The MD5 algorithm and its successor, SHA-1, are no longer considered secure, because it is too easy to create hash collisions with them. That is, it takes too little computational effort to come up with a different input that produces the same MD5 or SHA-1 hash, and using the new, same-hash value gives an attacker the same access as if he had the originally-hashed value. This applies as well to the other Message-Digest algorithms: MD2, MD4, MD6, HAVAL-128, HMAC-MD5, DSA (which uses SHA-1), RIPEMD, RIPEMD-128, RIPEMD-160, HMACRIPEMD160. The following APIs are tracked for use of obsolete crypto algorithms: * ``++java.security.AlgorithmParameters++`` (JDK) * ``++java.security.AlgorithmParameterGenerator++`` (JDK) * ``++java.security.MessageDigest++`` (JDK) * ``++java.security.KeyFactory++`` (JDK) * ``++java.security.KeyPairGenerator++`` (JDK) * ``++java.security.Signature++`` (JDK) * ``++javax.crypto.Mac++`` (JDK) * ``++javax.crypto.KeyGenerator++`` (JDK) * ``++org.apache.commons.codec.digest.DigestUtils++`` (Apache Commons Codec) * ``++org.springframework.util.DigestUtils++`` * ``++com.google.common.hash.Hashing++`` (Guava) * ``++org.springframework.security.authentication.encoding.ShaPasswordEncoder++`` (Spring Security 4.2.x) * ``++org.springframework.security.authentication.encoding.Md5PasswordEncoder++`` (Spring Security 4.2.x) * ``++org.springframework.security.crypto.password.LdapShaPasswordEncoder++`` (Spring Security 5.0.x) * ``++org.springframework.security.crypto.password.Md4PasswordEncoder++`` (Spring Security 5.0.x) * ``++org.springframework.security.crypto.password.MessageDigestPasswordEncoder++`` (Spring Security 5.0.x) * ``++org.springframework.security.crypto.password.NoOpPasswordEncoder++`` (Spring Security 5.0.x) * ``++org.springframework.security.crypto.password.StandardPasswordEncoder++`` (Spring Security 5.0.x) include::../ask-yourself.adoc[] include::../recommended.adoc[] == Sensitive Code Example ---- val md1: MessageDigest = MessageDigest.getInstance("SHA"); // Sensitive: SHA is not a standard name, for most security providers it's an alias of SHA-1 val md2: MessageDigest = MessageDigest.getInstance("SHA1"); // Sensitive ---- == Compliant Solution [source,kotlin] ---- val md1: MessageDigest = MessageDigest.getInstance("SHA-512"); // Compliant ---- include::../see-mobile.adoc[] ifdef::env-github,rspecator-view[] ''' == Implementation Specification (visible only on this page) include::../message.adoc[] include::../highlighting.adoc[] ''' == Comments And Links (visible only on this page) include::../comments-and-links.adoc[] endif::env-github,rspecator-view[]