S324 false negatives for synonyms of insecure algorithm names

[dscorbett]

Summary

hashlib-insecure-hash-function (S324) misses some insecure algorithm names that are equivalent to names that it currently flags. "ssl3-md5" and "1.2.840.113549.2.5" are synonyms of "md5". "sha-1", "ssl3-sha1", and "1.3.14.3.2.26" are synonyms of "sha1". Trailing spaces are ignored after any name. The details depend on the version of OpenSSL that Python is using, but those are the false negatives I’ve found on my machine.

import hashlib
print(hashlib.new("md5  ").hexdigest())
print(hashlib.new("sha-1").hexdigest())
print(hashlib.new("ssl3-md5").hexdigest())
print(hashlib.new("ssl3-sha1").hexdigest())
print(hashlib.new("1.3.14.3.2.26").hexdigest())
print(hashlib.new("1.2.840.113549.2.5").hexdigest())

Version

ruff 0.9.10 (0dfa810 2025-03-07)

[VascoSch92]

I opened a PR as I had already worked on a similar issue. I hope it is good.

Just out of curiosity: Is there a reference with a list of insecure hash functions and their aliases/equivalent names?

[dscorbett]

I found these aliases in the OpenSSL source: MD5 and SHA-1. Another insecure hash function, which is caught by the upstream flake8-bandit’s S324, is MD4. suspicious-insecure-hash-usage (S303) also flags MD2 and MD3. MD4 and MD2 also have OID aliases. I don’t know of one authoritative reference listing all insecure hash functions.

[MichaReiser]

While this is correct, I think it's fine to change the documentation to say that we only lint for guaranteed hash functions. I don't see us having the knowledge to maintain this list for all openssl supported hash functions (including some weird abbreviations). I'd also argue that most of them will be so rare, that it doesn't warrant our maintenance effort.