Use at least 2048-bit RSA keys | Critiq Docs

#Metadata

Rule ID: java.security.weak-rsa-key-size
Severity: high
Confidence: 0.9
Languages: java
Presets: security, strict
Stability: stable
Applies to: block
Tags: cryptography, java, rsa, rules-catalog, security

#Why it matters

RSA moduli below 2048 bits are considered cryptographically weak and feasible to attack with modern resources.

#Remediation

Generate RSA keys with at least 2048 bits, or prefer Ed25519/ECDSA for new code where appropriate.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/java/java.security.weak-rsa-key-size.rule.yaml.

Back to directory Open rule in repository