include::../description.adoc[] include::../ask-yourself.adoc[] include::../recommended.adoc[] == Sensitive Code Example ---- using System; using System.Security.Cryptography; namespace MyNamespace { public class MyClass { public void Main() { Byte[] data = {1,1,1}; RSA myRSA = RSA.Create(); RSAEncryptionPadding padding = RSAEncryptionPadding.CreateOaep(HashAlgorithmName.SHA1); // Review all base RSA class' Encrypt/Decrypt calls myRSA.Encrypt(data, padding); // Sensitive myRSA.EncryptValue(data); // Sensitive myRSA.Decrypt(data, padding); // Sensitive myRSA.DecryptValue(data); // Sensitive RSACryptoServiceProvider myRSAC = new RSACryptoServiceProvider(); // Review the use of any TryEncrypt/TryDecrypt and specific Encrypt/Decrypt of RSA subclasses. myRSAC.Encrypt(data, false); // Sensitive myRSAC.Decrypt(data, false); // Sensitive int written; myRSAC.TryEncrypt(data, Span.Empty, padding, out written); // Sensitive myRSAC.TryDecrypt(data, Span.Empty, padding, out written); // Sensitive byte[] rgbKey = {1,2,3}; byte[] rgbIV = {4,5,6}; SymmetricAlgorithm rijn = SymmetricAlgorithm.Create(); // Review the creation of Encryptors from any SymmetricAlgorithm instance. rijn.CreateEncryptor(); // Sensitive rijn.CreateEncryptor(rgbKey, rgbIV); // Sensitive rijn.CreateDecryptor(); // Sensitive rijn.CreateDecryptor(rgbKey, rgbIV); // Sensitive } public class MyCrypto : System.Security.Cryptography.AsymmetricAlgorithm // Sensitive { // ... } public class MyCrypto2 : System.Security.Cryptography.SymmetricAlgorithm // Sensitive { // ... } } } ---- include::../see.adoc[] ifdef::env-github,rspecator-view[] ''' == Implementation Specification (visible only on this page) include::../message.adoc[] include::../highlighting.adoc[] ''' == Comments And Links (visible only on this page) include::comments-and-links.adoc[] endif::env-github,rspecator-view[]