Closed ericwb closed 7 months ago
Specifically in the hashlib module, it specifies that secure alternatives to the random module should be used for crypto functions.
This rule checks various hashlib functions where a salt is provided via an insecure random function such as random.randbytes() or ssl.RAND_bytes()
Closes #229
Specifically in the hashlib module, it specifies that secure alternatives to the random module should be used for crypto functions.
This rule checks various hashlib functions where a salt is provided via an insecure random function such as random.randbytes() or ssl.RAND_bytes()
Closes #229