Back to library list
com.googlecode__kryo
Column Insecure: Icon 
indicates the version is insecure, otherwise 
Column CryptoMisuse: Icon indicates the version has cryptographic API misuse, otherwise
indicates the version is insecure, otherwise
Column CryptoMisuse: Icon
indicates the version has cryptographic API misuse, otherwise
| Version | Insecure | CryptoMisuse | Rule name | Method | Statement | Details |
|---|---|---|---|---|---|---|
| 1.4 |
|
|
SecretKeySpec | com.esotericsoftware.kryo.compress.BlowfishCompressor.<init>(Lcom/esotericsoftware/kryo/Serializer;[BI)V | specialinvoke $r3.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>(r2, varReplacer202) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
Cipher | com.esotericsoftware.kryo.compress.BlowfishCompressor.compress(Ljava/nio/ByteBuffer;Ljava/lang/Object;Ljava/nio/ByteBuffer;)V | r10 = staticinvoke <javax.crypto.Cipher: javax.crypto.Cipher getInstance(java.lang.String)>(varReplacer205) | First parameter (with value "Blowfish") should be any of {AES, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA224AndAES_256, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_256, PBEWithHmacSHA512AndAES_256, RSA} |
| - | - |
|
Cipher | com.esotericsoftware.kryo.compress.BlowfishCompressor.compress(Ljava/nio/ByteBuffer;Ljava/lang/Object;Ljava/nio/ByteBuffer;)V | virtualinvoke r10.<javax.crypto.Cipher: void init(int,java.security.Key)>(varReplacer206, $r7) | Second parameter was not properly generated as generated Key |
| - | - |
|
Cipher | com.esotericsoftware.kryo.compress.BlowfishCompressor.decompress(Ljava/nio/ByteBuffer;Ljava/lang/Class;Ljava/nio/ByteBuffer;)V | r10 = staticinvoke <javax.crypto.Cipher: javax.crypto.Cipher getInstance(java.lang.String)>(varReplacer210) | First parameter (with value "Blowfish") should be any of {AES, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA224AndAES_256, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_256, PBEWithHmacSHA512AndAES_256, RSA} |
| - | - |
|
Cipher | com.esotericsoftware.kryo.compress.BlowfishCompressor.decompress(Ljava/nio/ByteBuffer;Ljava/lang/Class;Ljava/nio/ByteBuffer;)V | virtualinvoke r10.<javax.crypto.Cipher: void init(int,java.security.Key)>(varReplacer208, $r7) | Second parameter was not properly generated as generated Key |