Use of constant salts¶
ID: swift/constant-saltKind: path-problemSecurity severity: 7.5Severity: errorPrecision: highTags: - security - external/cwe/cwe-760Query suites: - swift-code-scanning.qls - swift-security-extended.qls - swift-security-and-quality.qls
Click to see the query in the CodeQL repository
Constant salts should not be used for password hashing. Data hashed using constant salts are vulnerable to dictionary attacks, enabling attackers to recover the original input.
Recommendation¶
Use randomly generated salts to securely hash input data.
Example¶
The following example shows a few cases of hashing input data. In the ‘BAD’ cases, the salt is constant, making the generated hashes vulnerable to dictionary attacks. In the ‘GOOD’ cases, the salt is randomly generated, which protects the hashed data against recovery.
funcencrypt(padding:Padding){// ...// BAD: Using constant salts for hashingletbadSalt:Array<UInt8>=[0x2a,0x3a,0x80,0x05]letrandomArray=(0..<10).map({_inUInt8.random(in:0...UInt8.max)})_=tryHKDF(password:randomArray,salt:badSalt,info:randomArray,keyLength:0,variant:Variant.sha2)_=tryPKCS5.PBKDF1(password:randomArray,salt:badSalt,iterations:120120,keyLength:0)_=tryPKCS5.PBKDF2(password:randomArray,salt:badSalt,iterations:120120,keyLength:0)_=tryScrypt(password:randomArray,salt:badSalt,dkLen:64,N:16384,r:8,p:1)// GOOD: Using randomly generated salts for hashingletgoodSalt=(0..<10).map({_inUInt8.random(in:0...UInt8.max)})letrandomArray=(0..<10).map({_inUInt8.random(in:0...UInt8.max)})_=tryHKDF(password:randomArray,salt:goodSalt,info:randomArray,keyLength:0,variant:Variant.sha2)_=tryPKCS5.PBKDF1(password:randomArray,salt:goodSalt,iterations:120120,keyLength:0)_=tryPKCS5.PBKDF2(password:randomArray,salt:goodSalt,iterations:120120,keyLength:0)_=tryScrypt(password:randomArray,salt:goodSalt,dkLen:64,N:16384,r:8,p:1)// ...}
References¶
Common Weakness Enumeration:CWE-760.