2021-07-04 16:36:55 +00:00
|
|
|
// @ts-check
|
2017-10-19 23:01:08 +00:00
|
|
|
|
2021-07-04 16:36:55 +00:00
|
|
|
/**
|
|
|
|
* @typedef {import('eslint').Rule.RuleModule} RuleModule
|
|
|
|
*/
|
2017-10-19 23:01:08 +00:00
|
|
|
|
2021-07-04 16:36:55 +00:00
|
|
|
/** @type {RuleModule} */
|
2017-10-19 23:01:08 +00:00
|
|
|
module.exports = {
|
|
|
|
meta: {
|
|
|
|
docs: {
|
|
|
|
description: 'Do not use insecure sources for random bytes',
|
|
|
|
category: 'Best Practices',
|
|
|
|
},
|
2021-07-04 16:36:55 +00:00
|
|
|
// strings from https://github.com/Microsoft/tslint-microsoft-contrib/blob/b720cd9/src/insecureRandomRule.ts
|
|
|
|
messages: {
|
|
|
|
mathRandomInsecure:
|
|
|
|
'Math.random produces insecure random numbers. Use crypto.randomBytes() or window.crypto.getRandomValues() instead',
|
|
|
|
pseudoRandomBytesInsecure:
|
|
|
|
'crypto.pseudoRandomBytes produces insecure random numbers. Use crypto.randomBytes() instead',
|
|
|
|
},
|
2017-10-19 23:01:08 +00:00
|
|
|
},
|
|
|
|
create(context) {
|
|
|
|
return {
|
|
|
|
CallExpression(node) {
|
|
|
|
const { callee } = node
|
2021-07-04 16:36:55 +00:00
|
|
|
|
2017-10-19 23:01:08 +00:00
|
|
|
if (
|
2021-07-04 16:36:55 +00:00
|
|
|
callee.type === 'MemberExpression' &&
|
|
|
|
callee.object.type === 'Identifier' &&
|
2017-10-19 23:01:08 +00:00
|
|
|
callee.object.name === 'Math' &&
|
2021-07-04 16:36:55 +00:00
|
|
|
callee.property.type === 'Identifier' &&
|
2017-10-19 23:01:08 +00:00
|
|
|
callee.property.name === 'random'
|
|
|
|
) {
|
2021-07-04 16:36:55 +00:00
|
|
|
context.report({ node, messageId: 'mathRandomInsecure' })
|
2017-10-19 23:01:08 +00:00
|
|
|
}
|
2021-07-04 16:36:55 +00:00
|
|
|
|
2017-10-19 23:01:08 +00:00
|
|
|
if (
|
2021-07-04 16:36:55 +00:00
|
|
|
(callee.type === 'MemberExpression' &&
|
|
|
|
callee.property.type === 'Identifier' &&
|
2017-10-19 23:01:08 +00:00
|
|
|
callee.property.name === 'pseudoRandomBytes') ||
|
2021-07-04 16:36:55 +00:00
|
|
|
(callee.type === 'Identifier' && callee.name === 'pseudoRandomBytes')
|
2017-10-19 23:01:08 +00:00
|
|
|
) {
|
2021-07-04 16:36:55 +00:00
|
|
|
context.report({ node, messageId: 'pseudoRandomBytesInsecure' })
|
2017-10-19 23:01:08 +00:00
|
|
|
}
|
|
|
|
},
|
|
|
|
}
|
|
|
|
},
|
|
|
|
}
|