gitlab.gosec.G403-1

rules:
  - id: gosec.G403-1
    patterns:
      - pattern-either:
          - pattern: |
              rsa.GenerateKey(..., $ARG)
      - metavariable-comparison:
          metavariable: $ARG
          comparison: $ARG < 2048
    message: >
      It is recommended that generated RSA keys are at least 2048 bits in length.
    metadata:
      cwe: "CWE-326: Inadequate Encryption Strength"
      owasp: "A3: Sensitive Data Exposure"
      primary_identifier: gosec.G403-1
      secondary_identifiers:
        - name: Gosec Rule ID G403
          type: gosec_rule_id
          value: G403
      license: MIT
    severity: WARNING
    languages:
      - go