-
Notifications
You must be signed in to change notification settings - Fork 226
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
79fe6b8
commit 6db70c0
Showing
2 changed files
with
78 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
69 changes: 69 additions & 0 deletions
69
...net/tests/SonarAnalyzer.UnitTest/TestCases/CryptographicKeyShouldNotBeTooShort.CSharp9.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
using Org.BouncyCastle.Asn1.Nist; | ||
using Org.BouncyCastle.Asn1.Sec; | ||
using Org.BouncyCastle.Asn1.TeleTrust; | ||
using Org.BouncyCastle.Asn1.X9; | ||
using Org.BouncyCastle.Crypto.Generators; | ||
using Org.BouncyCastle.Crypto.Parameters; | ||
using Org.BouncyCastle.Math; | ||
using Org.BouncyCastle.Security; | ||
using System; | ||
using System.Security.Cryptography; | ||
|
||
var x = new RSACryptoServiceProvider(); // Noncompliant {{Use a key length of at least 2048 bits for RSA cipher algorithm.}} | ||
RSACryptoServiceProvider y = new(); // FN | ||
|
||
record Program | ||
{ | ||
private const int validKeySizeConst = 2048; | ||
private const int invalidKeySizeConst = 1024; | ||
|
||
private static readonly int validKeySize = 2048; | ||
private static readonly int invalidKeySize = 1024; | ||
|
||
public void ConstArgumentResolution() | ||
{ | ||
const int localValidSize = 2048; | ||
new RSACryptoServiceProvider(); // Noncompliant {{Use a key length of at least 2048 bits for RSA cipher algorithm.}} | ||
new RSACryptoServiceProvider(new CspParameters()); // Noncompliant - has default key size of 1024 | ||
new RSACryptoServiceProvider(2048); | ||
new RSACryptoServiceProvider(localValidSize); | ||
new RSACryptoServiceProvider(validKeySizeConst); | ||
new RSACryptoServiceProvider(validKeySize); | ||
new RSACryptoServiceProvider(invalidKeySize); // Compliant - FN - cannot detect static readonly from GetConstantValue | ||
|
||
const int localInvalidSize = 1024; | ||
new RSACryptoServiceProvider(1024); // Noncompliant {{Use a key length of at least 2048 bits for RSA cipher algorithm.}} | ||
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
new RSACryptoServiceProvider(1024, new()); // Noncompliant | ||
new RSACryptoServiceProvider(invalidKeySizeConst); // Noncompliant | ||
new RSACryptoServiceProvider(localInvalidSize); // Noncompliant | ||
} | ||
|
||
public void KeySize() | ||
{ | ||
ECDiffieHellmanCng ec1 = new(); | ||
ec1.KeySize = 512; | ||
ec1.KeySize = 128; // OK - because this is not a valid key size for this object | ||
|
||
DSACng dsa1 = new(); | ||
dsa1.KeySize = 512; // Noncompliant {{Use a key length of at least 2048 bits for DSA cipher algorithm.}} | ||
} | ||
|
||
public void GenerateKey() | ||
{ | ||
ECDiffieHellmanCng ec1 = new(); | ||
ec1.GenerateKey(ECCurve.NamedCurves.brainpoolP160r1); // Noncompliant {{Use a key length of at least 224 bits for EC cipher algorithm.}} | ||
|
||
ECDsaCng ec2 = new(); | ||
ec2.GenerateKey(ECCurve.NamedCurves.brainpoolP160t1); // Noncompliant {{Use a key length of at least 224 bits for EC cipher algorithm.}} | ||
|
||
ECDsaOpenSsl ec3 = new(); | ||
ec3.GenerateKey(ECCurve.NamedCurves.brainpoolP192t1); // Noncompliant {{Use a key length of at least 224 bits for EC cipher algorithm.}} | ||
} | ||
} | ||
|
||
// See https://github.com/dotnet/roslyn/issues/45510 | ||
namespace System.Runtime.CompilerServices | ||
{ | ||
public class IsExternalInit { } | ||
} |