Home

Encryption keys should be long enough

Rule description

  • To make cryptographic keys robust against brute force attacks, they must have a sufficient key size. Visual Expert will tell you if non-robust keys are used in your PowerBuilder code.

 

Non-compliant Code Example

CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
// Generate the key
li_return = lnv_CrypterObject.AsymmetricGenerateKey(RSA!, 1024, lblb_privKey, lblb_pubKey) //Non compliant code(Key Length < 2048)

Compliant Code Example

CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
// Generate the key
li_return = lnv_CrypterObject.AsymmetricGenerateKey(RSA!, 2048, lblb_privKey, lblb_pubKey)//Compliant code (Key Length >= 2048, NIST recommendation)
Visual Expert 2020
 VEPBRULE15