diff --git a/rules/swift/security/hdkf-hardcoded-secret-swift.yml b/rules/swift/security/hdkf-hardcoded-secret-swift.yml deleted file mode 100644 index 989fb1de..00000000 --- a/rules/swift/security/hdkf-hardcoded-secret-swift.yml +++ /dev/null @@ -1,416 +0,0 @@ -id: hkdf-hardcoded-secret-swift -severity: warning -language: swift -message: >- - A secret is hard-coded in the application. Secrets stored in source - code, such as credentials, identifiers, and other types of sensitive data, - can be leaked and used by internal or external malicious actors. Use - environment variables to securely provide credentials and other secrets or - retrieve them from a secure vault or Hardware Security Module (HSM). -note: >- - [CWE-798] Use of Hard-coded Credentials. - [REFERENCES] - - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html - -ast-grep-essentials: true - -utils: - match_pattern_HKDF_expression_with_instance: - kind: call_expression - all: - - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^HKDF$ - - not: - inside: - kind: function_declaration - - not: - follows: - stopBy: end - kind: throw_keyword - - not: - inside: - stopBy: end - kind: throw_keyword - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^HKDF$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - kind: simple_identifier - nthChild: 2 - pattern: $R - - not: - inside: - stopBy: neighbor - kind: try_expression - - any: - - inside: - stopBy: end - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - stopBy: neighbor - kind: call_expression - pattern: Array($SECRET.utf8) - - follows: - stopBy: end - kind: property_declaration - all: - - has: - stopBy: end - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - stopBy: neighbor - kind: call_expression - pattern: Array($SECRET.utf8) - - match_pattern_try_expression_with_instance: - kind: try_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^HKDF$ - all: - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^HKDF$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - kind: simple_identifier - nthChild: 2 - pattern: $R - - any: - - inside: - stopBy: end - kind: property_declaration - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - kind: call_expression - pattern: Array($SECRET.utf8) - - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - kind: call_expression - pattern: Array($SECRET.utf8) - - match_pattern_HKDF_expression_directly: - kind: call_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^HKDF$ - all: - - not: - inside: - kind: function_declaration - - not: - follows: - stopBy: end - kind: throw_keyword - - not: - inside: - stopBy: end - kind: throw_keyword - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^HKDF$" - - has: - stopBy: neighbor - kind: call_suffix - all: - - has: - stopBy: end - kind: value_arguments - has: - kind: value_argument - all: - - has: - stopBy: end - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - not: - inside: - stopBy: end - kind: try_expression - - match_pattern_try_expression_directly: - kind: try_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^HKDF$ - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^HKDF$" - - has: - stopBy: neighbor - kind: call_suffix - all: - - has: - stopBy: end - kind: value_arguments - has: - kind: value_argument - all: - - has: - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - match_pattern_HKDF_expression_with_utf8: - kind: call_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^HKDF$ - all: - - not: - inside: - kind: function_declaration - - not: - follows: - stopBy: end - kind: throw_keyword - - not: - inside: - stopBy: end - kind: throw_keyword - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^HKDF$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - stopBy: end - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Array$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - has: - stopBy: neighbor - kind: navigation_expression - all: - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - has: - stopBy: neighbor - kind: navigation_suffix - has: - stopBy: neighbor - kind: simple_identifier - regex: "^utf8$" - - not: - inside: - stopBy: end - kind: try_expression - - match_pattern_try_expression_with_utf8: - kind: try_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^HKDF$ - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^HKDF$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - stopBy: end - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Array$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - has: - stopBy: neighbor - kind: navigation_expression - all: - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - has: - stopBy: neighbor - kind: navigation_suffix - has: - stopBy: neighbor - kind: simple_identifier - regex: "^utf8$" - -rule: - any: - - kind: try_expression - any: - - matches: match_pattern_try_expression_directly - - matches: match_pattern_try_expression_with_instance - - matches: match_pattern_try_expression_with_utf8 - - kind: call_expression - any: - - matches: match_pattern_HKDF_expression_directly - - matches: match_pattern_HKDF_expression_with_instance - - matches: match_pattern_HKDF_expression_with_utf8 -constraints: - SECRET: - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - field: text diff --git a/rules/swift/security/pkcs5-hardcoded-secret-swift.yml b/rules/swift/security/pkcs5-hardcoded-secret-swift.yml deleted file mode 100644 index faeafb4a..00000000 --- a/rules/swift/security/pkcs5-hardcoded-secret-swift.yml +++ /dev/null @@ -1,242 +0,0 @@ -id: pkcs5-hardcoded-secret-swift -language: swift -severity: warning -message: >- - A secret is hard-coded in the application. Secrets stored in source - code, such as credentials, identifiers, and other types of sensitive data, - can be leaked and used by internal or external malicious actors. Use - environment variables to securely provide credentials and other secrets or - retrieve them from a secure vault or Hardware Security Module (HSM). -note: >- - [CWE-798]: Use of Hard-coded Credentials - [REFERENCES] - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html - -ast-grep-essentials: true - -utils: - tryPKCS5.$FUNC(password:""): - kind: try_expression - has: - stopBy: end - kind: call_expression - all: - - has: - kind: navigation_expression - all: - - has: - kind: simple_identifier - regex: ^PKCS5$ - - has: - kind: navigation_suffix - - has: - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - kind: simple_identifier - regex: ^password$ - - has: - kind: line_string_literal - has: - kind: line_str_text - - PKCS5.$FUNC(password:""): - kind: call_expression - all: - - not: - inside: - stopBy: end - kind: try_expression - - has: - kind: navigation_expression - all: - - has: - kind: simple_identifier - regex: ^PKCS5$ - - has: - kind: navigation_suffix - - has: - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - kind: simple_identifier - regex: ^password$ - - has: - kind: line_string_literal - has: - kind: line_str_text - - tryPKCS5.$FUNC(password:Array("...".utf8)): - kind: try_expression - has: - stopBy: end - kind: call_expression - all: - - has: - kind: navigation_expression - all: - - has: - kind: simple_identifier - regex: ^PKCS5$ - - has: - kind: navigation_suffix - - has: - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - kind: simple_identifier - regex: ^password$ - - has: - kind: call_expression - pattern: Array("$PASS".utf8) - - PKCS5.$FUNC(password:Array("...".utf8)): - kind: call_expression - all: - - not: - inside: - stopBy: end - kind: try_expression - - has: - kind: navigation_expression - all: - - has: - kind: simple_identifier - regex: ^PKCS5$ - - has: - kind: navigation_suffix - - has: - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - kind: simple_identifier - regex: ^password$ - - has: - kind: call_expression - pattern: Array("$PASS".utf8) - - tryPKCS5.$FUNC(password:"")_with_Instance: - kind: try_expression - has: - stopBy: end - kind: call_expression - all: - - has: - kind: navigation_expression - all: - - has: - kind: simple_identifier - regex: ^PKCS5$ - - has: - kind: navigation_suffix - - has: - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - kind: simple_identifier - regex: ^password$ - nthChild: 1 - - has: - kind: simple_identifier - nthChild: 2 - pattern: $PSWD - - inside: - stopBy: end - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $PSWD - - has: - kind: call_expression - pattern: Array("$PASS".utf8) - - PKCS5.$FUNC(password:"")_with_Instance: - kind: call_expression - all: - - not: - inside: - stopBy: end - kind: try_expression - - has: - kind: navigation_expression - all: - - has: - kind: simple_identifier - regex: ^PKCS5$ - - has: - kind: navigation_suffix - - has: - kind: call_suffix - has: - stopBy: end - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - kind: simple_identifier - regex: ^password$ - nthChild: 1 - - has: - kind: simple_identifier - nthChild: 2 - pattern: $PSWD - - inside: - stopBy: end - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $PSWD - - has: - kind: call_expression - pattern: Array("$PASS".utf8) - -rule: - any: - - matches: tryPKCS5.