Home

Cryptographic Hash Functions should not use SHA-1 or Message-Digest Algorithms

Rule description

  • The SHA-1 and Message-Digest algorithms: MD2, MD4, MD5 and MD6 algorithms are no longer considered secure. Visual Expert will check if such algorithms are used in your PowerBuilder code and locate the corresponding calls, to help you update them with more secure ones.

 

Non-compliant Code Example

global function string callMD5 (integer id)
Blob lblb_data
Blob lblb_md5
lblb_data = Blob("Test MD5", EncodingANSI!)

CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject

// Encrypt with MD5
lblb_md5 = lnv_CrypterObject.MD5(lblb_data) // MD5 is not compliance

Return ""
end function
global function string testSHA (string text)

Blob lblb_data
Blob lblb_sha1
string ls_result

lblb_data = Blob(text, EncodingANSI!)

CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject

// Encrypt with SHA
lblb_sha1= lnv_CrypterObject.SHA(SHA1!, lblb_data) // SHA1! is not compliance

ls_result = string(lblb_sha1, EncodingANSI!)

Return ls_result
end function

Compliant Code Example

global function string testSHA (string text)

Blob lblb_data
Blob lblb_sha1
string ls_result

lblb_data = Blob(text, EncodingANSI!)

CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject

// Encrypt with SHA
lblb_sha1= lnv_CrypterObject.SHA(SHA256!, lblb_data) // SHA256! is compliance

ls_result = string(lblb_sha1, EncodingANSI!)

Return ls_result
end function
Visual Expert 2020
 VEPBRULE28