Home

SHA-1 and Message-Digest hash algorithms should not be used in secure contexts

  • Vulnerability
  • - Critical

Rule description

  • SHA-1 and Message-Digest hash algorithms should not be used in secure contexts

 

Non-compliant Code Example 

DECLARE
	hash_value varchar2;
BEGIN

  hash_value := DBMS_CRYPTO.HASH('demo text source', HASH_MD5); --Non compliant code (SHA-1 OR Message-Digest hash algorithms is used in secure contexts)

END;

Compliant Code Example

DECLARE
	hash_value varchar2;
BEGIN

  hash_value := DBMS_CRYPTO.HASH('demo text source', HASH_SH256); --Compliant code

END;
Visual Expert 2020
 VEPLSQLRULE137