The MD5 algorithm and its successor, SHA-1, are no longer considered secure, because it is too easy to create hash collisions with them. That is, it takes too little computational effort to come up with a different input that produces the same MD5 or SHA-1 hash, and using the new, same-hash value gives an attacker the same access as if he had the originally-hashed value. This applies as well to the other Message-Digest algorithms: MD2, MD4, MD6, HAVAL-128, HMAC-MD5, DSA (which uses SHA-1), RIPEMD, RIPEMD-128, RIPEMD-160, HMACRIPEMD160.

The following APIs are tracked for use of obsolete crypto algorithms:

* java.security.AlgorithmParameters (JDK)

* java.security.AlgorithmParameterGenerator (JDK)

* java.security.MessageDigest (JDK)

* java.security.KeyFactory (JDK)

* java.security.KeyPairGenerator (JDK)

* java.security.Signature (JDK)

* javax.crypto.Mac (JDK)

* javax.crypto.KeyGenerator (JDK)

* org.apache.commons.codec.digest.DigestUtils (Apache Commons Codec)

* com.google.common.hash.Hashing (Guava)

* org.springframework.security.authentication.encoding.ShaPasswordEncoder (Spring Security 4.2.x)

* org.springframework.security.authentication.encoding.Md5PasswordEncoder (Spring Security 4.2.x)

* org.springframework.security.crypto.password.LdapShaPasswordEncoder (Spring Security 5.0.x)

* org.springframework.security.crypto.password.Md4PasswordEncoder (Spring Security 5.0.x)

* org.springframework.security.crypto.password.MessageDigestPasswordEncoder (Spring Security 5.0.x)

* org.springframework.security.crypto.password.NoOpPasswordEncoder (Spring Security 5.0.x)

* org.springframework.security.crypto.password.StandardPasswordEncoder (Spring Security 5.0.x)

Consider using safer alternatives, such as SHA-256, SHA-3 or adaptive one way functions like bcrypt or PBKDF2.

Noncompliant Code Example

MessageDigest md = MessageDigest.getInstance("SHA1");  // Noncompliant

Compliant Solution

MessageDigest md = MessageDigest.getInstance("SHA-256");

See

Deprecated

This rule is deprecated; use {rule:java:S4790}, {rule:java:S5344} instead.