Page History

This rule is a stub.

Several guidelines are instances of this one, including ERR01-J. Do not allow exceptions to expose sensitive information, DRD00. Do not store sensitive information on external storage (SD card) unless encrypted first, and DRD11. Ensure that sensitive data is kept secure.

Noncompliant Code Example

This noncompliant code example shows an example where ...

Code Block

bgColor	#FFCCCC

Compliant Solution

In this compliant solution, ...

Code Block

bgColor	#CCCCFF

Risk Assessment

Leaking sensitive information outside a trust boundary Using insecure or weak cryptographic algorithms is not a good idea.

Rule	Severity	Likelihood	Remediation Cost	Priority	Level

IDS15

MSC25-

J

C

Medium

Likely

Probable

High

P6

P4

L2

L3

Automated Detection

Tool	Version	Checker	Description

The Checker Framework

CodeSonar

Include Page

The Checker Framework

	CodeSonar_V

The Checker Framework

	CodeSonar_V

Tainting Checker

BADMACRO.WEAK_CRYPTO
BADFUNC.WEAKCRYPTO

Use of Weak Cryptographic Algorithm
Weak Cryptography

Related Guidelines

SEI CERT Oracle Coding Standard for Java

MSC61-J. Do not use insecure or weak cryptographic algorithms

Trust and security errors (see Chapter 8)

Space shortcuts

Page tree

Versions Compared

Old Version 2

New Version Current

Key

Noncompliant Code Example

Compliant Solution

Risk Assessment

Automated Detection

Related Guidelines

Bibliography