Critical

Encryption algorithms must be used with the appropriate secure mode and padding scheme.

Description

    This rule states that when using encryption algorithms, they must be used in conjunction with the appropriate secure mode and padding scheme in order to ensure the security of the data being encrypted.

Key Benefits

  • Secure Mode: Ensures that the encryption algorithm is used securely and only with authorized users.
  • Padding Scheme: Adds extra bits of data to the original data to ensure that the encrypted data is secure.

 

Non-compliant Code Example

CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
lblb_encrypt = lnv_CrypterObject.SymmetricEncrypt(AES!, lblb_data, lblb_key, &
	OperationModeCBC!, lblb_iv, PKCSPadding!) //Can't use OperationModeCBC and PKCSPadding together

Compliant Code Example

CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
lblb_encrypt = lnv_CrypterObject.SymmetricEncrypt(AES!, lblb_data, lblb_key, &
	OperationModeCTR!, lblb_iv, NoPadding!) //Compliant code
Visual Expert 2023
 VEPBRULE12