MSC25-C. Do not use insecure or weak cryptographic algorithms
This rule is a stub.
Noncompliant Code Example
This noncompliant code example shows an example where ...
Non-compliant code
Compliant Solution
In this compliant solution, ...
Compliant code
Risk Assessment
Using insecure or weak cryptographic algorithms is not a good idea.
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| MSC25-C | Medium | Probable | No | No | P4 | L3 |
Automated Detection
| Tool | Version | Checker | Description |
|---|---|---|---|
| CodeSonar | 9.2p0 | BADMACRO.WEAK_CRYPTO BADFUNC.WEAKCRYPTO | Use of Weak Cryptographic AlgorithmWeak Cryptography |
| Security Reviewer - Static Reviewer | 6.02 | CE8 oppositeExpression redundantPointerOp RTOS_01 RTOS_02 RTOS_03 RTOS_04 RTOS_05 RTOS_06 RTOS_18 | Fully implemented |
Related Guidelines
| SEI CERT Oracle Coding Standard for Java | MSC61-J. Do not use insecure or weak cryptographic algorithms |