Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Sensitive Code Example

      using System.Security.Cryptography;
      
      void ComputeHash()
      {
          // Review all instantiations of classes that inherit from HashAlgorithm, for example:
          HashAlgorithm hashAlgo = HashAlgorithm.Create(); // Sensitive
          HashAlgorithm hashAlgo2 = HashAlgorithm.Create("SHA1"); // Sensitive
          SHA1 sha = new SHA1CryptoServiceProvider(); // Sensitive
          MD5 md5 = new MD5CryptoServiceProvider(); // Sensitive
          // ...
      }
      
      class MyHashAlgorithm : HashAlgorithm // Sensitive
      {
          // ...
      }
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              nicolas.harraudeau Nicolas Harraudeau
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: