python.lang.security.insecure-hash-algorithms.insecure-hash-algorithm-md5

Verifed by r2c
Community Favorite
profile photo of returntocorpreturntocorp
Author
99,223
Download Count*

Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.

Run Locally

Run in CI

Defintion

rules:
  - id: insecure-hash-algorithm-md5
    pattern: hashlib.md5(...)
    fix-regex:
      regex: md5
      replacement: sha256
    message: Detected MD5 hash algorithm which is considered insecure. MD5 is not
      collision resistant and is therefore not suitable as a cryptographic
      signature. Use SHA256 or SHA3 instead.
    metadata:
      source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L59
      cwe: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
      owasp: "A3: Sensitive Data Exposure"
      bandit-code: B303
      asvs:
        section: V6 Stored Cryptography Verification Requirements
        control_id: 6.2.2 Insecure Custom Algorithm
        control_url: https://github.com/OWASP/ASVS/blob/master/4.0/en/0x14-V6-Cryptography.md#v62-algorithms
        version: "4"
      references:
        - https://tools.ietf.org/html/rfc6151
        - https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision
        - https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html
      category: security
      technology:
        - python
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
    severity: WARNING
    languages:
      - python

Examples

insecure-hash-algorithms.py

# cf. https://github.com/PyCQA/bandit/blob/b78c938c0bd03d201932570f5e054261e10c5750/examples/crypto-md5.py

import hashlib

# ruleid:insecure-hash-algorithm-md5
hashlib.md5(1)
# ruleid:insecure-hash-algorithm-md5
hashlib.md5(1).hexdigest()

# ruleid:insecure-hash-algorithm-md5
abc = str.replace(hashlib.md5("1"), "###")

# ruleid:insecure-hash-algorithm-md5
print(hashlib.md5("1"))

# ruleid:insecure-hash-algorithm-sha1
hashlib.sha1(1)

# ok:insecure-hash-algorithm-sha1
# ok:insecure-hash-algorithm-md5
hashlib.sha256(1)