rspec/rules/S2070/csharp/rule.adoc

The MD5 algorithm and its successor, SHA-1, are no longer considered secure, because it is too easy to create hash collisions with them. That is, it takes too little computational effort to come up with a different input that produces the same MD5 or SHA-1 hash, and using the new, same-hash value gives an attacker the same access as if he had the originally-hashed value. This applies as well to the other Message-Digest algorithms: MD2, MD4, MD6.

This rule tracks usage of the ``System.Security.Cryptography.CryptoConfig.CreateFromName()``, and ``System.Security.Cryptography.HashAlgorithm.Create()`` methods to instantiate MD5, DSA, HMACMD5, HMACRIPEMD160, RIPEMD-160 or SHA-1 algorithms, and of derived class instances of ``System.Security.Cryptography.SHA1`` and ``System.Security.Cryptography.MD5``.

Consider using safer alternatives, such as SHA-256, or SHA-3.

== Noncompliant Code Example

----
var hashProvider1 = new MD5CryptoServiceProvider(); //Noncompliant
var hashProvider2 = (HashAlgorithm)CryptoConfig.CreateFromName("MD5"); //Noncompliant
var hashProvider3 = new SHA1Managed(); //Noncompliant
var hashProvider4 = HashAlgorithm.Create("SHA1"); //Noncompliant
----

== Compliant Solution

----
var hashProvider1 = new SHA256Managed();
var hashProvider2 = (HashAlgorithm)CryptoConfig.CreateFromName("SHA256Managed");
var hashProvider3 = HashAlgorithm.Create("SHA256Managed");
----

include::../see.adoc[]
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`The MD5 algorithm and its successor, SHA-1, are no longer considered secure, because it is too easy to create hash collisions with them. That is, it takes too little computational effort to come up with a different input that produces the same MD5 or SHA-1 hash, and using the new, same-hash value gives an attacker the same access as if he had the originally-hashed value. This applies as well to the other Message-Digest algorithms: MD2, MD4, MD6.`

change the inline-code delimitters 2020-12-23 14:59:06 +01:00			This rule tracks usage of the ``System.Security.Cryptography.CryptoConfig.CreateFromName()``, and ``System.Security.Cryptography.HashAlgorithm.Create()`` methods to instantiate MD5, DSA, HMACMD5, HMACRIPEMD160, RIPEMD-160 or SHA-1 algorithms, and of derived class instances of ``System.Security.Cryptography.SHA1`` and ``System.Security.Cryptography.MD5``.
Add rules 2000-2999 2020-06-30 12:48:07 +02:00
			`Consider using safer alternatives, such as SHA-256, or SHA-3.`

			`== Noncompliant Code Example`

			`----`
			`var hashProvider1 = new MD5CryptoServiceProvider(); //Noncompliant`
			`var hashProvider2 = (HashAlgorithm)CryptoConfig.CreateFromName("MD5"); //Noncompliant`
			`var hashProvider3 = new SHA1Managed(); //Noncompliant`
			`var hashProvider4 = HashAlgorithm.Create("SHA1"); //Noncompliant`
			`----`

			`== Compliant Solution`

			`----`
			`var hashProvider1 = new SHA256Managed();`
			`var hashProvider2 = (HashAlgorithm)CryptoConfig.CreateFromName("SHA256Managed");`
			`var hashProvider3 = HashAlgorithm.Create("SHA256Managed");`
			`----`

			`include::../see.adoc[]`