Back to library list
com.helpshift__android-helpshift-sdk
Column Insecure: Icon 
indicates the version is insecure, otherwise 
Column CryptoMisuse: Icon indicates the version has cryptographic API misuse, otherwise
indicates the version is insecure, otherwise
Column CryptoMisuse: Icon
indicates the version has cryptographic API misuse, otherwise
| Version | Insecure | CryptoMisuse | Rule name | Method | Statement | Details |
|---|---|---|---|---|---|---|
| 4.4.0 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer1510) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5598) | First parameter was not properly generated as prepared Key Material |
| 4.5.0 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer1519) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5423) | First parameter was not properly generated as prepared Key Material |
| 4.5.1 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer1523) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5422) | First parameter was not properly generated as prepared Key Material |
| 4.6.0 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer1633) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5549) | First parameter was not properly generated as prepared Key Material |
| 4.7.0 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer2891) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5648) | First parameter was not properly generated as prepared Key Material |
| 4.8.0 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer3003) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5770) | First parameter was not properly generated as prepared Key Material |
| 4.8.1 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer3003) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5772) | First parameter was not properly generated as prepared Key Material |
| 4.9.0 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer3177) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer6100) | First parameter was not properly generated as prepared Key Material |
| 4.9.1 |
|
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r6.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r7, varReplacer3181) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer6107) | First parameter was not properly generated as prepared Key Material |
| 6.0.0 |
|
|
SecretKeySpec | com.helpshift.common.domain.network.BaseNetwork.calculateSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer1712) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.support.HSApiClient.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer4598) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
SecretKeySpec | com.helpshift.util.SecurityUtil.getSignature(Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r9.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r10, varReplacer5927) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer6076) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 6.1.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer2998) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer6152) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 6.2.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer3032) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer6354) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 6.3.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer3030) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer6386) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 6.4.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer3028) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer6389) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 6.4.1 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer3056) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer6431) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 6.4.2 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer3073) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer6452) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 7.0.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer4150) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer7595) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 7.0.1 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer4153) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer7601) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 7.1.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer4166) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer7634) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 7.2.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer4510) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer8057) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| 7.3.0 |
|
|
SecretKeySpec | com.helpshift.crypto.CryptoDM.getSignature(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; | specialinvoke $r5.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>($r6, varReplacer4523) | First parameter was not properly generated as prepared Key Material |
| - | - |
|
MessageDigest | com.helpshift.websockets.HandshakeReader.readHandshake(Lcom/helpshift/websockets/WebSocketInputStream;Ljava/lang/String;)Ljava/util/Map; | r20 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer8077) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |