RSA keys should have a minimum of 2,048 bits

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Metadata

ID: go-security/minimum-rsa-key-length

Language: Go

Severity: Warning

Category: Security

CWE: 326

Description

RSA keys should have a minimum length to ensure the security and strength of cryptographic operations. A key length is measured in bits and determines the complexity of the key, making it harder for attackers to break or decrypt the encryption.

Arguments

  • min-length: Minimum length of the RSA key. Default: 2048.

Non-Compliant Code Examples

package main

import (
	"crypto/rand"
	"crypto/rsa"
	"fmt"
)

func main() {
	privateKey, err := rsa.GenerateKey(rand.Reader, 1024)
	if err != nil {
		fmt.Println(err)
	}
	fmt.Println(privateKey)
}

Compliant Code Examples

package main

import (
	"crypto/rand"
	"crypto/rsa"
	"fmt"
)

func main() {
	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		fmt.Println(err)
	}
	fmt.Println(privateKey)
}
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis