rspec/rules/S5542/vbnet/rule.adoc

include::../description.adoc[]

== Noncompliant Code Example

https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesmanaged?view=netframework-4.8[AesManaged] object with insecure mode:

----
Dim aes4 = New AesManaged With {
    .KeySize = 128,
    .BlockSize = 128,
    .Mode = CipherMode.ECB, ' Noncompliant
    .Padding = PaddingMode.PKCS7
}
----

https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsacryptoserviceprovider?view=netframework-4.8[RSACryptoServiceProvider] object without OAEP padding:

----
Dim RSA1 = New RSACryptoServiceProvider()
Dim encryptedData = RSA1.Encrypt(dataToEncrypt, False) ' Noncompliant: OAEP Padding is not used (second parameter set to false)
----

== Compliant Solution

AES with GCM mode with https://www.bouncycastle.org/[bouncycastle] library: 

----
Dim blockCipher As GcmBlockCipher = New GcmBlockCipher(New AesFastEngine()) ' Compliant
blockCipher.Init(True, New AeadParameters(New KeyParameter(secretKey), 128, iv, Nothing))
----

AES with GCM mode with https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.aesgcm?view=netcore-3.0[AesGcm] object: 

----
Dim aesGcm = New AesGcm(key) ' Compliant
----

RSA with OAEP padding with https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsacryptoserviceprovider?view=netframework-4.8[RSACryptoServiceProvider] object: 

----
Dim RSA2 = New RSACryptoServiceProvider()
Dim encryptedData = RSA2.Encrypt(dataToEncrypt, True) ' Compliant: OAEP Padding is used (second parameter set to true)
----

include::../see.adoc[]

ifdef::rspecator-view[]
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]
endif::rspecator-view[]