SonarC# Analyzer v7.5.0.6605 & v7.8.0.7320
Rule does not trigger with provided example:
AesManaged aes = new AesManaged
{
KeySize = 128,
BlockSize = 128,
Mode = CipherMode.OFB, // Noncompliant
Padding = PaddingMode.PKCS7
};
Rule does not trigger either with CipherModes described in the issue: CBC, ECB
Actually I cannot trigger the rule at all
Hi @Shay,
I have tried a simple console application with the following code:
using System;
using System.Security.Cryptography;
namespace ConsoleApp2
{
class Program
{
static void Main(string[] args)
{
AesManaged aes = new AesManaged
{
KeySize = 128,
BlockSize = 128,
Mode = CipherMode.OFB, // Noncompliant
Padding = PaddingMode.PKCS7
};
}
}
}
and I have been successful in having the issue raised.
Could you ensure the rule is correctly active in the quality profile bound to your project? Can you see the warning in the msbuild logs? You can also check that in the .sonarqube/conf the ruleset does contain the rule with the severity warning.
Cheers,
Amaury