Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Questionable Code Example

      cryptography module

      from cryptography.fernet import Fernet
      from cryptography.hazmat.primitives.ciphers.aead import ChaCha20Poly1305, AESGCM, AESCCM
      from cryptography.hazmat.primitives.asymmetric import rsa
      from cryptography.hazmat.primitives.ciphers import Cipher
      
      
      def encrypt(key):
          Fernet(key)  # Questionable
          ChaCha20Poly1305(key)  # Questionable
          AESGCM(key)  # Questionable
          AESCCM(key)  # Questionable
      
      
      private_key = rsa.generate_private_key()  # Questionable
      
      
      def encrypt2(algorithm, mode, backend):
          Cipher(algorithm, mode, backend)  # Questionable
      

      pynacl library

      from nacl.public import Box
      from nacl.secret import SecretBox
      
      
      def public_encrypt(secret_key, public_key):
          Box(secret_key, public_key)  # Questionable
      
      
      def secret_encrypt(key):
          SecretBox(key)  # Questionable
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              nicolas.harraudeau Nicolas Harraudeau
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: