Make sure that encrypting data is safe here sonar c# SHA1Managed()

SHA1 test = new SHA1Managed();.
SHA1 sha = new SHA1CryptoServiceProvider();
var cryptoStream = new CryptoStream(memoryStream, rijndael.CreateEncryptor(), CryptoStreamMode.Write);
var cryptoStream = new CryptoStream(memoryStream, rijndael.CreateDecryptor(), CryptoStreamMode.Write);

These lines gimme Make sure that encrypting data is safe here

Could you help me?

Hello @Ronni_Oliveira,

Welcome to the community ! :smiley:
First of all there are couple of things that you’re expected to do when you post a question on the community. You should at least give more information about your environment, SonarQube version and Edition, and version of your (C#) Analyzer. Whenever needed provide enough description of your problem and the context.
Please make sure you do so in further posts :white_check_mark: . Thank you.

About your question:
What you are looking at is a Hotspot, a concept unique to SonarQube. You should read about it before understanding what you have to do with it (In short: review and decide if that security piece of code is safe or not).
Also the rule (presumably csharpsquid:S4787) that triggers the hotspot is hugely documented, I also invite you to read the rule description, from the link below of self documented directly in your SonarQube instance
Hotspots:

Rule csharpsquid:S4787 : https://rules.sonarsource.com/csharp/RSPEC-4787?search=encryption

Bye

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.