go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-11-23 22:15:04 +02:00
Code Issues Releases Activity

Split the G401 rule into two separate ones

Browse Source 
Now the G401 rule is split into hashing and encryption algorithms.

G401 is responsible for checking the usage of MD5 and SHA1, with corresponding CWE of 328.
And G405(New rule) is responsible for checking the usege of DES and RC4, with corresponding CWE of 327.
This commit is contained in:
Dimitar Banchev
2024-06-20 13:02:59 +02:00
committed by Cosmin Cojocar
parent 2e71f37efd
commit 58e4fccc13
11 changed files with 480 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
rules/rulelist.go
View File

@@ -94,10 +94,11 @@ func Generate(trackSuppressions bool, filters ...RuleFilter) RuleList {
{"G307", "Poor file permissions used when creating a file with os.Create", NewOsCreatePerms},
// crypto
{"G401", "Detect the usage of DES, RC4, MD5 or SHA1", NewUsesWeakCryptography},
{"G401", "Detect the usage of MD5 or SHA1", NewUsesWeakCryptographyHash},
{"G402", "Look for bad TLS connection settings", NewIntermediateTLSCheck},
{"G403", "Ensure minimum RSA key length of 2048 bits", NewWeakKeyStrength},
{"G404", "Insecure random number source (rand)", NewWeakRandCheck},
{"G405", "Detect the usage of DES or RC4", NewUsesWeakCryptographyEncryption},
// blocklist
{"G501", "Import blocklist: crypto/md5", NewBlocklistedImportMD5},