hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Swift: Fix some inconsistencies in the test cases.

Browse Source
This commit is contained in:
Geoffrey White
2023-12-14 16:57:54 +00:00
parent 7ba18e64a0
commit 3a900f1f8b
3 changed files with 36 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
swift/ql/test/query-tests/Security/CWE-328/WeakPasswordHashing.expected
View File

@@ -8,13 +8,13 @@ nodes
| testCryptoKit.swift:90:23:90:23 | passwd | semmle.label | passwd |
| testCryptoKit.swift:99:23:99:23 | passwd | semmle.label | passwd |
| testCryptoKit.swift:108:23:108:23 | passwd | semmle.label | passwd |
| testCryptoKit.swift:116:23:116:23 | passwd | semmle.label | passwd |
| testCryptoKit.swift:124:23:124:23 | passwd | semmle.label | passwd |
| testCryptoKit.swift:132:32:132:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:141:32:141:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:150:32:150:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:158:32:158:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:166:32:166:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:117:23:117:23 | passwd | semmle.label | passwd |
| testCryptoKit.swift:126:23:126:23 | passwd | semmle.label | passwd |
| testCryptoKit.swift:135:32:135:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:144:32:144:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:153:32:153:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:162:32:162:32 | passwd | semmle.label | passwd |
| testCryptoKit.swift:171:32:171:32 | passwd | semmle.label | passwd |
| testCryptoSwift.swift:154:30:154:30 | passwdArray | semmle.label | passwdArray |
| testCryptoSwift.swift:157:31:157:31 | passwdArray | semmle.label | passwdArray |
| testCryptoSwift.swift:160:47:160:47 | passwdArray | semmle.label | passwdArray |
@@ -49,13 +49,13 @@ subpaths
| testCryptoKit.swift:90:23:90:23 | passwd | testCryptoKit.swift:90:23:90:23 | passwd | testCryptoKit.swift:90:23:90:23 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:90:23:90:23 | passwd | password (passwd) |
| testCryptoKit.swift:99:23:99:23 | passwd | testCryptoKit.swift:99:23:99:23 | passwd | testCryptoKit.swift:99:23:99:23 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:99:23:99:23 | passwd | password (passwd) |
| testCryptoKit.swift:108:23:108:23 | passwd | testCryptoKit.swift:108:23:108:23 | passwd | testCryptoKit.swift:108:23:108:23 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:108:23:108:23 | passwd | password (passwd) |
| testCryptoKit.swift:116:23:116:23 | passwd | testCryptoKit.swift:116:23:116:23 | passwd | testCryptoKit.swift:116:23:116:23 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:116:23:116:23 | passwd | password (passwd) |
| testCryptoKit.swift:124:23:124:23 | passwd | testCryptoKit.swift:124:23:124:23 | passwd | testCryptoKit.swift:124:23:124:23 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:124:23:124:23 | passwd | password (passwd) |
| testCryptoKit.swift:132:32:132:32 | passwd | testCryptoKit.swift:132:32:132:32 | passwd | testCryptoKit.swift:132:32:132:32 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:132:32:132:32 | passwd | password (passwd) |
| testCryptoKit.swift:141:32:141:32 | passwd | testCryptoKit.swift:141:32:141:32 | passwd | testCryptoKit.swift:141:32:141:32 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:141:32:141:32 | passwd | password (passwd) |
| testCryptoKit.swift:150:32:150:32 | passwd | testCryptoKit.swift:150:32:150:32 | passwd | testCryptoKit.swift:150:32:150:32 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:150:32:150:32 | passwd | password (passwd) |
| testCryptoKit.swift:158:32:158:32 | passwd | testCryptoKit.swift:158:32:158:32 | passwd | testCryptoKit.swift:158:32:158:32 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:158:32:158:32 | passwd | password (passwd) |
| testCryptoKit.swift:166:32:166:32 | passwd | testCryptoKit.swift:166:32:166:32 | passwd | testCryptoKit.swift:166:32:166:32 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:166:32:166:32 | passwd | password (passwd) |
