Module InsecureRandomness
Provides default sources, sinks and sanitizers for reasoning about random values that are not cryptographically secure, as well as extension points for adding your own.
Import path
import semmle.go.security.InsecureRandomnessCustomizations
Predicates
nonCryptoInterface | Gets an interface outside of the |
Classes
CryptographicSink | A cryptographic algorithm. |
HashAlgorithm | A function that hashes input, which is considered as a taint propagator for use of cryptographically insecure random values. |
InsecureRandomSource | A random source that is not sufficient for security use. So far this is only made up of the math package’s rand function, more insufficient random sources can be added here. |
PasswordFnSink | A use in a function that heuristically deals with passwords. |
Sanitizer | A sanitizer for insufficient random sources used as cryptographic keys |
Sink | A data flow sink for cryptographic algorithms that take a key as input |
Source | A data flow source for insufficient random sources |