ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S4426/kotlin/how-to-fix-it/java-cryptographic-extension.adoc
Loris S e09d505103
Modify S4426: Learn-As-You-Code Migration (#2166) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [x] logical errors and incorrect information
- [x] information gaps and missing content
- [x] text style and tone
- [x] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)

---------

Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
2023-06-20 12:08:25 +02:00

130 lines
3.1 KiB
Plaintext
Raw Blame History

== How to fix it in Java Cryptographic Extension
=== Code examples
include::../../common/fix/code-rationale.adoc[]
==== Noncompliant code example
include::../../common/fix/rsa.adoc[]
[source,kotlin,diff-id=1,diff-type=noncompliant]
----
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
fun main(args: Array<String>) {
try {
val keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024); // Noncompliant
} catch (e: NoSuchAlgorithmException) {
// ...
}
}
----
include::../../common/fix/aes.adoc[]
[source,kotlin,diff-id=2,diff-type=noncompliant]
----
import java.security.KeyGenerator;
import java.security.NoSuchAlgorithmException;
fun main(args: Array<String>) {
try {
val keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.initialize(64); // Noncompliant
} catch (e: NoSuchAlgorithmException) {
// ...
}
}
----
include::../../common/fix/ec.adoc[]
[source,kotlin,diff-id=3,diff-type=noncompliant]
----
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidAlgorithmParameterException;
import java.security.spec.ECGenParameterSpec;
fun main(args: Array<String>) {
try {
val keyPairGenerator = KeyPairGenerator.getInstance("EC");
val ellipticCurveName = new ECGenParameterSpec("secp112r1"); // Noncompliant
keyPairGenerator.initialize(ellipticCurveName);
} catch (e: NoSuchAlgorithmException) {
// ...
} catch (e: InvalidAlgorithmParameterException) {
// ...
}
}
----
==== Compliant solution
[source,kotlin,diff-id=1,diff-type=compliant]
----
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
fun main(args: Array<String>) {
try {
val keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(2048);
} catch (e: NoSuchAlgorithmException) {
// ...
}
}
----
[source,kotlin,diff-id=2,diff-type=compliant]
----
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
public static void main(String[] args) {
try {
val keyPairGenerator = KeyPairGenerator.getInstance("AES");
keyPairGenerator.initialize(128);
} catch (e: NoSuchAlgorithmException) {
// ...
}
}
----
[source,kotlin,diff-id=3,diff-type=compliant]
----
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidAlgorithmParameterException;
import java.security.spec.ECGenParameterSpec;
public static void main(String[] args) {
try {
val keyPairGenerator = KeyPairGenerator.getInstance("EC");
val ellipticCurveName = new ECGenParameterSpec("secp256r1");
keyPairGenerator.initialize(ellipticCurveName);
} catch (e: NoSuchAlgorithmException) {
// ...
} catch (e: InvalidAlgorithmParameterException) {
// ...
}
}
----
=== How does this work?
include::../../common/fix/fix.adoc[]
=== Going the extra mile
include::../../common/extra-mile/pre-quantum.adoc[]
Reference in New Issue View Git Blame Copy Permalink