Create rule S5547: Cipher algorithms should be robust (#4652)

* Add go to rule S5547 * Add description for S5547 for Go --------- Co-authored-by: daniel-teuchert-sonarsource <daniel-teuchert-sonarsource@users.noreply.github.com> Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com>
2025-02-10 13:30:29 +01:00 · 2025-02-10 13:30:29 +01:00 · 162d5baaf8
commit 162d5baaf8
parent 19b9e223e1
2 changed files with 76 additions and 0 deletions
--- a/rules/S5547/go/metadata.json
+++ b/rules/S5547/go/metadata.json
@ -0,0 +1,2 @@
+{
+}
--- a/rules/S5547/go/rule.adoc
+++ b/rules/S5547/go/rule.adoc
@ -0,0 +1,74 @@
+include::../summary.adoc[]
+
+== Why is this an issue?
+
+include::../rationale.adoc[]
+
+include::../impact.adoc[]
+
+== How to fix it
+
+=== Code examples
+
+include::../common/fix/code-rationale.adoc[]
+
+==== Noncompliant code example
+
+[source,go,diff-id=1,diff-type=noncompliant]
+----
+import (
+	"crypto/des"
+	"crypto/rand"
+)
+
+func encrypt(message []byte, key []byte) []byte {
+    blockCipher, _ := des.NewCipher(key) // Noncompliant
+    cipherText := make([]byte, blockCipher.BlockSize())
+    blockCipher.Encrypt(cipherText, message)
+    return cipherText
+}
+----
+
+==== Compliant solution
+
+[source,go,diff-id=1,diff-type=compliant]
+----
+import (
+	"crypto/aes"
+	"crypto/rand"
+)
+
+func encrypt(message []byte, key []byte) []byte {
+    blockCipher, _ := aes.NewCipher(key)
+    cipherText := make([]byte, blockCipher.BlockSize())
+    blockCipher.Encrypt(cipherText, message)
+    return cipherText
+}
+----
+
+=== How does this work?
+
+include::../common/fix/strong-cryptography.adoc[]
+
+
+
+== Resources
+
+include::../common/resources/standards.adoc[]
+
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::../message.adoc[]
+
+'''
+== Comments And Links
+(visible only on this page)
+
+include::../comments-and-links.adoc[]
+
+endif::env-github,rspecator-view[]
+