Info Call to Crypto API

Description

List of all calls to cryptographic methods.

Recommendation

Do not use insecure or weak cryptographic algorithms. For example, the Data Encryption Standard (DES) encryption algorithm is considered highly insecure

Do not use Object.equals() to compare cryptographic keys

Cryptographic keys should never be serialized

Technical details

Method com.google.android.gms.internal.zzcw.zza() calling method javax.crypto.Cipher.doFinal()


    public final byte[] zza(byte[] p6, String p7)
    {
        if (p6.length != 16) {
            throw new com.google.android.gms.internal.zzcx(this);
        } else {
            try {
                Throwable v7_20 = com.google.android.gms.internal.zzbt.zza(p7, 0);
            } catch (com.google.android.gms.internal.zzcx v6_11) {
                throw new com.google.android.gms.internal.zzcx(this, v6_11);
            } catch (com.google.android.gms.internal.zzcx v6_10) {
                throw new com.google.android.gms.internal.zzcx(this, v6_10);
            } catch (com.google.android.gms.internal.zzcx v6_9) {
                throw new com.google.android.gms.internal.zzcx(this, v6_9);
            } catch (com.google.android.gms.internal.zzcx v6_8) {
                throw new com.google.android.gms.internal.zzcx(this, v6_8);
            } catch (com.google.android.gms.internal.zzcx v6_7) {
                throw new com.google.android.gms.internal.zzcx(this, v6_7);
            } catch (com.google.android.gms.internal.zzcx v6_6) {
                throw new com.google.android.gms.internal.zzcx(this, v6_6);
            } catch (com.google.android.gms.internal.zzcx v6_5) {
                throw new com.google.android.gms.internal.zzcx(this, v6_5);
            }
            if (v7_20.length <= 16) {
                throw new com.google.android.gms.internal.zzcx(this);
            } else {
                javax.crypto.Cipher v0_2 = java.nio.ByteBuffer.allocate(v7_20.length);
                v0_2.put(v7_20);
                v0_2.flip();
                byte[] v2 = new byte[16];
                Throwable v7_3 = new byte[(v7_20.length - 16)];
                v0_2.get(v2);
                v0_2.get(v7_3);
                com.google.android.gms.internal.zzcw.getCipher().init(2, new javax.crypto.spec.SecretKeySpec(p6, "AES"), new javax.crypto.spec.IvParameterSpec(v2));
                return com.google.android.gms.internal.zzcw.getCipher().doFinal(v7_3);
            }
        }
    }

Method okio.ByteString.hmac() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private okio.ByteString hmac(String p3, okio.ByteString p4)
    {
        try {
            javax.crypto.Mac v0 = javax.crypto.Mac.getInstance(p3);
            v0.init(new javax.crypto.spec.SecretKeySpec(p4.toByteArray(), p3));
            return okio.ByteString.of(v0.doFinal(this.data));
        } catch (java.security.InvalidKeyException v3_3) {
            throw new AssertionError(v3_3);
        } catch (java.security.InvalidKeyException v3_2) {
            throw new IllegalArgumentException(v3_2);
        }
    }

Method okio.Buffer.hmac() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private okio.ByteString hmac(String p5, okio.ByteString p6)
    {
        try {
            javax.crypto.Mac v0 = javax.crypto.Mac.getInstance(p5);
            v0.init(new javax.crypto.spec.SecretKeySpec(p6.toByteArray(), p5));
        } catch (java.security.NoSuchAlgorithmException) {
            throw new AssertionError();
        } catch (okio.Segment v5_5) {
            throw new IllegalArgumentException(v5_5);
        }
        if (this.head != null) {
            v0.update(this.head.data, this.head.pos, (this.head.limit - this.head.pos));
            okio.Segment v5_2 = this.head;
            while(true) {
                v5_2 = v5_2.next;
                if (v5_2 == this.head) {
                    break;
                }
                v0.update(v5_2.data, v5_2.pos, (v5_2.limit - v5_2.pos));
            }
        }
        return okio.ByteString.of(v0.doFinal());
    }

Method okio.HashingSink.<init>() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private HashingSink(okio.Sink p2, okio.ByteString p3, String p4)
    {
        super(p2);
        try {
            super.mac = javax.crypto.Mac.getInstance(p4);
            super.mac.init(new javax.crypto.spec.SecretKeySpec(p3.toByteArray(), p4));
            super.messageDigest = 0;
            return;
        } catch (java.security.NoSuchAlgorithmException) {
            throw new AssertionError();
        } catch (java.security.InvalidKeyException v2_2) {
            throw new IllegalArgumentException(v2_2);
        }
    }

Method com.google.android.gms.internal.zzcw.zza() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public final byte[] zza(byte[] p6, String p7)
    {
        if (p6.length != 16) {
            throw new com.google.android.gms.internal.zzcx(this);
        } else {
            try {
                Throwable v7_20 = com.google.android.gms.internal.zzbt.zza(p7, 0);
            } catch (com.google.android.gms.internal.zzcx v6_11) {
                throw new com.google.android.gms.internal.zzcx(this, v6_11);
            } catch (com.google.android.gms.internal.zzcx v6_10) {
                throw new com.google.android.gms.internal.zzcx(this, v6_10);
            } catch (com.google.android.gms.internal.zzcx v6_9) {
                throw new com.google.android.gms.internal.zzcx(this, v6_9);
            } catch (com.google.android.gms.internal.zzcx v6_8) {
                throw new com.google.android.gms.internal.zzcx(this, v6_8);
            } catch (com.google.android.gms.internal.zzcx v6_7) {
                throw new com.google.android.gms.internal.zzcx(this, v6_7);
            } catch (com.google.android.gms.internal.zzcx v6_6) {
                throw new com.google.android.gms.internal.zzcx(this, v6_6);
            } catch (com.google.android.gms.internal.zzcx v6_5) {
                throw new com.google.android.gms.internal.zzcx(this, v6_5);
            }
            if (v7_20.length <= 16) {
                throw new com.google.android.gms.internal.zzcx(this);
            } else {
                javax.crypto.Cipher v0_2 = java.nio.ByteBuffer.allocate(v7_20.length);
                v0_2.put(v7_20);
                v0_2.flip();
                byte[] v2 = new byte[16];
                Throwable v7_3 = new byte[(v7_20.length - 16)];
                v0_2.get(v2);
                v0_2.get(v7_3);
                com.google.android.gms.internal.zzcw.getCipher().init(2, new javax.crypto.spec.SecretKeySpec(p6, "AES"), new javax.crypto.spec.IvParameterSpec(v2));
                return com.google.android.gms.internal.zzcw.getCipher().doFinal(v7_3);
            }
        }
    }

Method com.google.android.gms.internal.zzcw.zzc() calling method javax.crypto.spec.SecretKeySpec.<init>()


    public final String zzc(byte[] p5, byte[] p6)
    {
        if (p5.length != 16) {
            throw new com.google.android.gms.internal.zzcx(this);
        } else {
            try {
            } catch (String v5_11) {
                throw new com.google.android.gms.internal.zzcx(this, v5_11);
            } catch (String v5_10) {
                throw new com.google.android.gms.internal.zzcx(this, v5_10);
            } catch (String v5_9) {
                throw new com.google.android.gms.internal.zzcx(this, v5_9);
            } catch (String v5_8) {
                throw new com.google.android.gms.internal.zzcx(this, v5_8);
            } catch (String v5_7) {
                throw new com.google.android.gms.internal.zzcx(this, v5_7);
            }
            com.google.android.gms.internal.zzcw.getCipher().init(1, new javax.crypto.spec.SecretKeySpec(p5, "AES"), 0);
            int v6_1 = com.google.android.gms.internal.zzcw.getCipher().doFinal(p6);
            java.nio.ByteBuffer v0_3 = com.google.android.gms.internal.zzcw.getCipher().getIV();
            String v5_2 = (v6_1.length + v0_3.length);
            java.nio.ByteBuffer v1_3 = java.nio.ByteBuffer.allocate(v5_2);
            v1_3.put(v0_3).put(v6_1);
            v1_3.flip();
            String v5_4 = new byte[v5_2];
            v1_3.get(v5_4);
            return com.google.android.gms.internal.zzbt.zza(v5_4, 0);
        }
    }

Method com.google.android.gms.internal.cg.zza() calling method javax.crypto.spec.SecretKeySpec.<init>()

Couldn't retrieve source code

Method okio.HashingSource.<init>() calling method javax.crypto.spec.SecretKeySpec.<init>()


    private HashingSource(okio.Source p2, okio.ByteString p3, String p4)
    {
        super(p2);
        try {
            super.mac = javax.crypto.Mac.getInstance(p4);
            super.mac.init(new javax.crypto.spec.SecretKeySpec(p3.toByteArray(), p4));
            super.messageDigest = 0;
            return;
        } catch (java.security.NoSuchAlgorithmException) {
            throw new AssertionError();
        } catch (java.security.InvalidKeyException v2_2) {
            throw new IllegalArgumentException(v2_2);
        }
    }

