mirror of
https://github.com/securego/gosec.git
synced 2024-11-05 11:35:51 +00:00
9a4a741e6b
* Rule G406 responsible for the usage of deprecated MD4 and RIPEMD160 added. * Rules G506, G507 responsible for tracking the usage of the already mentioned libraries added. * Slight changes in the Makefile(`make clean` wasn't removing all expected files) * Added license to `analyzer_test.go`
45 lines
717 B
Go
45 lines
717 B
Go
package testutils
|
|
|
|
import "github.com/securego/gosec/v2"
|
|
|
|
var (
|
|
// SampleCodeG406 - Use of deprecated weak crypto hash MD4
|
|
SampleCodeG406 = []CodeSample{
|
|
{[]string{`
|
|
package main
|
|
|
|
import (
|
|
"encoding/hex"
|
|
"fmt"
|
|
|
|
"golang.org/x/crypto/md4"
|
|
)
|
|
|
|
func main() {
|
|
h := md4.New()
|
|
h.Write([]byte("test"))
|
|
fmt.Println(hex.EncodeToString(h.Sum(nil)))
|
|
}
|
|
`}, 1, gosec.NewConfig()},
|
|
}
|
|
|
|
// SampleCodeG406b - Use of deprecated weak crypto hash RIPEMD160
|
|
SampleCodeG406b = []CodeSample{
|
|
{[]string{`
|
|
package main
|
|
|
|
import (
|
|
"encoding/hex"
|
|
"fmt"
|
|
|
|
"golang.org/x/crypto/ripemd160"
|
|
)
|
|
|
|
func main() {
|
|
h := ripemd160.New()
|
|
h.Write([]byte("test"))
|
|
fmt.Println(hex.EncodeToString(h.Sum(nil)))
|
|
}
|
|
`}, 1, gosec.NewConfig()},
|
|
}
|
|
)
|