AspNetSaml icon indicating copy to clipboard operation
AspNetSaml copied to clipboard

Published 20 hours ago verified publisher icon jitbit

Fortify

Open savy-creator opened this issue 4 years ago • 1 comments

Hi, I would like to know how the following issue can be solved in the code. Weak Encryption: Inadequate RSA Padding. Which was identified by Fortify during a security check. On the bold lines

Would it be to altogether use a different SignatureDescription.Or would Fortify have raised a false positive issue.

             public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key)
	{
		if (key == null)
			throw new ArgumentNullException("key");

		**RSAPKCS1SignatureDeformatter deformatter = new RSAPKCS1SignatureDeformatter(key);
		deformatter.SetHashAlgorithm("SHA256");**
		return deformatter;
	}

savy-creator avatar Sep 21 '20 00:09 savy-creator

I'm not sure this is our code

alex-jitbit avatar May 24 '22 15:05 alex-jitbit