Info Call to Crypto API

Description

List of all calls to cryptographic methods.

Recommendation

Do not use insecure or weak cryptographic algorithms. For example, the Data Encryption Standard (DES) encryption algorithm is considered highly insecure

Do not use Object.equals() to compare cryptographic keys

Cryptographic keys should never be serialized

Technical details

Method com.google.android.exoplayer2.source.hls.Aes128DataSource.open() calling method javax.crypto.spec.IvParameterSpec.<init>()


    public long open(com.google.android.exoplayer2.upstream.DataSpec p5)
    {
        try {
            RuntimeException v0_3 = javax.crypto.Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                v0_3.init(2, new javax.crypto.spec.SecretKeySpec(this.bnY, "AES"), new javax.crypto.spec.IvParameterSpec(this.bTa));
                com.google.android.exoplayer2.upstream.DataSourceInputStream v1_1 = new com.google.android.exoplayer2.upstream.DataSourceInputStream(this.bSZ, p5);
                this.bTb = new javax.crypto.CipherInputStream(v1_1, v0_3);
                v1_1.open();
                return -1;
            } catch (java.security.InvalidKeyException v5_4) {
                throw new RuntimeException(v5_4);
            }
        } catch (java.security.InvalidKeyException v5_1) {
            throw new RuntimeException(v5_1);
        }
        v0_3.init(2, new javax.crypto.spec.SecretKeySpec(this.bnY, "AES"), new javax.crypto.spec.IvParameterSpec(this.bTa));
        v1_1 = new com.google.android.exoplayer2.upstream.DataSourceInputStream(this.bSZ, p5);
        this.bTb = new javax.crypto.CipherInputStream(v1_1, v0_3);
        v1_1.open();
        return -1;
    }

Method com.google.android.exoplayer2.upstream.crypto.AesFlushingCipher.<init>() calling method javax.crypto.spec.IvParameterSpec.<init>()


    public AesFlushingCipher(int p6, byte[] p7, long p8, long p10)
    {
        try {
            this.cpG = javax.crypto.Cipher.getInstance("AES/CTR/NoPadding");
            this.Gw = this.cpG.getBlockSize();
            long v0_1 = new byte[this.Gw];
            this.cqn = v0_1;
            long v0_3 = new byte[this.Gw];
            this.cqo = v0_3;
            int v10_2 = ((int) (p10 % ((long) this.Gw)));
            this.cpG.init(p6, new javax.crypto.spec.SecretKeySpec(p7, com.google.android.exoplayer2.util.Util.ai(this.cpG.getAlgorithm(), "/")[0]), new javax.crypto.spec.IvParameterSpec(this.x(p8, (p10 / ((long) this.Gw)))));
        } catch (byte[] v6_2) {
            throw new RuntimeException(v6_2);
        }
        if (v10_2 != 0) {
            byte[] v6_1 = new byte[v10_2];
            this.o(v6_1, 0, v10_2);
        }
        return;
    }

Method com.google.android.exoplayer2.upstream.cache.CachedContentIndex.agZ() calling method javax.crypto.spec.IvParameterSpec.<init>()


    private void agZ()
    {
        try {
            java.io.DataOutputStream v1_5 = this.bJh.ahf();
        } catch (java.io.DataOutputStream v1_3) {
            java.io.DataOutputStream v1_2 = 0;
            java.security.InvalidKeyException v0_2 = v1_3;
            com.google.android.exoplayer2.util.Util.closeQuietly(v1_2);
            throw v0_2;
        } catch (java.io.DataOutputStream v1_1) {
            v1_2 = 0;
            java.security.InvalidKeyException v0_1 = v1_1;
            throw new com.google.android.exoplayer2.upstream.cache.Cache$CacheException(v0_1);
        } catch (java.security.InvalidKeyException v0_2) {
        }
        if (this.coU != null) {
            this.coU.c(v1_5);
        } else {
            this.coU = new com.google.android.exoplayer2.util.ReusableBufferedOutputStream(v1_5);
        }
        v1_2 = new java.io.DataOutputStream(this.coU);
        try {
            v1_2.writeInt(2);
            v1_2.writeInt(this.cpI);
        } catch (java.security.InvalidKeyException v0_1) {
        }
        if (this.cpI) {
            int v3_3 = new byte[16];
            new java.util.Random().nextBytes(v3_3);
            v1_2.write(v3_3);
            this.cpG.init(1, this.cpH, new javax.crypto.spec.IvParameterSpec(v3_3));
            v1_2.flush();
            v1_2 = new java.io.DataOutputStream(new javax.crypto.CipherOutputStream(this.coU, this.cpG));
        }
        v1_2.writeInt(this.cpE.size());
        int v3_9 = 0;
        javax.crypto.CipherOutputStream v4_8 = this.cpE.values().iterator();
        while (v4_8.hasNext()) {
            int v5_4 = ((com.google.android.exoplayer2.upstream.cache.CachedContent) v4_8.next());
            v5_4.a(v1_2);
            v3_9 += v5_4.gY(2);
        }
        v1_2.writeInt(v3_9);
        this.bJh.b(v1_2);
        com.google.android.exoplayer2.util.Util.closeQuietly(0);
        return;
    }

Method com.google.android.exoplayer2.upstream.cache.CachedContentIndex.agY() calling method javax.crypto.spec.IvParameterSpec.<init>()

Couldn't retrieve source code

Method com.google.common.hash.Hashing.a() calling method java.security.Key.getAlgorithm()


    private static String a(String p3, java.security.Key p4)
    {
        Object[] v1_1 = new Object[3];
        v1_1[0] = p3;
        v1_1[1] = p4.getAlgorithm();
        v1_1[2] = p4.getFormat();
        return String.format("Hashing.%s(Key[algorithm=%s, format=%s])", v1_1);
    }

Method com.google.android.exoplayer2.source.hls.Aes128DataSource.open() calling method javax.crypto.Cipher.getInstance()


    public long open(com.google.android.exoplayer2.upstream.DataSpec p5)
    {
        try {
            RuntimeException v0_3 = javax.crypto.Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                v0_3.init(2, new javax.crypto.spec.SecretKeySpec(this.bnY, "AES"), new javax.crypto.spec.IvParameterSpec(this.bTa));
                com.google.android.exoplayer2.upstream.DataSourceInputStream v1_1 = new com.google.android.exoplayer2.upstream.DataSourceInputStream(this.bSZ, p5);
                this.bTb = new javax.crypto.CipherInputStream(v1_1, v0_3);
                v1_1.open();
                return -1;
            } catch (java.security.InvalidKeyException v5_4) {
                throw new RuntimeException(v5_4);
            }
        } catch (java.security.InvalidKeyException v5_1) {
            throw new RuntimeException(v5_1);
        }
        v0_3.init(2, new javax.crypto.spec.SecretKeySpec(this.bnY, "AES"), new javax.crypto.spec.IvParameterSpec(this.bTa));
        v1_1 = new com.google.android.exoplayer2.upstream.DataSourceInputStream(this.bSZ, p5);
        this.bTb = new javax.crypto.CipherInputStream(v1_1, v0_3);
        v1_1.open();
        return -1;
    }

Method com.google.android.exoplayer2.upstream.crypto.AesFlushingCipher.<init>() calling method javax.crypto.Cipher.getInstance()


    public AesFlushingCipher(int p6, byte[] p7, long p8, long p10)
    {
        try {
            this.cpG = javax.crypto.Cipher.getInstance("AES/CTR/NoPadding");
            this.Gw = this.cpG.getBlockSize();
            long v0_1 = new byte[this.Gw];
            this.cqn = v0_1;
            long v0_3 = new byte[this.Gw];
            this.cqo = v0_3;
            int v10_2 = ((int) (p10 % ((long) this.Gw)));
            this.cpG.init(p6, new javax.crypto.spec.SecretKeySpec(p7, com.google.android.exoplayer2.util.Util.ai(this.cpG.getAlgorithm(), "/")[0]), new javax.crypto.spec.IvParameterSpec(this.x(p8, (p10 / ((long) this.Gw)))));
        } catch (byte[] v6_2) {
            throw new RuntimeException(v6_2);
        }
        if (v10_2 != 0) {
            byte[] v6_1 = new byte[v10_2];
            this.o(v6_1, 0, v10_2);
        }
        return;
    }

Method com.google.android.exoplayer2.upstream.cache.CachedContentIndex.getCipher() calling method javax.crypto.Cipher.getInstance()

Couldn't retrieve source code

Method okio.HashingSource.<init>() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private HashingSource(okio.Source p2, okio.ByteString p3, String p4)
    {
        super(p2);
        try {
            super.dKL = javax.crypto.Mac.getInstance(p4);
            super.dKL.init(new javax.crypto.spec.SecretKeySpec(p3.toByteArray(), p4));
            super.MB = 0;
            return;
        } catch (java.security.NoSuchAlgorithmException) {
            throw new AssertionError();
        } catch (java.security.InvalidKeyException v2_2) {
            throw new IllegalArgumentException(v2_2);
        }
    }

Method com.google.android.exoplayer2.source.hls.Aes128DataSource.open() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public long open(com.google.android.exoplayer2.upstream.DataSpec p5)
    {
        try {
            RuntimeException v0_3 = javax.crypto.Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                v0_3.init(2, new javax.crypto.spec.SecretKeySpec(this.bnY, "AES"), new javax.crypto.spec.IvParameterSpec(this.bTa));
                com.google.android.exoplayer2.upstream.DataSourceInputStream v1_1 = new com.google.android.exoplayer2.upstream.DataSourceInputStream(this.bSZ, p5);
                this.bTb = new javax.crypto.CipherInputStream(v1_1, v0_3);
                v1_1.open();
                return -1;
            } catch (java.security.InvalidKeyException v5_4) {
                throw new RuntimeException(v5_4);
            }
        } catch (java.security.InvalidKeyException v5_1) {
            throw new RuntimeException(v5_1);
        }
        v0_3.init(2, new javax.crypto.spec.SecretKeySpec(this.bnY, "AES"), new javax.crypto.spec.IvParameterSpec(this.bTa));
        v1_1 = new com.google.android.exoplayer2.upstream.DataSourceInputStream(this.bSZ, p5);
        this.bTb = new javax.crypto.CipherInputStream(v1_1, v0_3);
        v1_1.open();
        return -1;
    }

Method com.google.common.hash.Hashing.aw() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public static com.google.common.hash.HashFunction aw(byte[] p2)
    {
        return com.google.common.hash.Hashing.d(new javax.crypto.spec.SecretKeySpec(((byte[]) com.google.common.base.Preconditions.checkNotNull(p2)), "HmacSHA512"));
    }

Method com.google.common.hash.Hashing.av() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public static com.google.common.hash.HashFunction av(byte[] p2)
    {
        return com.google.common.hash.Hashing.c(new javax.crypto.spec.SecretKeySpec(((byte[]) com.google.common.base.Preconditions.checkNotNull(p2)), "HmacSHA256"));
    }

Method com.google.common.hash.Hashing.au() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public static com.google.common.hash.HashFunction au(byte[] p2)
    {
        return com.google.common.hash.Hashing.b(new javax.crypto.spec.SecretKeySpec(((byte[]) com.google.common.base.Preconditions.checkNotNull(p2)), "HmacSHA1"));
    }

Method com.google.common.hash.Hashing.at() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public static com.google.common.hash.HashFunction at(byte[] p2)
    {
        return com.google.common.hash.Hashing.a(new javax.crypto.spec.SecretKeySpec(((byte[]) com.google.common.base.Preconditions.checkNotNull(p2)), "HmacMD5"));
    }

Method com.google.android.exoplayer2.upstream.crypto.AesFlushingCipher.<init>() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public AesFlushingCipher(int p6, byte[] p7, long p8, long p10)
    {
        try {
            this.cpG = javax.crypto.Cipher.getInstance("AES/CTR/NoPadding");
            this.Gw = this.cpG.getBlockSize();
            long v0_1 = new byte[this.Gw];
            this.cqn = v0_1;
            long v0_3 = new byte[this.Gw];
            this.cqo = v0_3;
            int v10_2 = ((int) (p10 % ((long) this.Gw)));
            this.cpG.init(p6, new javax.crypto.spec.SecretKeySpec(p7, com.google.android.exoplayer2.util.Util.ai(this.cpG.getAlgorithm(), "/")[0]), new javax.crypto.spec.IvParameterSpec(this.x(p8, (p10 / ((long) this.Gw)))));
        } catch (byte[] v6_2) {
            throw new RuntimeException(v6_2);
        }
        if (v10_2 != 0) {
            byte[] v6_1 = new byte[v10_2];
            this.o(v6_1, 0, v10_2);
        }
        return;
    }

Method com.google.android.exoplayer2.upstream.cache.CachedContentIndex.<init>() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public CachedContentIndex(java.io.File p3, byte[] p4, boolean p5)
    {
        this.cpI = p5;
        String v0_0 = 1;
        if (p4 == null) {
            com.google.android.exoplayer2.util.Assertions.checkState((p5 ^ 1));
            this.cpG = 0;
            this.cpH = 0;
        } else {
            if (p4.length != 16) {
                v0_0 = 0;
            }
            com.google.android.exoplayer2.util.Assertions.checkArgument(v0_0);
            try {
                this.cpG = com.google.android.exoplayer2.upstream.cache.CachedContentIndex.getCipher();
                this.cpH = new javax.crypto.spec.SecretKeySpec(p4, "AES");
            } catch (java.security.NoSuchAlgorithmException v3_1) {
                throw new IllegalStateException(v3_1);
            }
        }
        this.cpE = new java.util.HashMap();
        this.cpF = new android.util.SparseArray();
        this.bJh = new com.google.android.exoplayer2.util.AtomicFile(new java.io.File(p3, "cached_content_index.exi"));
        return;
    }

Method okio.HashingSink.<init>() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private HashingSink(okio.Sink p2, okio.ByteString p3, String p4)
    {
        super(p2);
        try {
            super.dKL = javax.crypto.Mac.getInstance(p4);
            super.dKL.init(new javax.crypto.spec.SecretKeySpec(p3.toByteArray(), p4));
            super.MB = 0;
            return;
        } catch (java.security.NoSuchAlgorithmException) {
            throw new AssertionError();
        } catch (java.security.InvalidKeyException v2_2) {
            throw new IllegalArgumentException(v2_2);
        }
    }

Method okio.Buffer.a() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private okio.ByteString a(String p5, okio.ByteString p6)
    {
        try {
            javax.crypto.Mac v0 = javax.crypto.Mac.getInstance(p5);
            v0.init(new javax.crypto.spec.SecretKeySpec(p6.toByteArray(), p5));
        } catch (java.security.NoSuchAlgorithmException) {
            throw new AssertionError();
        } catch (okio.Segment v5_5) {
            throw new IllegalArgumentException(v5_5);
        }
        if (this.eXU != null) {
            v0.update(this.eXU.data, this.eXU.pos, (this.eXU.limit - this.eXU.pos));
            okio.Segment v5_2 = this.eXU;
            while(true) {
                v5_2 = v5_2.eYE;
                if (v5_2 == this.eXU) {
                    break;
                }
                v0.update(v5_2.data, v5_2.pos, (v5_2.limit - v5_2.pos));
            }
        }
        return okio.ByteString.bQ(v0.doFinal());
    }

Method okio.ByteString.a() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private ark>okio.ByteStringark> a(String p3, ark>okio.ByteStringark> p4)
    {
        try {
            javax.crypto.Mac v0 = javax.crypto.Mac.getInstance(p3);
            v0.init(new javax.crypto.spec.SecretKeySpec(p4.toByteArray(), p3));
            return ark>okio.ByteStringark>.bQ(v0.doFinal(this.data));
        } catch (java.security.InvalidKeyException v3_3) {
            throw new AssertionError(v3_3);
        } catch (java.security.InvalidKeyException v3_2) {
            throw new IllegalArgumentException(v3_2);
        }
    }