Method com.google.android.gms.internal.zzcw.zzc() calling method javax.crypto.Cipher.doFinal()


    public final String zzc(byte[] p5, byte[] p6)
    {
        if (p5.length != 16) {
            throw new com.google.android.gms.internal.zzcx(this);
        } else {
            try {
            } catch (String v5_11) {
                throw new com.google.android.gms.internal.zzcx(this, v5_11);
            } catch (String v5_10) {
                throw new com.google.android.gms.internal.zzcx(this, v5_10);
            } catch (String v5_9) {
                throw new com.google.android.gms.internal.zzcx(this, v5_9);
            } catch (String v5_8) {
                throw new com.google.android.gms.internal.zzcx(this, v5_8);
            } catch (String v5_7) {
                throw new com.google.android.gms.internal.zzcx(this, v5_7);
            }
            com.google.android.gms.internal.zzcw.getCipher().init(1, new javax.crypto.spec.SecretKeySpec(p5, "AES"), 0);
            int v6_1 = com.google.android.gms.internal.zzcw.getCipher().doFinal(p6);
            java.nio.ByteBuffer v0_3 = com.google.android.gms.internal.zzcw.getCipher().getIV();
            String v5_2 = (v6_1.length + v0_3.length);
            java.nio.ByteBuffer v1_3 = java.nio.ByteBuffer.allocate(v5_2);
            v1_3.put(v0_3).put(v6_1);
            v1_3.flip();
            String v5_4 = new byte[v5_2];
            v1_3.get(v5_4);
            return com.google.android.gms.internal.zzbt.zza(v5_4, 0);
        }
    }

Method com.google.android.gms.internal.cg.zza() calling method javax.crypto.Cipher.doFinal()


    private static String zza(javax.crypto.Cipher p1, String p2, javax.crypto.spec.SecretKeySpec p3, javax.crypto.spec.IvParameterSpec p4)
    {
        if ((p2 == null) || (p2.length() == 0)) {
            throw new RuntimeException("Encrypt: empty input string");
        } else {
            try {
                p1.init(1, p3, p4);
                return com.google.android.gms.internal.zzcvq.zzg(p1.doFinal(p2.getBytes()));
            } catch (String v1_3) {
                String v1_5 = String.valueOf(v1_3.getMessage());
                if (v1_5.length() == 0) {
                    String v1_7 = new String("Encrypt: ");
                } else {
                    v1_7 = "Encrypt: ".concat(v1_5);
                }
                throw new RuntimeException(v1_7);
            }
        }
    }

Method com.google.android.gms.internal.zzcw.zzc() calling method javax.crypto.Cipher.getIV()


    public final String zzc(byte[] p5, byte[] p6)
    {
        if (p5.length != 16) {
            throw new com.google.android.gms.internal.zzcx(this);
        } else {
            try {
            } catch (String v5_11) {
                throw new com.google.android.gms.internal.zzcx(this, v5_11);
            } catch (String v5_10) {
                throw new com.google.android.gms.internal.zzcx(this, v5_10);
            } catch (String v5_9) {
                throw new com.google.android.gms.internal.zzcx(this, v5_9);
            } catch (String v5_8) {
                throw new com.google.android.gms.internal.zzcx(this, v5_8);
            } catch (String v5_7) {
                throw new com.google.android.gms.internal.zzcx(this, v5_7);
            }
            com.google.android.gms.internal.zzcw.getCipher().init(1, new javax.crypto.spec.SecretKeySpec(p5, "AES"), 0);
            int v6_1 = com.google.android.gms.internal.zzcw.getCipher().doFinal(p6);
            java.nio.ByteBuffer v0_3 = com.google.android.gms.internal.zzcw.getCipher().getIV();
            String v5_2 = (v6_1.length + v0_3.length);
            java.nio.ByteBuffer v1_3 = java.nio.ByteBuffer.allocate(v5_2);
            v1_3.put(v0_3).put(v6_1);
            v1_3.flip();
            String v5_4 = new byte[v5_2];
            v1_3.get(v5_4);
            return com.google.android.gms.internal.zzbt.zza(v5_4, 0);
        }
    }

Method com.github.orangegangsters.lollipin.lib.managers.FingerprintUiHelper.initCipher() calling method javax.crypto.Cipher.getInstance()


    private boolean initCipher()
    {
        try {
            if (this.mKeyStore == null) {
                this.mKeyStore = java.security.KeyStore.getInstance("AndroidKeyStore");
            }
        } catch (javax.crypto.NoSuchPaddingException) {
            return 0;
        }
        this.createKey();
        this.mKeyStore.load(0);
        javax.crypto.SecretKey v0_3 = ((javax.crypto.SecretKey) this.mKeyStore.getKey("my_key", 0));
        this.mCipher = javax.crypto.Cipher.getInstance("AES/CBC/PKCS7Padding");
        this.mCipher.init(1, v0_3);
        return 1;
    }

