Avoid sha1

This product is not supported for your selected Datadog site. ().
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

ID: swift-security/avoid-sha1

Language: Swift

Severity: Warning

Category: Security

Description

This rule flags the usage of the SHA-1 hashing algorithm in Swift code. SHA-1 is considered cryptographically weak and vulnerable to collision attacks, which can compromise data integrity and security. Using SHA-1 can expose applications to potential exploits, especially in security-sensitive contexts like password hashing, digital signatures, or data verification.

To ensure stronger security, developers should avoid calling .sha1() and instead use more secure hashing algorithms such as SHA-256. For example, replacing message.sha1() with message.sha256() significantly improves resistance against cryptographic attacks. Adopting modern and robust algorithms helps maintain the confidentiality and integrity of data.

Non-Compliant Code Examples

let digest = message.sha1();

Compliant Code Examples

let digest = message.sha256();
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

원활한 통합. Datadog Code Security를 경험해 보세요

Datadog Code Security