44 lines
1.2 KiB
Plaintext
44 lines
1.2 KiB
Plaintext
== Why is this an issue?
|
|
|
|
include::../description.adoc[]
|
|
|
|
=== Noncompliant code example
|
|
|
|
https://nodejs.org/api/crypto.html[crypto] built-in module:
|
|
|
|
[source,javascript]
|
|
----
|
|
crypto.createCipheriv("DES", key, iv); // Noncompliant: DES / 3DES is unsecure
|
|
crypto.createCipheriv("DES-EDE", key, ""); // Noncompliant: DES / 3DES is unsecure
|
|
crypto.createCipheriv("DES-EDE3", key, ""); // Noncompliant: DES / 3DES is unsecure
|
|
crypto.createCipheriv("RC2", key, iv); // Noncompliant: RC2 is vulnerable to a related-key attack
|
|
crypto.createCipheriv("RC4", key, "");// Noncompliant: RC4 is vulnerable to several attacks
|
|
crypto.createCipheriv("BF", key, iv);// Noncompliant: Blowfish use a 64-bit block size makes it vulnerable to birthday attacks
|
|
----
|
|
|
|
=== Compliant solution
|
|
|
|
https://nodejs.org/api/crypto.html[crypto] built-in module:
|
|
|
|
[source,javascript]
|
|
----
|
|
crypto.createCipheriv("AES-256-GCM", key, iv);
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|