$FUNC(password:"") - - matches: PKCS5.$FUNC(password:"") - - matches: tryPKCS5.$FUNC(password:Array("...".utf8)) - - matches: PKCS5.$FUNC(password:Array("...".utf8)) - - matches: tryPKCS5.$FUNC(password:"")_with_Instance - - matches: PKCS5.$FUNC(password:"")_with_Instance diff --git a/rules/swift/security/scrypt-hardcoded-secret-swift.yml b/rules/swift/security/scrypt-hardcoded-secret-swift.yml deleted file mode 100644 index 942442f1..00000000 --- a/rules/swift/security/scrypt-hardcoded-secret-swift.yml +++ /dev/null @@ -1,417 +0,0 @@ -id: scrypt-hardcoded-secret-swift -language: swift -severity: warning -message: >- - A secret is hard-coded in the application. Secrets stored in source - code, such as credentials, identifiers, and other types of sensitive data, - can be leaked and used by internal or external malicious actors. Use - environment variables to securely provide credentials and other secrets or - retrieve them from a secure vault or Hardware Security Module (HSM). -note: >- - [OWASP A07:2021]:Identification and Authentication Failures - [CWE-798]: Use of Hard-coded Credentials - [REFERENCES] - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html - -ast-grep-essentials: true - -utils: - match_pattern_Scrypt_expression_with_instance: - kind: call_expression - all: - - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^Scrypt$ - - not: - inside: - kind: function_declaration - - not: - follows: - stopBy: end - kind: throw_keyword - - not: - inside: - stopBy: end - kind: throw_keyword - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Scrypt$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: neighbor - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - kind: simple_identifier - nthChild: 2 - pattern: $R - - not: - inside: - stopBy: neighbor - kind: try_expression - - any: - - inside: - stopBy: end - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - stopBy: neighbor - kind: call_expression - pattern: Array($SECRET.utf8) - - follows: - stopBy: end - kind: property_declaration - all: - - has: - stopBy: end - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - stopBy: neighbor - kind: call_expression - pattern: Array($SECRET.utf8) - - match_pattern_try_expression_with_instance: - kind: try_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^Scrypt$ - all: - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Scrypt$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: neighbor - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - kind: simple_identifier - nthChild: 2 - pattern: $R - - any: - - inside: - stopBy: end - kind: property_declaration - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - kind: call_expression - pattern: Array($SECRET.utf8) - - follows: - stopBy: end - kind: property_declaration - all: - - has: - kind: pattern - has: - kind: simple_identifier - pattern: $R - - has: - kind: call_expression - pattern: Array($SECRET.utf8) - - match_pattern_Scrypt_expression_directly: - kind: call_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^Scrypt$ - all: - - not: - inside: - kind: function_declaration - - not: - follows: - stopBy: end - kind: throw_keyword - - not: - inside: - stopBy: end - kind: throw_keyword - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Scrypt$" - - has: - stopBy: neighbor - kind: call_suffix - all: - - has: - stopBy: neighbor - kind: value_arguments - has: - kind: value_argument - all: - - has: - stopBy: end - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - not: - inside: - stopBy: end - kind: try_expression - - match_pattern_try_expression_directly: - kind: try_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^Scrypt$ - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Scrypt$" - - has: - stopBy: neighbor - kind: call_suffix - all: - - has: - stopBy: neighbor - kind: value_arguments - has: - kind: value_argument - all: - - has: - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - match_pattern_Scrypt_expression_with_utf8: - kind: call_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^Scrypt$ - all: - - not: - inside: - kind: function_declaration - - not: - follows: - stopBy: end - kind: