MASVS-CRYPTO: MASVS-CRIPTOGRAFIA

Checklists Updated (June 2025)

The checklists now include all MASTG tests, as well as updated mappings to the new MAS profiles.

MASVS-ID MASTG-TEST-ID Control / MASTG Test Platform L1 L2 R P Status
MASVS-CRYPTO-1 The app employs current strong cryptography and uses it according to industry best practices.
MASTG-TEST-0013 Teste de Criptografia Simétrica platform:android profile:L1 profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0204 Uso Inseguro de API de Aleatoriedade platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0232 Modos de Criptografia Simétrica Comprometidos platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0016 Teste de Geração de Números Aleatórios platform:android profile:L1 profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0221 Algoritmos de Criptografia Simétrica Quebrados platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0014 Teste da Configuração de Algoritmos Padrão de Criptografia platform:android profile:L1 profile:L2 update-pendingstatus:update-pending
MASTG-TEST-0205 Uso de Fontes Não Aleatórias platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0061 Verificação da Configuração de Algoritmos Padrão de Criptografia platform:ios profile:L1 profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0211 Algoritmos de Hashing Comprometidos platform:ios profile:L1 profile:L2 newstatus:new
MASTG-TEST-0210 Algoritmos de Criptografia Simétrica Comprometidos platform:ios profile:L1 profile:L2 newstatus:new
MASTG-TEST-0063 Teste de Geração de Números Aleatórios platform:ios profile:L1 profile:L2 update-pendingstatus:update-pending
MASVS-CRYPTO-2 The app performs key management according to industry best practices.
MASTG-TEST-0015 Teste dos Propósitos das Chaves platform:android profile:L2 update-pendingstatus:update-pending
MASTG-TEST-0212 Uso de Chaves Criptográficas Embutidas no Código platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0208 Tamanhos de Key Insuficientes platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0062 Testando Key Management platform:ios profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0213 Uso de Hardcoded Cryptographic Keys em Código platform:ios profile:L1 profile:L2 newstatus:new
MASTG-TEST-0209 Tamanhos de Chave Insuficientes platform:ios profile:L1 profile:L2 newstatus:new
MASTG-TEST-0214 Chaves Criptográficas Embarcadas em Arquivos platform:ios profile:L1 profile:L2 newstatus:new