ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S4426/csharp/rule.adoc
Arseniy Zaostrovnykh 7ca29f686f Force linebreaks
2021-02-02 15:02:10 +01:00

61 lines
2.0 KiB
Plaintext
Raw Blame History

include::../description.adoc[]
== Noncompliant Code Example
----
using System;
using System.Security.Cryptography;
namespace MyLibrary
{
public class MyCryptoClass
{
static void Main()
{
var dsa1 = new DSACryptoServiceProvider(); // Noncompliant - default key size is 1024
dsa1.KeySize = 2048; // Noncompliant - the setter does not update the underlying key size for the DSACryptoServiceProvider class
var dsa2 = new DSACryptoServiceProvider(2048); // Noncompliant - cannot create DSACryptoServiceProvider with a key size bigger than 1024
var rsa1 = new RSACryptoServiceProvider(); // Noncompliant - default key size is 1024
rsa1.KeySize = 2048; // Noncompliant - the setter does not update the underlying key size for the RSACryptoServiceProvider class
var rsa2 = new RSACng(1024); // Noncompliant
// ...
}
}
}
----
KeySize property of DSACryptoServiceProvider and RSACryptoServiceProvider does not change the value of underlying KeySize for the algorithm. Property setter is ignored without error and KeySize can be changed only by using constructor overload. See:
* https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.dsacryptoserviceprovider.keysize[DSACryptoServiceProvider.KeySize Property]
* https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsacryptoserviceprovider.keysize[RSACryptoServiceProvider.KeySize Property]
== Compliant Solution
----
using System;
using System.Security.Cryptography;
namespace MyLibrary
{
public class MyCryptoClass
{
static void Main()
{
var dsa1 = new DSACng(); // Compliant - default key size is 2048
var dsa2 = new DSACng(2048); // Compliant
var rsa1 = new RSACryptoServiceProvider(2048); // Compliant
var rsa2 = new RSACng(); // Compliant - default key size is 2048
// ...
}
}
}
----
include::../see.adoc[]
Reference in New Issue View Git Blame Copy Permalink