revert touching test

Author: sydseter

demos/android/MASVS-CRYPTO/MASTG-DEMO-0022/MASTG-DEMO-0022.md

@@ -28,6 +28,6 @@ The rule has identified two instances in the code file where insecure encryption
 
 ### Evaluation
 
-The test fails due to the use of risky or broken encryption algorithms, specifically DES, 3DES, RC4 and Blowfish.
+The test fails due to the use of weak encryption algorithms, specifically DES, 3DES, RC4 and Blowfish.
 
 See @MASTG-TEST-0221 for more information.

demos/android/MASVS-CRYPTO/MASTG-DEMO-0022/MastgTest.kt

@@ -13,7 +13,7 @@ import javax.crypto.SecretKey
 
 class MastgTest(private val context: Context) {
 
-    // Vulnerable encryption using DES (broken algorithm)
+    // Vulnerable encryption using DES (weak algorithm)
     fun vulnerableDesEncryption(data: String): String {
         try {
             // Weak key for DES
@@ -23,7 +23,7 @@ class MastgTest(private val context: Context) {
             val keyFactory = SecretKeyFactory.getInstance("DES")
             val secretKey: Key = keyFactory.generateSecret(keySpec)
 
-            // Broken encryption algorithm (DES)
+            // Weak encryption algorithm (DES)
             val cipher = Cipher.getInstance("DES")
             cipher.init(Cipher.ENCRYPT_MODE, secretKey)
 
@@ -35,7 +35,7 @@ class MastgTest(private val context: Context) {
     }
 
 
-    // Risky encryption using 3DES (Triple DES)
+    // Vulnerable encryption using 3DES (Triple DES)
     fun vulnerable3DesEncryption(data: String): String {
         try {
             val keyBytes = ByteArray(24)
@@ -44,7 +44,7 @@ class MastgTest(private val context: Context) {
             val keyFactory = SecretKeyFactory.getInstance("DESede")
             val secretKey: Key = keyFactory.generateSecret(keySpec)
 
-            // Risky encryption algorithm (3DES)
+            // Weak encryption algorithm (3DES)
             val cipher = Cipher.getInstance("DESede")
             cipher.init(Cipher.ENCRYPT_MODE, secretKey)
 
@@ -72,15 +72,15 @@ class MastgTest(private val context: Context) {
         }
     }
 
-    // Insecure encryption using Blowfish (broken algorithm)
+    // Insecure encryption using Blowfish (weak algorithm)
     fun vulnerableBlowfishEncryption(data: String): String {
         return try {
             // Weak key for Blowfish (insecure, small key size)
             val keyBytes = ByteArray(8) // Only 8 bytes (64-bit key) - not secure
             SecureRandom().nextBytes(keyBytes)
             val secretKey: SecretKey = SecretKeySpec(keyBytes, "Blowfish")
 
-            // Broken encryption algorithm (Blowfish)
+            // Weak encryption algorithm (Blowfish)
             val cipher = Cipher.getInstance("Blowfish")
             cipher.init(Cipher.ENCRYPT_MODE, secretKey)
 
@@ -95,16 +95,16 @@ class MastgTest(private val context: Context) {
     fun mastgTest(): String {
         val sensitiveString = "Hello from the OWASP MASTG Test app."
 
-        // Encrypt with broken DES
+        // Encrypt with weak DES
         val desEncryptedString = vulnerableDesEncryption(sensitiveString)
 
-        // Encrypt with risky 3DES
+        // Encrypt with weak 3DES
         val tripleDesEncryptedString = vulnerable3DesEncryption(sensitiveString)
 
         // Encrypt with deprecated RC4
         val rc4EncryptedString = vulnerableRc4Encryption(sensitiveString)
 
-        // Encrypt with broken Blowfish
+        // Encrypt with weak Blowfish
         val blowfishEncryptedString = vulnerableBlowfishEncryption(sensitiveString)
 
         // Returning the encrypted results

demos/android/MASVS-CRYPTO/MASTG-DEMO-0022/output.txt

@@ -6,7 +6,7 @@
 
     MastgTest_reversed.java
     ❯❱ rules.weak-encryption-algorithms
-          [MASVS-CRYPTO-1] Broken encryption algorithms found in use.
+          [MASVS-CRYPTO-1] Weak encryption algorithms found in use.
 
            39┆ Cipher cipher = Cipher.getInstance("DES");
             ⋮┆----------------------------------------