SonarQube Current solution is:
It is currently obsolete:
AesFastEngine() - this one is obsolete
Should be:
GcmBlockCipher(new AesEngine());
SonarQube Current solution is:
It is currently obsolete:
AesFastEngine() - this one is obsolete
Should be:
GcmBlockCipher(new AesEngine());
Hello @PaulAstro
Welcome to the community !
thank you for this very valuable report.
A ticket has been created to detect the use of the vulnerable algorithm AesFastEngine()
as part of the rule S5542.
And the description of the rule S5547 where the incorrect compliant solution is proposed has been updated and should be visible soon.
Eric
Hello @eric.therond
Thanks! I’m a software developer at https://sii.pl
I hope you guys resolve the issue.
Thanks.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.