Critical
Always use AES encryption algorithm in a secure mode
Description
The PowerBuilder code rule "Always use AES encryption algorithm in a secure mode" requires that developers use the Advanced Encryption Standard (AES) algorithm for all encryption operations. AES is a symmetric encryption algorithm that is considered to be one of the strongest and most reliable encryption algorithms available. When using AES encryption, it is important to always use a secure mode, such as Cipher Block Chaining (CBC) or Galois/Counter Mode (GCM). This ensures that the encrypted data is secure and not susceptible to attacks.
Key Benefits
- Secure: AES encryption algorithm provides a secure encryption method that is difficult to break.
- Reliable: AES encryption is reliable and can be used for long-term data protection.
- Flexible: AES encryption is flexible and can be used with different types of data.
- Efficient: AES encryption is efficient and can be used to encrypt large amounts of data quickly.
Non-compliant Code Example
loo_Crypt = create oleobject
loo_Crypt.CryptAlgorithm = "aes"
loo_Crypt.CipherMode = "ecb" // ecb is not compliance
Blob lblb_data
Blob lblb_key
Blob lblb_iv
Blob lblb_encrypt
lblb_data = Blob("Test DES", EncodingANSI!)
lblb_key = Blob("Test Key12345678", EncodingANSI!)
lblb_iv = Blob("Test IV 12345678", EncodingANSI!)
CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
lblb_encrypt = lnv_CrypterObject.SymmetricEncrypt(AES!, lblb_data, lblb_key, &OperationModeECB!, lblb_iv, PKCSPadding!) // OperationModeECB! is not compliance
Compliant Code Example
loo_Crypt = create oleobject
loo_Crypt.CryptAlgorithm = "aes"
loo_Crypt.CipherMode = "cbc" // cbc is compliant
loo_Crypt = create oleobject
loo_Crypt.CryptAlgorithm = "aes"
loo_Crypt.CipherMode = "ctr" // ctr is compliant
Blob lblb_data
Blob lblb_key
Blob lblb_iv
Blob lblb_encrypt
lblb_data = Blob("Test DES", EncodingANSI!)
lblb_key = Blob("Test Key12345678", EncodingANSI!)
lblb_iv = Blob("Test IV 12345678", EncodingANSI!)
CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
lblb_encrypt = lnv_CrypterObject.SymmetricEncrypt(AES!, lblb_data, lblb_key, &OperationModeCFB!, lblb_iv, PKCSPadding!) // OperationModeCFB! is compliant