| testCryptoKit.swift:117:23:117:23 | passwd | testCryptoKit.swift:117:23:117:23 | passwd | testCryptoKit.swift:117:23:117:23 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:117:23:117:23 | passwd | password (passwd) |
| testCryptoKit.swift:126:23:126:23 | passwd | testCryptoKit.swift:126:23:126:23 | passwd | testCryptoKit.swift:126:23:126:23 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:126:23:126:23 | passwd | password (passwd) |
| testCryptoKit.swift:135:32:135:32 | passwd | testCryptoKit.swift:135:32:135:32 | passwd | testCryptoKit.swift:135:32:135:32 | passwd | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:135:32:135:32 | passwd | password (passwd) |
| testCryptoKit.swift:144:32:144:32 | passwd | testCryptoKit.swift:144:32:144:32 | passwd | testCryptoKit.swift:144:32:144:32 | passwd | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:144:32:144:32 | passwd | password (passwd) |
| testCryptoKit.swift:153:32:153:32 | passwd | testCryptoKit.swift:153:32:153:32 | passwd | testCryptoKit.swift:153:32:153:32 | passwd | Insecure hashing algorithm (SHA256) depends on $@. | testCryptoKit.swift:153:32:153:32 | passwd | password (passwd) |
| testCryptoKit.swift:162:32:162:32 | passwd | testCryptoKit.swift:162:32:162:32 | passwd | testCryptoKit.swift:162:32:162:32 | passwd | Insecure hashing algorithm (SHA384) depends on $@. | testCryptoKit.swift:162:32:162:32 | passwd | password (passwd) |
| testCryptoKit.swift:171:32:171:32 | passwd | testCryptoKit.swift:171:32:171:32 | passwd | testCryptoKit.swift:171:32:171:32 | passwd | Insecure hashing algorithm (SHA512) depends on $@. | testCryptoKit.swift:171:32:171:32 | passwd | password (passwd) |
| testCryptoSwift.swift:154:30:154:30 | passwdArray | testCryptoSwift.swift:154:30:154:30 | passwdArray | testCryptoSwift.swift:154:30:154:30 | passwdArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:154:30:154:30 | passwdArray | password (passwdArray) |
| testCryptoSwift.swift:157:31:157:31 | passwdArray | testCryptoSwift.swift:157:31:157:31 | passwdArray | testCryptoSwift.swift:157:31:157:31 | passwdArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:157:31:157:31 | passwdArray | password (passwdArray) |
| testCryptoSwift.swift:160:47:160:47 | passwdArray | testCryptoSwift.swift:160:47:160:47 | passwdArray | testCryptoSwift.swift:160:47:160:47 | passwdArray | Insecure hashing algorithm (SHA2) depends on $@. | testCryptoSwift.swift:160:47:160:47 | passwdArray | password (passwdArray) |

26
swift/ql/test/query-tests/Security/CWE-328/WeakSensitiveDataHashing.expected
View File

@@ -3,7 +3,6 @@ nodes
| testCryptoKit.swift:57:43:57:43 | cert | semmle.label | cert |
| testCryptoKit.swift:59:43:59:43 | account_no | semmle.label | account_no |
| testCryptoKit.swift:60:43:60:43 | credit_card_no | semmle.label | credit_card_no |
| testCryptoKit.swift:61:43:61:43 | credit_card_no | semmle.label | credit_card_no |
| testCryptoKit.swift:64:44:64:44 | cert | semmle.label | cert |
| testCryptoKit.swift:66:44:66:44 | account_no | semmle.label | account_no |
| testCryptoKit.swift:67:44:67:44 | credit_card_no | semmle.label | credit_card_no |
@@ -13,12 +12,12 @@ nodes
| testCryptoKit.swift:100:23:100:23 | cert | semmle.label | cert |
| testCryptoKit.swift:102:23:102:23 | account_no | semmle.label | account_no |
| testCryptoKit.swift:103:23:103:23 | credit_card_no | semmle.label | credit_card_no |
| testCryptoKit.swift:133:32:133:32 | cert | semmle.label | cert |
| testCryptoKit.swift:135:32:135:32 | account_no | semmle.label | account_no |
| testCryptoKit.swift:136:32:136:32 | credit_card_no | semmle.label | credit_card_no |
| testCryptoKit.swift:142:32:142:32 | cert | semmle.label | cert |
| testCryptoKit.swift:144:32:144:32 | account_no | semmle.label | account_no |
| testCryptoKit.swift:145:32:145:32 | credit_card_no | semmle.label | credit_card_no |
| testCryptoKit.swift:136:32:136:32 | cert | semmle.label | cert |
| testCryptoKit.swift:138:32:138:32 | account_no | semmle.label | account_no |
| testCryptoKit.swift:139:32:139:32 | credit_card_no | semmle.label | credit_card_no |
| testCryptoKit.swift:145:32:145:32 | cert | semmle.label | cert |
| testCryptoKit.swift:147:32:147:32 | account_no | semmle.label | account_no |
| testCryptoKit.swift:148:32:148:32 | credit_card_no | semmle.label | credit_card_no |
| testCryptoSwift.swift:153:30:153:30 | phoneNumberArray | semmle.label | phoneNumberArray |
| testCryptoSwift.swift:156:31:156:31 | phoneNumberArray | semmle.label | phoneNumberArray |
| testCryptoSwift.swift:166:20:166:20 | phoneNumberArray | semmle.label | phoneNumberArray |
@@ -34,7 +33,6 @@ subpaths
| testCryptoKit.swift:57:43:57:43 | cert | testCryptoKit.swift:57:43:57:43 | cert | testCryptoKit.swift:57:43:57:43 | cert | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:57:43:57:43 | cert | sensitive data (credential cert) |
| testCryptoKit.swift:59:43:59:43 | account_no | testCryptoKit.swift:59:43:59:43 | account_no | testCryptoKit.swift:59:43:59:43 | account_no | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:59:43:59:43 | account_no | sensitive data (private information account_no) |
| testCryptoKit.swift:60:43:60:43 | credit_card_no | testCryptoKit.swift:60:43:60:43 | credit_card_no | testCryptoKit.swift:60:43:60:43 | credit_card_no | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:60:43:60:43 | credit_card_no | sensitive data (private information credit_card_no) |
| testCryptoKit.swift:61:43:61:43 | credit_card_no | testCryptoKit.swift:61:43:61:43 | credit_card_no | testCryptoKit.swift:61:43:61:43 | credit_card_no | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:61:43:61:43 | credit_card_no | sensitive data (private information credit_card_no) |
| testCryptoKit.swift:64:44:64:44 | cert | testCryptoKit.swift:64:44:64:44 | cert | testCryptoKit.swift:64:44:64:44 | cert | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:64:44:64:44 | cert | sensitive data (credential cert) |
| testCryptoKit.swift:66:44:66:44 | account_no | testCryptoKit.swift:66:44:66:44 | account_no | testCryptoKit.swift:66:44:66:44 | account_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:66:44:66:44 | account_no | sensitive data (private information account_no) |
| testCryptoKit.swift:67:44:67:44 | credit_card_no | testCryptoKit.swift:67:44:67:44 | credit_card_no | testCryptoKit.swift:67:44:67:44 | credit_card_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:67:44:67:44 | credit_card_no | sensitive data (private information credit_card_no) |
@@ -44,12 +42,12 @@ subpaths
| testCryptoKit.swift:100:23:100:23 | cert | testCryptoKit.swift:100:23:100:23 | cert | testCryptoKit.swift:100:23:100:23 | cert | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:100:23:100:23 | cert | sensitive data (credential cert) |
| testCryptoKit.swift:102:23:102:23 | account_no | testCryptoKit.swift:102:23:102:23 | account_no | testCryptoKit.swift:102:23:102:23 | account_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:102:23:102:23 | account_no | sensitive data (private information account_no) |
| testCryptoKit.swift:103:23:103:23 | credit_card_no | testCryptoKit.swift:103:23:103:23 | credit_card_no | testCryptoKit.swift:103:23:103:23 | credit_card_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:103:23:103:23 | credit_card_no | sensitive data (private information credit_card_no) |
| testCryptoKit.swift:133:32:133:32 | cert | testCryptoKit.swift:133:32:133:32 | cert | testCryptoKit.swift:133:32:133:32 | cert | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:133:32:133:32 | cert | sensitive data (credential cert) |
| testCryptoKit.swift:135:32:135:32 | account_no | testCryptoKit.swift:135:32:135:32 | account_no | testCryptoKit.swift:135:32:135:32 | account_no | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:135:32:135:32 | account_no | sensitive data (private information account_no) |
| testCryptoKit.swift:136:32:136:32 | credit_card_no | testCryptoKit.swift:136:32:136:32 | credit_card_no | testCryptoKit.swift:136:32:136:32 | credit_card_no | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:136:32:136:32 | credit_card_no | sensitive data (private information credit_card_no) |
| testCryptoKit.swift:142:32:142:32 | cert | testCryptoKit.swift:142:32:142:32 | cert | testCryptoKit.swift:142:32:142:32 | cert | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:142:32:142:32 | cert | sensitive data (credential cert) |
| testCryptoKit.swift:144:32:144:32 | account_no | testCryptoKit.swift:144:32:144:32 | account_no | testCryptoKit.swift:144:32:144:32 | account_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:144:32:144:32 | account_no | sensitive data (private information account_no) |
| testCryptoKit.swift:145:32:145:32 | credit_card_no | testCryptoKit.swift:145:32:145:32 | credit_card_no | testCryptoKit.swift:145:32:145:32 | credit_card_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:145:32:145:32 | credit_card_no | sensitive data (private information credit_card_no) |
| testCryptoKit.swift:136:32:136:32 | cert | testCryptoKit.swift:136:32:136:32 | cert | testCryptoKit.swift:136:32:136:32 | cert | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:136:32:136:32 | cert | sensitive data (credential cert) |
| testCryptoKit.swift:138:32:138:32 | account_no | testCryptoKit.swift:138:32:138:32 | account_no | testCryptoKit.swift:138:32:138:32 | account_no | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:138:32:138:32 | account_no | sensitive data (private information account_no) |
| testCryptoKit.swift:139:32:139:32 | credit_card_no | testCryptoKit.swift:139:32:139:32 | credit_card_no | testCryptoKit.swift:139:32:139:32 | credit_card_no | Insecure hashing algorithm (MD5) depends on $@. | testCryptoKit.swift:139:32:139:32 | credit_card_no | sensitive data (private information credit_card_no) |
| testCryptoKit.swift:145:32:145:32 | cert | testCryptoKit.swift:145:32:145:32 | cert | testCryptoKit.swift:145:32:145:32 | cert | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:145:32:145:32 | cert | sensitive data (credential cert) |
| testCryptoKit.swift:147:32:147:32 | account_no | testCryptoKit.swift:147:32:147:32 | account_no | testCryptoKit.swift:147:32:147:32 | account_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:147:32:147:32 | account_no | sensitive data (private information account_no) |
| testCryptoKit.swift:148:32:148:32 | credit_card_no | testCryptoKit.swift:148:32:148:32 | credit_card_no | testCryptoKit.swift:148:32:148:32 | credit_card_no | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoKit.swift:148:32:148:32 | credit_card_no | sensitive data (private information credit_card_no) |
| testCryptoSwift.swift:153:30:153:30 | phoneNumberArray | testCryptoSwift.swift:153:30:153:30 | phoneNumberArray | testCryptoSwift.swift:153:30:153:30 | phoneNumberArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:153:30:153:30 | phoneNumberArray | sensitive data (private information phoneNumberArray) |
| testCryptoSwift.swift:156:31:156:31 | phoneNumberArray | testCryptoSwift.swift:156:31:156:31 | phoneNumberArray | testCryptoSwift.swift:156:31:156:31 | phoneNumberArray | Insecure hashing algorithm (SHA1) depends on $@. | testCryptoSwift.swift:156:31:156:31 | phoneNumberArray | sensitive data (private information phoneNumberArray) |
| testCryptoSwift.swift:166:20:166:20 | phoneNumberArray | testCryptoSwift.swift:166:20:166:20 | phoneNumberArray | testCryptoSwift.swift:166:20:166:20 | phoneNumberArray | Insecure hashing algorithm (MD5) depends on $@. | testCryptoSwift.swift:166:20:166:20 | phoneNumberArray | sensitive data (private information phoneNumberArray) |

14
swift/ql/test/query-tests/Security/CWE-328/testCryptoKit.swift
View File

@@ -58,7 +58,7 @@ func testHashMethods(passwd : UnsafeRawBufferPointer, cert: String, encrypted_pa
hash = Crypto.Insecure.MD5.hash(data: encrypted_passwd) // GOOD (not sensitive)
hash = Crypto.Insecure.MD5.hash(data: account_no) // BAD
hash = Crypto.Insecure.MD5.hash(data: credit_card_no) // BAD
hash = Crypto.Insecure.MD5.hash(data: credit_card_no) // BAD
hash = Crypto.Insecure.SHA1.hash(data: passwd) // BAD
hash = Crypto.Insecure.SHA1.hash(data: cert) // BAD
@@ -68,21 +68,21 @@ func testHashMethods(passwd : UnsafeRawBufferPointer, cert: String, encrypted_pa
hash = Crypto.SHA256.hash(data: passwd) // BAD, not a computationally expensive hash
hash = Crypto.SHA256.hash(data: cert) // GOOD, computationally expensive hash not required
hash = Crypto.SHA256.hash(data: encrypted_passwd) // GOOD, not sensitive
hash = Crypto.SHA256.hash(data: account_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA256.hash(data: credit_card_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA256.hash(data: credit_card_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA384.hash(data: passwd) // BAD, not a computationally expensive hash
hash = Crypto.SHA384.hash(data: cert) // GOOD, computationally expensive hash not required
hash = Crypto.SHA384.hash(data: encrypted_passwd) // GOOD, not sensitive
hash = Crypto.SHA384.hash(data: account_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA384.hash(data: credit_card_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA384.hash(data: credit_card_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA512.hash(data: passwd) // BAD, not a computationally expensive hash
hash = Crypto.SHA512.hash(data: cert) // GOOD, computationally expensive hash not required
hash = Crypto.SHA512.hash(data: encrypted_passwd) // GOOD, not sensitive
hash = Crypto.SHA512.hash(data: account_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA512.hash(data: credit_card_no) // GOOD, computationally expensive hash not required
hash = Crypto.SHA512.hash(data: credit_card_no) // GOOD, computationally expensive hash not required
}
func testMD5UpdateWithData(passwd : String, cert: String, encrypted_passwd : String, account_no : String, credit_card_no : String) {
@@ -107,6 +107,7 @@ func testSHA256UpdateWithData(passwd : String, cert: String, encrypted_passwd :
var hash = Crypto.SHA256()
hash.update(data: passwd) // BAD, not a computationally expensive hash
hash.update(data: cert) // GOOD
hash.update(data: encrypted_passwd) // GOOD (not sensitive)
hash.update(data: account_no) // GOOD
hash.update(data: credit_card_no) // GOOD
}
@@ -115,6 +116,7 @@ func testSHA384UpdateWithData(passwd : String, cert: String, encrypted_passwd :
var hash = Crypto.SHA384()
hash.update(data: passwd) // BAD, not a computationally expensive hash
hash.update(data: cert) // GOOD
hash.update(data: encrypted_passwd) // GOOD (not sensitive)
hash.update(data: account_no) // GOOD
hash.update(data: credit_card_no) // GOOD
}
@@ -123,6 +125,7 @@ func testSHA512UpdateWithData(passwd : String, cert: String, encrypted_passwd :
var hash = Crypto.SHA512()
hash.update(data: passwd) // BAD, not a computationally expensive hash
hash.update(data: cert) // GOOD
hash.update(data: encrypted_passwd) // GOOD (not sensitive)
hash.update(data: account_no) // GOOD
hash.update(data: credit_card_no) // GOOD
}
@@ -149,6 +152,7 @@ func testSHA256UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer,
var hash = Crypto.SHA256()
hash.update(bufferPointer: passwd) // BAD, not a computationally expensive hash
hash.update(bufferPointer: cert) // GOOD
hash.update(bufferPointer: encrypted_passwd) // GOOD (not sensitive)
hash.update(bufferPointer: account_no) // GOOD
hash.update(bufferPointer: credit_card_no) // GOOD
}
@@ -157,6 +161,7 @@ func testSHA384UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer,
var hash = Crypto.SHA384()
hash.update(bufferPointer: passwd) // BAD, not a computationally expensive hash
hash.update(bufferPointer: cert) // GOOD
hash.update(bufferPointer: encrypted_passwd) // GOOD (not sensitive)
hash.update(bufferPointer: account_no) // GOOD
hash.update(bufferPointer: credit_card_no) // GOOD
}
@@ -165,6 +170,7 @@ func testSHA512UpdateWithUnsafeRawBufferPointer(passwd : UnsafeRawBufferPointer,
var hash = Crypto.SHA512()
hash.update(bufferPointer: passwd) // BAD, not a computationally expensive hash
hash.update(bufferPointer: cert) // GOOD
hash.update(bufferPointer: encrypted_passwd) // GOOD (not sensitive)
hash.update(bufferPointer: account_no) // GOOD
hash.update(bufferPointer: credit_card_no) // GOOD
}