gitlab.find_sec_bugs.RSA_KEY_SIZE-1

unknown

Download Count*

MIT

License

Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: find_sec_bugs.RSA_KEY_SIZE-1
    patterns:
      - pattern-either:
          - patterns:
              - pattern-inside: |
                  $GEN = KeyPairGenerator.getInstance($ALG, ...);
                  ...
              - pattern-either:
                  - pattern: $VAR.initialize($SIZE, ...);
                  - pattern: new java.security.spec.RSAKeyGenParameterSpec($SIZE,...);
              - metavariable-comparison:
                  metavariable: $SIZE
                  comparison: $SIZE < 2048
              - metavariable-regex:
                  metavariable: $ALG
                  regex: '"(RSA|DSA)"'
    message: |
      Detected an insufficient key size for DSA. NIST recommends a key size
      of 2048 or higher.
    metadata:
      category: security
      cwe: "CWE-326: Inadequate Encryption Strength"
      primary_identifier: find_sec_bugs.RSA_KEY_SIZE-1
      secondary_identifiers:
        - name: Find Security Bugs-RSA_KEY_SIZE
          type: find_sec_bugs_type
          value: RSA_KEY_SIZE
      license: MIT
    severity: WARNING
    languages:
      - java

Short Link: https://sg.run/nwLb