ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Modify rule S5542: update rule description (#1050)

Browse Source
This commit is contained in:
Pierre-Loup 2022-06-16 22:54:35 +02:00 committed by GitHub
parent 4859b5747a
commit fdb29cd2e3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
37 changed files with 3 additions and 345 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
rules/S5542/abap/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/abap/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/apex/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/apex/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/cobol/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/cobol/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/css/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/css/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

6
rules/S5542/description.adoc
View File

@ -1,8 +1,8 @@
Encryption operation mode and the padding scheme should be chosen appropriately to guarantee data confidentiality, integrity and authenticity:
Encryption operations should use a secure mode and padding scheme so that confidentiality and integrity can be guaranteed.
* For block cipher encryption algorithms (like AES):
** The ECB (Electronic Codebook) cipher mode doesn't provide serious message confidentiality: under a given key any given plaintext block always gets encrypted to the same ciphertext block. This mode never be used.
** The CBC (Cipher Block Chaining) mode by itself provides only data confidentiality. This cipher mode is also vulnerable to https://en.wikipedia.org/wiki/Padding_oracle_attack[padding oracle attacks] when used with padding. Using CBC along with Message Authentication Code can provide data integrity and should prevent such attacks. In practice the implementation has many pitfalls and it's recommended to avoid CBC with padding completely.
** The GCM (Galois Counter Mode) mode which https://en.wikipedia.org/wiki/Galois/Counter_Mode#Mathematical_basis[works internally] with zero/no padding scheme, is recommended, as it is designed to provide both data authenticity (integrity) and confidentiality. Other similar modes are CCM, CWC, EAX, IAPM and OCB.
** The CBC (Cipher Block Chaining) mode by itself provides only data confidentiality, it's recommended to use it along with Message Authentication Code or similar to achieve data authenticity (integrity) too and thus to https://en.wikipedia.org/wiki/Padding_oracle_attack[prevent padding oracle attacks].
** The ECB (Electronic Codebook) mode doesn't provide serious message confidentiality: under a given key any given plaintext block always gets encrypted to the same ciphertext block. This mode should not be used.
* For RSA encryption algorithm, the recommended padding scheme is OAEP.

3
rules/S5542/flex/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/flex/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/go/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/go/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/html/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/html/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/pli/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/pli/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/plsql/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/plsql/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/rpg/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/rpg/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/ruby/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/ruby/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/rust/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/rust/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/scala/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/scala/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/solidity/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/solidity/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/swift/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/swift/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/tsql/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/tsql/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/vb6/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/vb6/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]

3
rules/S5542/xml/metadata.json
View File

@ -1,3 +0,0 @@
{
}

16
rules/S5542/xml/rule.adoc
View File

@ -1,16 +0,0 @@
include::../rule.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]