mhp0rtal opened a new issue #3459: Misuses of cryptographic APIs URL: https://github.com/apache/cloudstack/issues/3459 Hi The following lines have cryptographic API misuses. <br> File name => utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java: Line number => 75: API name => MessageDigest:<BR> File name => utils/src/main/java/com/cloud/utils/nio/Link.java: Line number => 371: API name => KeyStore:Second parameter should never be of type java.lang.String.<BR> File name => utils/src/main/java/org/apache/cloudstack/utils/security/DigestHelper.java: Line number => 30: API name => MessageDigest:Unexpected call to method <java.security.MessageDigest: byte[] digest()> on object of type java.security.MessageDigest. Expect a call to one of the following methods <java.security.MessageDigest: void update(byte[])>,<java.security.MessageDigest: void update(byte[],int,int)>,<java.security.MessageDigest: byte[] digest(byte[])>,<java.security.MessageDigest: void update(java.nio.ByteBuffer)>,<java.security.MessageDigest: void update(byte)><BR> File name => utils/src/main/java/org/apache/cloudstack/utils/security/DigestHelper.java: Line number => 37: API name => MessageDigest:<BR> File name => utils/src/main/java/org/apache/cloudstack/utils/security/DigestHelper.java: Line number => 52: API name => MessageDigest:Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update<BR> File name => utils/src/main/java/com/cloud/utils/crypt/RSAHelper.java: Line number => 81: API name => Cipher:<BR> File name => utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java: Line number => 67: API name => MessageDigest:First parameter (with value "MD5") should be any of {SHA-256, SHA-384, SHA-512}<BR> File name => utils/src/main/java/com/cloud/utils/EncryptionUtil.java: Line number => 63: API name => SecretKeySpec:<BR> File name => utils/src/main/java/com/cloud/utils/SwiftUtil.java: Line number => 234: API name => SecretKeySpec:<BR> File name => utils/src/main/java/com/cloud/utils/SwiftUtil.java: Line number => 234: API name => SecretKeySpec:<BR> File name => utils/src/main/java/com/cloud/utils/ssh/SSHKeysHelper.java: Line number => 75: API name => MessageDigest:<BR> File name => utils/src/main/java/com/cloud/utils/security/CertificateHelper.java: Line number => 72: API name => KeyStore:Unexpected call to method store on object of type java.security.KeyStore. Expect a call to one of the following methods getKey,getEntry<BR> File name => utils/src/main/java/com/cloud/utils/security/CertificateHelper.java: Line number => 117: API name => KeyStore:Unexpected call to method store on object of type java.security.KeyStore. Expect a call to one of the following methods getKey,getEntry<BR> File name => utils/src/main/java/com/cloud/utils/EncryptionUtil.java: Line number => 63: API name => SecretKeySpec:<BR> File name => utils/src/main/java/com/cloud/utils/crypt/RSAHelper.java: Line number => 79: API name => Cipher:First parameter (with value "RSA/None/PKCS1Padding") should be any of RSA/{Empty String, ECB}<BR> File name => utils/src/main/java/com/cloud/utils/security/CertificateHelper.java: Line number => 99: API name => KeyStore:Second parameter should never be of type java.lang.String.<BR> File name => utils/src/main/java/com/cloud/utils/crypt/RSAHelper.java: Line number => 81: API name => Cipher:<BR>
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
