Use of a Broken or Risky Cryptographic Algorithm
ID |
scala.cryptography.scala_crypto_rule_nullcipher |
Severity |
low |
Resource |
Cryptography |
Language |
Scala |
Description
The NullCipher implements the Cipher interface by returning ciphertext identical to the supplied plaintext. In a few contexts, such as testing, a NullCipher may be appropriate. Avoid using the NullCipher. Its accidental use can introduce a significant confidentiality risk.
Rationale
The NullCipher implements the Cipher interface by returning ciphertext identical to the supplied plaintext. In a few contexts, such as testing, a NullCipher may be appropriate. Avoid using the NullCipher. Its accidental use can introduce a significant confidentiality risk.
Remediation
Follow secure coding practices and review the references below for detailed remediation guidance.
References
-
OWASP Top 10 2021 - A02 : Cryptographic Failures.