Use of a Broken or Risky Cryptographic Algorithm

scala.cryptography.scala_crypto_rule_custommessagedigest

Severity

low

Resource

Cryptography

Language

Scala

Description

Implementing a custom MessageDigest is error-prone. National Institute of Standards and Technology(NIST) recommends the use of SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, or SHA-512/256.

Rationale

Implementing a custom MessageDigest is error-prone. National Institute of Standards and Technology(NIST) recommends the use of SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, or SHA-512/256.

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References

CWE-327
OWASP Top 10 2021 - A02 : Cryptographic Failures.