Reversible One Way Hash in golang.org/x/crypto Package
The Go golang.org/x/crypto package provides a number of functions for
hashing data. However, some of the hash algorithms supported by hashlib are
insecure and should not be used. These insecure hash algorithms include MD4
and RIPEMD160.
The MD4 hash algorithm is a cryptographic hash function that was designed in the late 1980s. MD4 is no longer considered secure, and passwords hashed with MD4 can be easily cracked by attackers.
RIPEMD is a cryptographic hash function that was designed in 1996. It is considered to be a secure hash function, but it is not as secure as SHA-256, SHA-384, or SHA-512. In 2017, a collision attack was found for RIPEMD-160. This means that it is possible to find two different messages that have the same RIPEMD-160 hash. While this does not mean that RIPEMD-160 is completely insecure, it does mean that it is not as secure as it once was.
Examples
package main
import (
"golang.org/x/crypto/md4"
"fmt"
)
func main() {
h := md4.New()
h.Write([]byte("hello world\n"))
fmt.Printf("%x", h.Sum(nil))
}
Remediation
The recommendation is to swap the insecure hashing method to one of the more
secure alternatives, sha256 or sha512.
package main
import (
"crypto/sha256"
"fmt"
)
func main() {
h := sha256.New()
h.Write([]byte("hello world\n"))
fmt.Printf("%x", h.Sum(nil))
}
False Positives
In the case of a false positive the rule can be suppressed. Simply add a
trailing or preceding comment line with either the rule ID (GO503) or
rule category name (reversible_one_way_hash).
- Using rule ID
- Using category name
package main
import (
"golang.org/x/crypto/md4"
"fmt"
)
func main() {
// suppress: GO503
h := md4.New()
h.Write([]byte("hello world\n"))
fmt.Printf("%x", h.Sum(nil))
}
package main
import (
"golang.org/x/crypto/md4"
"fmt"
)
func main() {
// suppress: reversible_one_way_hash
h := md4.New()
h.Write([]byte("hello world\n"))
fmt.Printf("%x", h.Sum(nil))
}