Avoid sha1

Este producto no es compatible con el sitio Datadog seleccionado. ().
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Metadata

ID: swift-security/avoid-sha1

Language: Unknown

Severity: Warning

Category: Security

Description

This rule flags the usage of the SHA-1 hashing algorithm in Swift code. SHA-1 is considered cryptographically weak and vulnerable to collision attacks, which can compromise data integrity and security. Using SHA-1 can expose applications to potential exploits, especially in security-sensitive contexts like password hashing, digital signatures, or data verification.

To ensure stronger security, developers should avoid calling .sha1() and instead use more secure hashing algorithms such as SHA-256. For example, replacing message.sha1() with message.sha256() significantly improves resistance against cryptographic attacks. Adopting modern and robust algorithms helps maintain the confidentiality and integrity of data.

Non-Compliant Code Examples

let digest = message.sha1();

Compliant Code Examples

let digest = message.sha256();
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Integraciones sin problemas. Prueba Datadog Code Security

Datadog Code Security