ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S3329/python/how-to-fix-it/pycryptodome.adoc

39 lines
862 B
Plaintext
Raw Normal View History

Modify S3329: Learn-As-You-Code migration (#2293) ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
2023-06-28 17:25:56 +02:00
== How to fix it in Cryptodome
=== Code examples
==== Noncompliant code example
Diff blocks: fix incorrect use for python (#2795) Improvement identified in #2790. Add a prefix to the diff-id when it is used multiple times in different "how to fix it in XYZ" sections to avoid ambiguity and pedantically follow the spec: > A single and unique diff-id should be used only once for each type of code example as shown in the description of a rule. Obvious typos around `diff-type` were fixed. An obvious extra use of diff blocks was removed.
2023-08-21 15:22:49 +02:00
[source,python,diff-id=11,diff-type=noncompliant]
Modify S3329: Learn-As-You-Code migration (#2293) ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
2023-06-28 17:25:56 +02:00
----
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
from Crypto.Util.Padding import pad
iv = "doNotTryThis@Home2023"
cipher = AES.new(key, AES.MODE_CBC, iv)
cipher.encrypt(pad(data, AES.block_size)) # Noncompliant
----
==== Compliant solution
:explicit_strong: Crypto.Random.get_random_bytes
include::../../common/fix/explicit-fix.adoc[]
Diff blocks: fix incorrect use for python (#2795) Improvement identified in #2790. Add a prefix to the diff-id when it is used multiple times in different "how to fix it in XYZ" sections to avoid ambiguity and pedantically follow the spec: > A single and unique diff-id should be used only once for each type of code example as shown in the description of a rule. Obvious typos around `diff-type` were fixed. An obvious extra use of diff blocks was removed.
2023-08-21 15:22:49 +02:00
[source,python,diff-id=11,diff-type=compliant]
Modify S3329: Learn-As-You-Code migration (#2293) ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
2023-06-28 17:25:56 +02:00
----
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
from Crypto.Util.Padding import pad
iv = get_random_bytes(AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
cipher.encrypt(pad(data, AES.block_size))
----
=== How does this work?
include::../../common/fix/fix.adoc[]
Reference in New Issue Copy Permalink