File tree Expand file tree Collapse file tree 2 files changed +3
-3
lines changed
python/ql/src/Security/CWE-327 Expand file tree Collapse file tree 2 files changed +3
-3
lines changed Original file line number Diff line number Diff line change 3333 <code >pycrypto</code > you must specify the encryption
3434 algorithm to use. The first example uses DES, which is an
3535 older algorithm that is now considered weak. The second
36- example uses Blowfish , which is a stronger more modern algorithm.
36+ example uses AES , which is a stronger modern algorithm.
3737 </p >
3838
3939 <sample src =" examples/broken_crypto.py" />
Original file line number Diff line number Diff line change 1- from Crypto .Cipher import DES , Blowfish
1+ from Crypto .Cipher import DES , AES
22
33cipher = DES .new (SECRET_KEY )
44
55def send_encrypted (channel , message ):
66 channel .send (cipher .encrypt (message )) # BAD: weak encryption
77
88
9- cipher = Blowfish .new (SECRET_KEY )
9+ cipher = AES .new (SECRET_KEY )
1010
1111def send_encrypted (channel , message ):
1212 channel .send (cipher .encrypt (message )) # GOOD: strong encryption
You can’t perform that action at this time.
0 commit comments