Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity
    • Default Quality Profiles:
      Sonar way

      Description

      Noncompliant Code Example

      KeyPairGenerator keyPairGen1 = KeyPairGenerator.getInstance("RSA");
      keyPairGen1.initialize(1024); // Noncompliant
      
      KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
      ECGenParameterSpec ecSpec1 = new ECGenParameterSpec("secp112r1"); // Noncompliant
      keyPairGen5.initialize(ecSpec1); 
      
      KeyGenerator keyGen1 = KeyGenerator.getInstance("AES");
      keyGen1.init(64); // Noncompliant
      

      Compliant Solution

      KeyPairGenerator keyPairGen6 = KeyPairGenerator.getInstance("RSA");
      keyPairGen6.initialize(2048); // Compliant
      
      KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
      ECGenParameterSpec ecSpec10 = new ECGenParameterSpec("secp256r1"); // compliant
      keyPairGen5.initialize(ecSpec10); 
      
      KeyGenerator keyGen2 = KeyGenerator.getInstance("AES");
      keyGen2.init(128); // Compliant
      

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            eric.therond Eric Therond (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: