ASVS V7 Cryptography


 * V7: Cryptography Verification Requirements


 * 1) Control Objective

Ensure that a verified application satisfies the following high level requirements:


 * That all cryptographic modules fail in a secure manner and that errors are handled correctly.
 * That a suitable random number generator is used when randomness is required.
 * That access to keys is managed in a secure way.


 * 1) Security Verification Requirements


 * 1) References

For more information, see also:


 * [OWASP Testing Guide 4.0: Testing for weak Cryptography](https://www.owasp.org/index.php/Testing_for_weak_Cryptography)
 * [OWASP Cheat Sheet: Cryptographic Storage](https://www.owasp.org/index.php/Cryptographic_Storage_Cheat_Sheet)