Checker Cryptography   as of Julia version 2.5.0 (built on 4 Jul 2018)

belongs to group Basic

Identify the use of unsafe cryptographic algorithms


Some cryptography algorithms are nowadays considered as outdated and unsafe or actually broken, since they are too easy to decode. This checker identifies uses of unsafe algorithms for cryptography.

Action: Use a safer cryptography algorithm.

Examples


Consider the following program:

import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;

import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;

public class BrokenAlgorithms {

  public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException {
    Cipher.getInstance("DES");
    Cipher.getInstance("MyComplexAlgo", "myProvider");
    Cipher.getInstance("MD5", "myProvider");

    Base64.decodeBase64("hello".getBytes());
  }
}

This checker issues the following warnings:

BrokenAlgorithms.java:10: [Cryptography: RiskyCryptographicAlgorithmWarning] A broken or risky cryptographic algorithm is used here
BrokenAlgorithms.java:12: [Cryptography: RiskyCryptographicAlgorithmWarning] A broken or risky cryptographic algorithm is used here
BrokenAlgorithms.java:14: [Cryptography: UnsafeBase64EncodingWarning] The Base64 encoding is used here, but it is nowadays easy to read

since DES and MD5 cryptography is nowadays considered as broken, while the Base64 encoding is relatively easy to decode.