Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Broken Cryptography

0 Kudos

Broken Cryptography

Status: New Submitted by on ‎05-04-2021 03:03 AM
1 Comment (1 New)

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.Attacker may be able to break the algorithm and compromise whatever data has been protected that may result in the exposure of sensitive information.

1.Do not develop custom or private cryptographic algorithms.

2.Ensure that you use a strong, modern cryptographic algorithm.

Use at least AES-128 or RSA-2048. For more information refer: http://wiki.scap.org.cn/cwe/en/definition/327

ex : $sha1Sum = sha1($contents);

 

$cacheKey = sha1($routePath . $this->serializer->serialize($cachedParams));

if (!isset($this->cacheUrl[$cacheKey])) { $this->cacheUrl[$cacheKey] = $this->getUrlModifier()->execute( $this->createUrl($routePath, $routeParams) ); }

in vendor\magento\framework\Url.php (Line:870) file, SHA1 used. We can use the modern crypto algorithm.

CWE Code : CWE-327

See more ideas labeled with:
1 Comment
dedward147887c
Occasional Contributor
‎08-17-2022 02:07 PM
‎08-17-2022 02:07 PM

If you decided to know trading and mining processes, it's worth to learn more about it on some sources. In my opinion, I think you should read more information about crypto mining on this weblink https://tabtrader.com/articles/what-is-cryptocurrency-mining. Since I found this source, I acquired more knowledge about cryptocurrency mining process and I started to earn more and more ery day. I think you may also try to use it.