Events
17 Mar, 21 - 21 Mar, 10
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowCA5358: Do Not Use Unsafe Cipher Modes
| Property | Value |
|---|---|
| Rule ID | CA5358 |
| Title | Do Not Use Unsafe Cipher Modes |
| Category | Security |
| Fix is breaking or non-breaking | Non-breaking |
| Enabled by default in .NET 9 | No |
Use of one of the following unsafe encryption modes that is not approved:
- System.Security.Cryptography.CipherMode.ECB
- System.Security.Cryptography.CipherMode.OFB
- System.Security.Cryptography.CipherMode.CFB
These modes are vulnerable to attacks and may cause exposure of sensitive information. For example, using ECB to encrypt a plaintext block always produces a same cipher text, so it can easily tell if two encrypted messages are identical. Using approved modes can avoid these unnecessary risks.
- Use only approved modes (System.Security.Cryptography.CipherMode.CBC, System.Security.Cryptography.CipherMode.CTS).
It's safe to suppress a warning from this rule if:
- Cryptography experts have reviewed and approved the cipher mode's usage.
- The referenced CipherMode isn't used for a cryptographic operation.
If you just want to suppress a single violation, add preprocessor directives to your source file to disable and then re-enable the rule.
C#
#pragma warning disable CA5358
// The code that's violating the rule is on this line.
#pragma warning restore CA5358
To disable the rule for a file, folder, or project, set its severity to none in the configuration file.
ini
[*.{cs,vb}]
dotnet_diagnostic.CA5358.severity = none
For more information, see How to suppress code analysis warnings.
C#
using System.Security.Cryptography;
class ExampleClass {
private static void ExampleMethod () {
RijndaelManaged rijn = new RijndaelManaged
{
Mode = CipherMode.ECB
};
}
}
C#
using System;
using System.Security.Cryptography;
class ExampleClass
{
private static void ExampleMethod()
{
Console.WriteLine(CipherMode.ECB);
}
}
C#
using System.Security.Cryptography;
class ExampleClass {
private static void ExampleMethod () {
RijndaelManaged rijn = new RijndaelManaged
{
Mode = CipherMode.CBC
};
}
}
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
.NET feedback
.NET is an open source project. Select a link to provide feedback: