← 返回首页
Use of constant salts — CodeQL query help documentation CodeQL docs
CodeQL documentation
CodeQL resources

Use of constant salts

ID: swift/constant-salt Kind: path-problem Security severity: 7.5 Severity: error Precision: high Tags: - security - external/cwe/cwe-760 Query suites: - swift-code-scanning.qls - swift-security-extended.qls - swift-security-and-quality.qls

Click to see the query in the CodeQL repository

Constant salts should not be used for password hashing. Data hashed using constant salts are vulnerable to dictionary attacks, enabling attackers to recover the original input.

Recommendation

Use randomly generated salts to securely hash input data.

Example

The following example shows a few cases of hashing input data. In the ‘BAD’ cases, the salt is constant, making the generated hashes vulnerable to dictionary attacks. In the ‘GOOD’ cases, the salt is randomly generated, which protects the hashed data against recovery.

func encrypt(padding : Padding) { // ... // BAD: Using constant salts for hashing let badSalt: Array<UInt8> = [0x2a, 0x3a, 0x80, 0x05] let randomArray = (0..<10).map({ _ in UInt8.random(in: 0...UInt8.max) }) _ = try HKDF(password: randomArray, salt: badSalt, info: randomArray, keyLength: 0, variant: Variant.sha2) _ = try PKCS5.PBKDF1(password: randomArray, salt: badSalt, iterations: 120120, keyLength: 0) _ = try PKCS5.PBKDF2(password: randomArray, salt: badSalt, iterations: 120120, keyLength: 0) _ = try Scrypt(password: randomArray, salt: badSalt, dkLen: 64, N: 16384, r: 8, p: 1) // GOOD: Using randomly generated salts for hashing let goodSalt = (0..<10).map({ _ in UInt8.random(in: 0...UInt8.max) }) let randomArray = (0..<10).map({ _ in UInt8.random(in: 0...UInt8.max) }) _ = try HKDF(password: randomArray, salt: goodSalt, info: randomArray, keyLength: 0, variant: Variant.sha2) _ = try PKCS5.PBKDF1(password: randomArray, salt: goodSalt, iterations: 120120, keyLength: 0) _ = try PKCS5.PBKDF2(password: randomArray, salt: goodSalt, iterations: 120120, keyLength: 0) _ = try Scrypt(password: randomArray, salt: goodSalt, dkLen: 64, N: 16384, r: 8, p: 1) // ... }

References