Critical
Encryption algorithms must be used with the appropriate secure mode and padding scheme.
Description
This rule states that when using encryption algorithms, they must be used in conjunction with the appropriate secure mode and padding scheme in order to ensure the security of the data being encrypted.
Key Benefits
- Secure Mode: Ensures that the encryption algorithm is used securely and only with authorized users.
- Padding Scheme: Adds extra bits of data to the original data to ensure that the encrypted data is secure.
Non-compliant Code Example
CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
lblb_encrypt = lnv_CrypterObject.SymmetricEncrypt(AES!, lblb_data, lblb_key, &
OperationModeCBC!, lblb_iv, PKCSPadding!) //Can't use OperationModeCBC and PKCSPadding together
Compliant Code Example
CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
lblb_encrypt = lnv_CrypterObject.SymmetricEncrypt(AES!, lblb_data, lblb_key, &
OperationModeCTR!, lblb_iv, NoPadding!) //Compliant code