Uploaded image for project: 'SonarSwift'
  1. SonarSwift
  2. SONARSWIFT-381

Rule S2278: Neither DES (Data Encryption Standard) nor DESede (3DES) should be used

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.0
    • Component/s: Rules
    • Labels:
      None

      Description

      This rule should raise an issue when:

      • ChilkatSoft: the CryptAlgorithm field of a CkoCrypt2() object is set to "3des" or "des": see Examples and Docs
      • IBM BlueCryptor : the algorithm parameter of the Cryptor object is set to .des or .tripleDes
      • "3DES" or "DES" are assigned to constant or enum value that contain "algorithm" in their name
      • as a safety net for usage of the Objective-C CommonCrypto library with Swift (it is possible, see thread): raise for identifiers kCCAlgorithmDES and kCCAlgorithm3DES (see wrapper)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                andrei.epure Andrei Epure
                Reporter:
                alexandre.gigleux Alexandre Gigleux
              • Votes:
                1 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: