Home

SHA-1 and Message-Digest hash algorithms should not be used in secure contexts

Rule description

  • SHA-1 and Message-Digest hash algorithms should not be used in secure contexts

 

Non-compliant Code Example

DECLARE @hashText nvarchar(32);  
SET @hashText = CONVERT(nvarchar(32),'asffafffsdfasdaffs%knhtu76sdfasdfafff');  
SELECT HASHBYTES('SHA1', @hashText); --Non complaint code (SHA-1 and Message-Digest hash algorithms should not be used in secure contexts)

GO

DECLARE @hashText nvarchar(32);  
SET @hashText = CONVERT(nvarchar(32),'asffaffffasdfaadfs%knhtu76sdfasdfafff');  
SELECT HASHBYTES('MD5', @hashText); --Non complaint code (SHA-1 and Message-Digest hash algorithms should not be used in secure contexts)

GO
Visual Expert 2020
 VETSQLRULE59