Home
Encryption keys should be long enough
Rule description
- To make cryptographic keys robust against brute force attacks, they must have a sufficient key size. Visual Expert will tell you if non-robust keys are used in your PowerBuilder code.
Non-compliant Code Example
CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
// Generate the key
li_return = lnv_CrypterObject.AsymmetricGenerateKey(RSA!, 1024, lblb_privKey, lblb_pubKey) //Non compliant code(Key Length < 2048)
Compliant Code Example
CrypterObject lnv_CrypterObject
lnv_CrypterObject = Create CrypterObject
// Generate the key
li_return = lnv_CrypterObject.AsymmetricGenerateKey(RSA!, 2048, lblb_privKey, lblb_pubKey)//Compliant code (Key Length >= 2048, NIST recommendation)