throw_keyword - - not: - inside: - stopBy: end - kind: throw_keyword - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Scrypt$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: neighbor - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - stopBy: end - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Array$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: neighbor - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - has: - stopBy: neighbor - kind: navigation_expression - all: - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - has: - stopBy: neighbor - kind: navigation_suffix - has: - stopBy: neighbor - kind: simple_identifier - regex: "^utf8$" - - not: - inside: - stopBy: end - kind: try_expression - - match_pattern_try_expression_with_utf8: - kind: try_expression - not: - inside: - stopBy: end - kind: call_expression - has: - kind: simple_identifier - regex: ^Scrypt$ - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Scrypt$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: neighbor - kind: value_arguments - has: - stopBy: end - kind: value_argument - all: - - has: - stopBy: end - kind: simple_identifier - regex: "^password$" - nthChild: 1 - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^Array$" - - has: - stopBy: neighbor - kind: call_suffix - has: - stopBy: neighbor - kind: value_arguments - has: - stopBy: neighbor - kind: value_argument - has: - stopBy: neighbor - kind: navigation_expression - all: - - has: - stopBy: neighbor - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - - has: - stopBy: neighbor - kind: navigation_suffix - has: - stopBy: neighbor - kind: simple_identifier - regex: "^utf8$" - -rule: - any: - - kind: try_expression - any: - - matches: match_pattern_try_expression_directly - - matches: match_pattern_try_expression_with_instance - - matches: match_pattern_try_expression_with_utf8 - - kind: call_expression - any: - - matches: match_pattern_Scrypt_expression_directly - - matches: match_pattern_Scrypt_expression_with_instance - - matches: match_pattern_Scrypt_expression_with_utf8 -constraints: - SECRET: - kind: line_string_literal - has: - stopBy: neighbor - kind: line_str_text - field: text diff --git a/rules/swift/security/swift-webview-config-base-url-swift.yml b/rules/swift/security/swift-webview-config-base-url-swift.yml deleted file mode 100644 index b2d8b609..00000000 --- a/rules/swift/security/swift-webview-config-base-url-swift.yml +++ /dev/null @@ -1,99 +0,0 @@ -id: swift-webview-config-base-url-swift -severity: warning -language: swift -message: >- - UIWebView instances were observed where the baseURL is misconfigured as - nil, which allows for origin abuse within the webview. In order to remove - the effective origin, the application should explicitly set the baseURL to - `about:blank` or similar. -note: >- - [CWE-272] Least Privilege Violation. - [REFERENCES] - - https://mas.owasp.org/MASVS/controls/MASVS-PLATFORM-2/ - -ast-grep-essentials: true - -utils: - matches_patttern_loadHTMLString_&_load: - kind: call_expression - all: - - has: - kind: navigation_expression - all: - - has: - kind: simple_identifier - pattern: $W - - has: - kind: navigation_suffix - has: - kind: simple_identifier - regex: ^(loadHTMLString|load)$ - - has: - kind: call_suffix - has: - stopBy: end - kind: value_argument - all: - - has: - kind: simple_identifier - regex: "^baseURL$" - - has: - regex: "^nil$" - - any: - - follows: - stopBy: end - kind: property_declaration - all: - - has: - stopBy: end - kind: pattern - has: - stopBy: neighbor - kind: simple_identifier - pattern: $W - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^UIWebView$" - - has: - stopBy: neighbor - kind: call_suffix - - inside: - stopBy: end - follows: - stopBy: end - kind: property_declaration - all: - - has: - stopBy: end - kind: pattern - has: - stopBy: neighbor - kind: simple_identifier - pattern: $W - - has: - stopBy: neighbor - kind: call_expression - all: - - has: - stopBy: neighbor - kind: simple_identifier - regex: "^UIWebView$" - - has: - stopBy: neighbor - kind: call_suffix -rule: - kind: call_expression - matches: matches_patttern_loadHTMLString_&_load - not: - all: - - has: - stopBy: end - kind: ERROR - - inside: - stopBy: end - kind: ERROR diff --git a/tests/__snapshots__/hkdf-hardcoded-secret-swift-snapshot.yml b/tests/__snapshots__/hkdf-hardcoded-secret-swift-snapshot.yml deleted file mode 100644 index 412e99fc..00000000 --- a/tests/__snapshots__/hkdf-hardcoded-secret-swift-snapshot.yml +++ /dev/null @@ -1,175 +0,0 @@ -id: hkdf-hardcoded-secret-swift -snapshots: - ? | - HKDF(password: "123", salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() - : labels: - - source: 'HKDF(password: "123", salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: primary - start: 0 - end: 66 - - source: HKDF - style: secondary - start: 0 - end: 4 - - source: password - style: secondary - start: 5 - end: 13 - - source: '123' - style: secondary - start: 16 - end: 19 - - source: '"123"' - style: secondary - start: 15 - end: 20 - - source: 'password: "123"' - style: secondary - start: 5 - end: 20 - - source: '(password: "123", salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: secondary - start: 4 - end: 66 - - source: '(password: "123", salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: secondary - start: 4 - end: 66 - ? | - HKDF(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() - : labels: - - source: 'HKDF(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: primary - start: 0 - end: 80 - - source: HKDF - style: secondary - start: 0 - end: 4 - - source: password - style: secondary - start: 5 - end: 13 - - source: Array - style: secondary - start: 15 - end: 20 - - source: hello - style: secondary - start: 22 - end: 27 - - source: '"hello"' - style: secondary - start: 21 - end: 28 - - source: utf8 - style: secondary - start: 29 - end: 33 - - source: .utf8 - style: secondary - start: 28 - end: 33 - - source: '"hello".utf8' - style: secondary - start: 21 - end: 33 - - source: '"hello".utf8' - style: secondary - start: 21 - end: 33 - - source: ("hello".utf8) - style: secondary - start: 20 - end: 34 - - source: ("hello".utf8) - style: secondary - start: 20 - end: 34 - - source: Array("hello".utf8) - style: secondary - start: 15 - end: 34 - - source: 'password: Array("hello".utf8)' - style: secondary - start: 5 - end: 34 - - source: '(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: secondary - start: 4 - end: 80 - - source: '(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: secondary - start: 4 - end: 80 - ? | - try HKDF(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() - : labels: - - source: 'try HKDF(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: primary - start: 0 - end: 84 - - source: HKDF - style: secondary - start: 4 - end: 8 - - source: password - style: secondary - start: 9 - end: 17 - - source: Array - style: secondary - start: 19 - end: 24 - - source: hello - style: secondary - start: 26 - end: 31 - - source: '"hello"' - style: secondary - start: 25 - end: 32 - - source: utf8 - style: secondary - start: 33 - end: 37 - - source: .utf8 - style: secondary - start: 32 - end: 37 - - source: '"hello".utf8' - style: secondary - start: 25 - end: 37 - - source: '"hello".utf8' - style: secondary - start: 25 - end: 37 - - source: ("hello".utf8) - style: secondary - start: 24 - end: 38 - - source: ("hello".utf8) - style: secondary - start: 24 - end: 38 - - source: Array("hello".utf8) - style: secondary - start: 19 - end: 38 - - source: 'password: Array("hello".utf8)' - style: secondary - start: 9 - end: 38 - - source: '(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: secondary - start: 8 - end: 84 - - source: '(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: secondary - start: 8 - end: 84 - - source: 'HKDF(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1)' - style: secondary - start: 4 - end: 84 diff --git a/tests/__snapshots__/pkcs5-hardcoded-secret-swift-snapshot.yml b/tests/__snapshots__/pkcs5-hardcoded-secret-swift-snapshot.yml deleted file mode 100644 index e366644b..00000000 --- a/tests/__snapshots__/pkcs5-hardcoded-secret-swift-snapshot.yml +++ /dev/null @@ -1,2 +0,0 @@ -id: pkcs5-hardcoded-secret-swift -snapshots: {} diff --git a/tests/__snapshots__/scrypt-hardcoded-secret-swift-snapshot.yml b/tests/__snapshots__/scrypt-hardcoded-secret-swift-snapshot.yml deleted file mode 100644 index d5fc76ad..00000000 --- a/tests/__snapshots__/scrypt-hardcoded-secret-swift-snapshot.yml +++ /dev/null @@ -1,2 +0,0 @@ -id: scrypt-hardcoded-secret-swift -snapshots: {} diff --git a/tests/__snapshots__/swift-webview-config-base-url-swift-snapshot.yml b/tests/__snapshots__/swift-webview-config-base-url-swift-snapshot.yml deleted file mode 100644 index 4cfb3e97..00000000 --- a/tests/__snapshots__/swift-webview-config-base-url-swift-snapshot.yml +++ /dev/null @@ -1,2 +0,0 @@ -id: swift-webview-config-base-url-swift -snapshots: {} diff --git a/tests/swift/hdkf-hardcoded-secret-swift-test.yml b/tests/swift/hdkf-hardcoded-secret-swift-test.yml deleted file mode 100644 index f62690a9..00000000 --- a/tests/swift/hdkf-hardcoded-secret-swift-test.yml +++ /dev/null @@ -1,11 +0,0 @@ -id: hkdf-hardcoded-secret-swift -valid: - - | - let key = try HKDF(password: password, salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() -invalid: - - | - HKDF(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() - - | - try HKDF(password: Array("hello".utf8), salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() - - | - HKDF(password: "123", salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() diff --git a/tests/swift/pkcs5-hardcoded-secret-swift-test.yml b/tests/swift/pkcs5-hardcoded-secret-swift-test.yml deleted file mode 100644 index 72dd3bd1..00000000 --- a/tests/swift/pkcs5-hardcoded-secret-swift-test.yml +++ /dev/null @@ -1,38 +0,0 @@ -id: pkcs5-hardcoded-secret-swift -valid: - - | - PKCS5.PBKDF2(password: password1, salt: salt, iterations: 4096, variant: .sha256).calculate() -invalid: - - | - let password: Array = Array("s33krit".utf8) - try PKCS5.PBKDF2(password: password, salt: salt, iterations: 4096, variant: .sha256).calculate() - - | - PKCS5.PBKDF2(password: "123", salt: salt, iterations: 4096, variant: .sha256).calculate() - - | - import Foundation - import CryptoSwift - func main() { - do { - let password = Array("s33krit".utf8) - let salt: Array = Array("nacllcan".utf8) - try PKCS5.h(password: password) - } catch { - print("Error: \(error)") - } - } - main() - - | - import Foundation - import CryptoSwift - func main() { - do { - let password = Array("s33krit".utf8) - let salt: Array = Array("nacllcan".utf8) - PKCS5.PBKDF2(password: password, salt: salt, iterations: 4096, variant: .sha256).calculate() - } catch { - print("Error: \(error)") - } - } - main() - - | - try PKCS5.ggg(password: "123", salt: salt, iterations: 4096, variant: .sha256).calculate() diff --git a/tests/swift/scrypt-hardcoded-secret-swift-test.yml b/tests/swift/scrypt-hardcoded-secret-swift-test.yml deleted file mode 100644 index c8be624d..00000000 --- a/tests/swift/scrypt-hardcoded-secret-swift-test.yml +++ /dev/null @@ -1,10 +0,0 @@ -id: scrypt-hardcoded-secret-swift -valid: - - | - try Scrypt(password: config, salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() -invalid: - - | - let ishan: Array = Array("s33krit".utf8) - let key = try Scrypt(password: ishan, salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() - - | - try Scrypt(password: "123", salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate() diff --git a/tests/swift/swift-webview-config-base-url-swift-test.yml b/tests/swift/swift-webview-config-base-url-swift-test.yml deleted file mode 100644 index 46b33ee1..00000000 --- a/tests/swift/swift-webview-config-base-url-swift-test.yml +++ /dev/null @@ -1,38 +0,0 @@ -id: swift-webview-config-base-url-swift -valid: - - | - let webview2 = WKWebView(...) - webview2.loadHTMLString(someHtmlString, baseURL: nil) -invalid: - - | - let webview = UIWebView(...) - webview.loadHTMLString(someHtmlString, baseURL: nil) - - | - let webview3 = UIWebView(...) - webview3.load(data, mimetype: "application/json", textEncodingName: "UTF8", baseURL: nil) - - | - let webview13 = UIWebView(frame: self.view.bounds) - let mixedContent = "" - let dataMixed = mixedContent.data(using: .utf8)! - webview13.load(dataMixed, mimetype: "text/html", textEncodingName: "UTF-8", baseURL: nil) - self.view.addSubview(webview13) - - | - let webview12 = UIWebView(frame: self.view.bounds) - let externalHtml = "" - webview12.loadHTMLString(externalHtml, baseURL: nil) - self.view.addSubview(webview12) - - | - let webview10 = UIWebView(frame: self.view.bounds) - let text = "This is a test." - let data = text.data(using: .utf8)! - webview10.load(data, mimetype: "text/plain", textEncodingName: "UTF-8", baseURL: nil) - self.view.addSubview(webview10) - - | - let webview9 = UIWebView(frame: self.view.bounds) - let dynamicHtml = "

Dynamic Content

" - webview9.loadHTMLString(dynamicHtml, baseURL: nil) - self.view.addSubview(webview9) - - | - let webview7 = UIWebView(frame: self.view.bounds) - webview7.load(data, mimetype: "application/json", textEncodingName: "UTF-8", baseURL: nil) - self.view.addSubview(webview7)