ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S6293/kotlin/rule.adoc
github-actions[bot] 45046ce708
Create rule S6293: Using a biometric authentication independent of a cryptographic solution is security-sensitive (#92) 
* Create rule S6293

* init rspec s6293

* improve description and add java subtask

* fixes after review

Co-authored-by: eric-therond-sonarsource <eric-therond-sonarsource@users.noreply.github.com>
Co-authored-by: eric-therond-sonarsource <eric.therond@sonarsource.com>
2021-07-01 09:16:41 +00:00

26 lines
594 B
Plaintext
Raw Blame History

include::../description.adoc[]
== Noncompliant Code Example
A ``++CryptoObject++``is not used during authentication:
----
// ...
val biometricPrompt: BiometricPrompt = BiometricPrompt(activity, executor, callback)
// ...
biometricPrompt.authenticate(promptInfo) // Noncompliant
----
== Compliant Solution
A ``++CryptoObject++`` is used during authentication:
----
// ...
val biometricPrompt: BiometricPrompt = BiometricPrompt(activity, executor, callback)
// ...
biometricPrompt.authenticate(promptInfo, BiometricPrompt.CryptoObject(cipher)) // Compliant
----
include::../see.adoc[]
Reference in New Issue View Git Blame Copy Permalink