Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity
    • Default Quality Profiles:
      Sonar way

      Description

      Noncompliant Code Example

      KeyPairGenerator keyPairGen1 = KeyPairGenerator.getInstance("RSA");
      keyPairGen1.initialize(1024); // Noncompliant
      
      KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
      ECGenParameterSpec ecSpec1 = new ECGenParameterSpec("secp112r1"); // Noncompliant
      keyPairGen5.initialize(ecSpec1); 
      
      KeyGenerator keyGen1 = KeyGenerator.getInstance("AES");
      keyGen1.init(64); // Noncompliant
      

      Compliant Solution

      KeyPairGenerator keyPairGen6 = KeyPairGenerator.getInstance("RSA");
      keyPairGen6.initialize(2048); // Compliant
      
      KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
      ECGenParameterSpec ecSpec10 = new ECGenParameterSpec("secp224k1"); // compliant
      keyPairGen5.initialize(ecSpec10); 
      
      KeyGenerator keyGen2 = KeyGenerator.getInstance("AES");
      keyGen2.init(128); // Compliant
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              eric.therond Eric Therond
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: