Description
CWE: 321 Use of Hard-coded Cryptographic Key
BadSource: Copy a hardcoded value into cryptoKey
GoodSource: Read cryptoKey from the console
Sinks:
BadSink : Hash cryptoKey and use the value to encrypt a string
Flow Variant: 83 Data flow: data passed to class constructor and destructor by declaring the class object on the stack
Flaws
Test Suites
Documentation
Have any comments on this test case? Please, send us an email.