Create rule S2053: Password hashing functions should use an unpredict…

…able salt (#4648)

* Add go to rule S2053

* Add description for S2053 for Go

---------

Co-authored-by: daniel-teuchert-sonarsource <[email protected]>
Co-authored-by: Daniel Teuchert <[email protected]>
Co-authored-by: daniel-teuchert-sonarsource <[email protected]>

rules/S2053/go/metadata.json

@@ -0,0 +1,2 @@
+{
+}

rules/S2053/go/rule.adoc

@@ -0,0 +1,71 @@
+include::../summary.adoc[]
+
+== Why is this an issue?
+
+include::../rationale.adoc[]
+
+include::../impact.adoc[]
+
+include::../exceptions.adoc[]
+
+// How to fix it section
+
+== How to fix it
+
+=== Code examples
+
+include::../common/fix/code-rationale.adoc[]
+
+==== Noncompliant code example
+
+[source,go,diff-id=1,diff-type=noncompliant]
+----
+import (
+    "crypto/sha256"
+    "golang.org/x/crypto/pbkdf2"
+)
+
+func example(password []byte) {
+    pbkdf2.Key(password, []byte("fixedSalt"), 4096, 32, sha256.New) // Noncompliant
+}
+----
+
+==== Compliant solution
+
+[source,go,diff-id=1,diff-type=compliant]
+----
+import (
+    "crypto/rand"
+    "crypto/sha256"
+    "golang.org/x/crypto/pbkdf2"
+)
+
+func example(password []byte) {
+    randomSalt := make([]byte, 32)
+    rand.Read(randomSalt)
+    pbkdf2.Key(password, randomSalt, 4096, 32, sha256.New)
+}
+----
+
+=== How does this work?
+
+include::../common/fix/salt.adoc[]
+
+Here, the compliant code example ensures the salt is random and has a sufficient
+length by calling the `crypto.rand.Read` function. This function internally
+uses a cryptographically secure pseudo-random number generator.
+
+
+== Resources
+
+include::../common/resources/standards.adoc[]
+
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::../message.adoc[]
+
+endif::env-github,rspecator-view[]