...
Code Block | ||
---|---|---|
| ||
SecretKey key = KeyGenerator.getInstance("DES""DES").generateKey(); Cipher cipher = Cipher.getInstance("DES""DES"); cipher.init(Cipher.ENCRYPT_MODE, key); // Encode bytes as UTF8; strToBeEncrypted contains the input string // that is to be encrypted byte[] encoded = strToBeEncrypted.getBytes("UTF8""UTF8"); // Perform encryption byte[] encrypted = cipher.doFinal(encoded); |
...
Code Block | ||
---|---|---|
| ||
Cipher cipher = Cipher.getInstance("AES""AES"); KeyGenerator kgen = KeyGenerator.getInstance("AES""AES"); kgen.init(128); // 192 and 256 bits may be unavailable SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES""AES"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); // Encode bytes as UTF8; strToBeEncrypted contains the input string // that is to be encrypted byte[] encoded = strToBeEncrypted.getBytes("UTF8""UTF8"); // Perform encryption byte[] encrypted = cipher.doFinal(encoded); |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
Wiki Markup |
---|
\[[API 06|AA. Java References#API 06]\] \[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 327|http://cwe.mitre.org/data/definitions/327.html] ""Use of a Broken or Risky Cryptographic Algorithm"" |
...
FIO36-J. Do not create multiple buffered wrappers on an InputStream 09. Input Output (FIO) 09. Input Output (FIO)