Method com.google.android.gms.internal.zzcw.getCipher() calling method javax.crypto.Cipher.getInstance()


    private static javax.crypto.Cipher getCipher()
    {
        try {
            if (com.google.android.gms.internal.zzcw.zzqy == null) {
                com.google.android.gms.internal.zzcw.zzqy = javax.crypto.Cipher.getInstance("AES/CBC/PKCS5Padding");
            }
        } catch (javax.crypto.Cipher v1_4) {
            throw v1_4;
        }
        return com.google.android.gms.internal.zzcw.zzqy;
    }

Method com.google.android.gms.internal.cg.zza() calling method javax.crypto.Cipher.getInstance()

Couldn't retrieve source code

Method com.github.orangegangsters.lollipin.lib.managers.FingerprintUiHelper.createKey() calling method javax.crypto.KeyGenerator.generateKey()


    public void createKey()
    {
        try {
            this.mKeyGenerator = javax.crypto.KeyGenerator.getInstance("AES", "AndroidKeyStore");
            this.mKeyGenerator.init(new android.security.keystore.KeyGenParameterSpec$Builder("my_key", 3).setBlockModes(new String[] {"CBC"})).setUserAuthenticationRequired(1).setEncryptionPaddings(new String[] {"PKCS7Padding"})).build());
            this.mKeyGenerator.generateKey();
            return;
        } catch (java.security.NoSuchProviderException v0_2) {
            throw new RuntimeException(v0_2);
        }
    }

Method com.github.orangegangsters.lollipin.lib.managers.FingerprintUiHelper.createKey() calling method javax.crypto.KeyGenerator.getInstance()


    public void createKey()
    {
        try {
            this.mKeyGenerator = javax.crypto.KeyGenerator.getInstance("AES", "AndroidKeyStore");
            this.mKeyGenerator.init(new android.security.keystore.KeyGenParameterSpec$Builder("my_key", 3).setBlockModes(new String[] {"CBC"})).setUserAuthenticationRequired(1).setEncryptionPaddings(new String[] {"PKCS7Padding"})).build());
            this.mKeyGenerator.generateKey();
            return;
        } catch (java.security.NoSuchProviderException v0_2) {
            throw new RuntimeException(v0_2);
        }
    }

Method com.google.android.gms.internal.zzcw.zza() calling method javax.crypto.spec.IvParameterSpec.<init>()


    public final byte[] zza(byte[] p6, String p7)
    {
        if (p6.length != 16) {
            throw new com.google.android.gms.internal.zzcx(this);
        } else {
            try {
                Throwable v7_20 = com.google.android.gms.internal.zzbt.zza(p7, 0);
            } catch (com.google.android.gms.internal.zzcx v6_11) {
                throw new com.google.android.gms.internal.zzcx(this, v6_11);
            } catch (com.google.android.gms.internal.zzcx v6_10) {
                throw new com.google.android.gms.internal.zzcx(this, v6_10);
            } catch (com.google.android.gms.internal.zzcx v6_9) {
                throw new com.google.android.gms.internal.zzcx(this, v6_9);
            } catch (com.google.android.gms.internal.zzcx v6_8) {
                throw new com.google.android.gms.internal.zzcx(this, v6_8);
            } catch (com.google.android.gms.internal.zzcx v6_7) {
                throw new com.google.android.gms.internal.zzcx(this, v6_7);
            } catch (com.google.android.gms.internal.zzcx v6_6) {
                throw new com.google.android.gms.internal.zzcx(this, v6_6);
            } catch (com.google.android.gms.internal.zzcx v6_5) {
                throw new com.google.android.gms.internal.zzcx(this, v6_5);
            }
            if (v7_20.length <= 16) {
                throw new com.google.android.gms.internal.zzcx(this);
            } else {
                javax.crypto.Cipher v0_2 = java.nio.ByteBuffer.allocate(v7_20.length);
                v0_2.put(v7_20);
                v0_2.flip();
                byte[] v2 = new byte[16];
                Throwable v7_3 = new byte[(v7_20.length - 16)];
                v0_2.get(v2);
                v0_2.get(v7_3);
                com.google.android.gms.internal.zzcw.getCipher().init(2, new javax.crypto.spec.SecretKeySpec(p6, "AES"), new javax.crypto.spec.IvParameterSpec(v2));
                return com.google.android.gms.internal.zzcw.getCipher().doFinal(v7_3);
            }
        }
    }

Method com.google.android.gms.internal.cg.zza() calling method javax.crypto.spec.IvParameterSpec.<init>()

Couldn't retrieve source code