avoid-weak-cryptographic-algorithms
Warns when a weak cryptographic algorithm (ex. md5 or sha1) is used.
Although there are still some valid cases to use those algorithms, it's best to avoid them if you need to secure the data. Consider using more advanced algorithms instead.
Example
❌ Bad:
import 'dart:convert';
import 'package:crypto/crypto.dart';
void main() {
md5; // LINT
sha1; // LINT
final key = utf8.encode('password1234');
final hmacMd5 = Hmac(md5, key); // LINT
final hmacSha1 = Hmac(sha1, key); // LINT
DES(); // LINT
DES3(); // LINT
RC4(); // LINT
}
✅ Good:
import 'dart:convert';
import 'package:crypto/crypto.dart';
void main() {
sha256;
final hmacSha256 = Hmac(sha256, key);
}