Skip to content

Commit 80afa65

Browse files
geoffw0geoffw0
committed
Swift: Add GOOD and BAD comments.
1 parent 657e4d4 commit 80afa65

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

swift/ql/src/queries/Security/CWE-328/WeakPasswordHashingBad.swift

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
let passwordData = Data(passwordString.utf8)
2-
let passwordHash = Crypto.SHA512.hash(data: passwordData)
2+
let passwordHash = Crypto.SHA512.hash(data: passwordData) // BAD: SHA-512 is not suitable for password hashing.
33

44
// ...
55

swift/ql/src/queries/Security/CWE-328/WeakPasswordHashingGood.swift

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
import Argon2Swift
22

33
let salt = Salt.newSalt()
4-
let result = try! Argon2Swift.hashPasswordString(password: passwordString, salt: salt)
4+
let result = try! Argon2Swift.hashPasswordString(password: passwordString, salt: salt) // GOOD: Argon2 is suitable for password hashing.
55
let passwordHash = result.encodedString()
66

77
// ...

0 commit comments

Comments
 (0)