
Swift: Add a reference for swift/hardcoded-key.
This commit is contained in:
Jeroen Ketema
2023-01-04 16:39:24 +01:00
committed by GitHub
parent 60a5512ca2 7ad8771b53
commit 134fbb2128
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.qhelp
View File

@@ -14,4 +14,8 @@
<p>The following example shows a few cases of instantiating a cipher with various encryption keys. In the 'BAD' cases, the key material is hardcoded, making the encrypted data vulnerable to recovery. In the 'GOOD' cases, the key material is randomly generated and not hardcoded, which protects the encrypted data against recovery.</p>
<sample src="HardcodedEncryptionKey.swift" />
</example>
<references>
<li>OWASP: <a href="https://cheatsheetseries.owasp.org/cheatsheets/Key_Management_Cheat_Sheet.html">Key Management Cheat Sheet</a></li>
</references>
</qhelp>