Avoid DES

Este producto no es compatible con el sitio Datadog seleccionado. ().
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Metadata

ID: swift-security/avoid-des

Language: Unknown

Severity: Info

Category: Best Practices

Description

This rule discourages the use of the DES (Data Encryption Standard) algorithm for cryptographic operations. DES is considered insecure due to its short key length and vulnerability to brute-force attacks, making it unsuitable for protecting sensitive data.

To comply with this rule, developers should avoid specifying “des” as the cryptographic algorithm in their code. Instead, use more secure alternatives such as AES (Advanced Encryption Standard), which provides stronger encryption and is widely supported.

Non-Compliant Code Examples

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "3des"

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "des"

let cryptor = try Cryptor(operation: .encrypt, algorithm: .des, options: .none, key: key, iv: [])

Compliant Code Examples

let cryptor = try Cryptor(operation: .encrypt, algorithm: .aes, options: .none, key: key, iv: [])

let crypt = CkoCrypt2()
crypt.CryptAlgorithm = "aes"
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Integraciones sin problemas. Prueba Datadog Code Security

Datadog Code Security