Using asymmetric encryption algorithm RSA with key size less than 2048 in one of the following ways:
KeySize parameter as less than 2048.algName parameter as RSA with the default key size 1024.name parameter as RSA with the default key size 1024.name parameter as RSA and specifying the key size as smaller than 2048 explicitly by args.An RSA key smaller than 2048 bits is more vulnerable to brute force attacks.
How to fix violationsSwitch to an RSA with at least 2048 key size, ECDH or ECDsa algorithm instead.
When to suppress warningsIt is not recommended to suppress this rule unless for compatibility with legacy applications and data.
Suppress a warningIf you just want to suppress a single violation, add preprocessor directives to your source file to disable and then re-enable the rule.
#pragma warning disable CA5385
// The code that's violating the rule is on this line.
#pragma warning restore CA5385
To disable the rule for a file, folder, or project, set its severity to none in the configuration file.
[*.{cs,vb}]
dotnet_diagnostic.CA5385.severity = none
For more information, see How to suppress code analysis warnings.
ExampleThe following code snippet illustrates the pattern detected by this rule.
Violation:
using System.Security.Cryptography;
class ExampleClass
{
public void ExampleMethod()
{
RSACng rsaCng = new RSACng(1024);
}
}
Solution:
using System.Security.Cryptography;
class ExampleClass
{
public void ExampleMethod()
{
RSACng rsaCng = new RSACng(2048);
}
}
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4