057e63f3ae
ECB is a known insecure cipher mode and needs to be checked for. Currently this test will only scan for pyca/cryptography's use of ECB. Future patches should check for PyCrypto and others. Change-Id: I27c30cb93e814eb3b3ce6732e94a76128b5b9e81
13 lines
257 B
Python
13 lines
257 B
Python
from cryptography.hazmat.primitives.ciphers.modes import CBC
|
|
from cryptography.hazmat.primitives.ciphers.modes import ECB
|
|
|
|
|
|
# Insecure mode
|
|
mode = ECB(iv)
|
|
|
|
# Secure cipher and mode
|
|
cipher = AES.new(key, blockalgo.MODE_CTR, iv)
|
|
|
|
# Secure mode
|
|
mode = CBC(iv)
|