DevSkim icon indicating copy to clipboard operation
DevSkim copied to clipboard
verified publisher icon microsoft

[False Positive] DS106863 - The DES cipher was found, which is widely considered to be broken.

Open pocki opened this issue 1 year ago • 1 comments

Rule ID

DS106863 The DES cipher was found, which is widely considered to be broken.

What the rule matched

var location = "some text DES";
//...
if (location.EndsWith("DES")) //<-- The DES cipher was found, which is widely considered to be broken.
{
  location = location[..^4];
}

Why should this not be matched?

Is is just a string in a string comparision.

pocki avatar Sep 16 '24 11:09 pocki

Unfortunately, yes, this rule is implemented as a string comparison and likely could be improved.

https://github.com/microsoft/DevSkim/blob/9fa526953c914cfbbb883e106b52441d73f360dc/rules/default/security/cryptography/ciphers.json#L96

gfs avatar Dec 05 '24 22:12 gfs