23 lines
640 B
YAML
23 lines
640 B
YAML
# Copyright (c) HashiCorp, Inc.
|
|
# SPDX-License-Identifier: MPL-2.0
|
|
|
|
rules:
|
|
- id: use-hmac-equal
|
|
patterns:
|
|
- pattern-either:
|
|
- pattern: |
|
|
$MAC = hmac.New(...)
|
|
...
|
|
$H = $MAC.Sum(...)
|
|
...
|
|
bytes.Equal($H, ...)
|
|
- pattern: |
|
|
$MAC = hmac.New(...)
|
|
...
|
|
$H = $MAC.Sum(...)
|
|
...
|
|
bytes.Equal(..., $H)
|
|
message: "Comparing a MAC with bytes.Equal()"
|
|
languages: [go]
|
|
severity: ERROR
|