CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
Documentation
API Reference
Start Here
  • What is CodeAnt?
  • Join Community
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
      • Biometrics-and-auth
      • Commoncrypto
        • Hardcoded-iv
        • Hardcoded-pbkdf2-passphrase
        • Hardcoded-realm
        • Hardcoded-salt
        • Hardcoded-symmetric-key
        • Insecure-crypto-aes-keysize
        • Insecure-crypto-algorithm-blowfish
        • Insecure-crypto-algorithm-des
        • Insecure-crypto-algorithm-rc4
        • Insecure-crypto-cbc-mode
        • Insecure-crypto-ecb-mode
        • Insecure-crypto-keystorage
          • Insecure crypto keystorage
        • Insecure-crypto-rsa-keysize
        • Insecure-hashing-algorithm-md2
        • Insecure-hashing-algorithm-md4
        • Insecure-hashing-algorithm-md5
        • Insecure-hashing-algorithm-sha1
        • Insufficient-pbkdf2-work-factor-sha1
        • Insufficient-pbkdf2-work-factor-sha256
        • Insufficient-pbkdf2-work-factor-sha512
        • Realmstate-encryption-missing
      • Cryptoswift
      • Insecure-communication
      • Lang
      • Pathtraversal
      • Sql
      • Sqllite
      • Webview
      • Webview
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Insecure-crypto-keystorage

Insecure crypto keystorage

insecure-crypto-keystorage

Key generation routines were identified where the resultant keys are not stored protected by the Secure Enclave. On iOS/macOS systems, cryptographic keys can be generated within the Secure Enclave - making them inaccessible to the rest of the system. The keys can be used for operations (signing, decryption, etc) but the private keys cannot be dumped or copied - even on rooted/jailbroken systems.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-922: Insecure Storage of Sensitive Information
OWASP:
- A01:2021 - Broken Access Control
Insecure crypto ecb modeInsecure crypto rsa keysize
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.