# The hash functions with md5, sha1, ripemd (128-bit), and sha should be highlighted,# as they are cryptographically weak and can be easily broken.defmoduleInsecureHashExampledo# Insecure hash function using MD5defpinsecure_hash_one(data)do# check this:cr.hash(data,:md5)|>Base.encode16(case::lower)end# Insecure hash function using sha1defpinsecure_hash_one(data)do# validate spacing :crypto.hash(data,:sha1)|>Base.encode16(case::lower)end# Spacing does not matter:crypto.hash(:md5,data)hex=Base.encode16(:crypto.hash(:ripemd160,data))
Compliant Code Examples
# The hash functions other than md5, sha1, ripemd (128-bit), and sha are not highlighted# as they are cryptographically strong and cannot be broken via standard hardware.defmodulePasswordComparedodefoption_one(password,md5_hash)docase:crypto.hash(:sha2,password)==md5_hashdotrue->:entry_granted_op1false->:entry_denied_op1endendenda=:crypto.hash(:sha3,something)
シームレスな統合。 Datadog Code Security をお試しください
Datadog Code Security
このルールを試し、Datadog Code Security でコードを解析する
このルールの使用方法
1
2
rulesets:- elixir-security # Rules to enforce Elixir security.