gosec

actions/gosec

Fork 0

mirror of https://github.com/securego/gosec.git synced 2024-11-05 19:45:51 +00:00

Commit graph

Author	SHA1	Message	Date
Dimitar Banchev	0eb8143c23	Added new rule G407(hardcoded IV/nonce) The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms: * The different modes of AES (mainly tested here) * It should be able to work with ascon Currently the rules doesn't check when constant variables are used. TODO: Improve the rule, to detected for constatant variable usage	2024-08-30 19:35:07 +02:00

Author

SHA1

Message

Date

Dimitar Banchev

0eb8143c23

Added new rule G407(hardcoded IV/nonce)

The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms:

* The different modes of AES (mainly tested here)
* It should be able to work with ascon

Currently the rules doesn't check when constant variables are used.

TODO: Improve the rule, to detected for constatant variable usage

2024-08-30 19:35:07 +02:00

1 commit