Karl/BobStore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

enable lint "GetInstance" security check as error

Browse Source
This commit is contained in:
Hans-Christoph Steiner 2018-08-10 10:56:13 +02:00
parent 0e6e839ed7
commit 4a684182ca
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/lint.xml
View File

@ -23,6 +23,7 @@
<issue id="NestedScrolling" severity="error"/> <issue id="NestedScrolling" severity="error"/>
<issue id="StringFormatCount" severity="error"/> <issue id="StringFormatCount" severity="error"/>
<issue id="UnsafeProtectedBroadcastReceiver" severity="error"/> <issue id="UnsafeProtectedBroadcastReceiver" severity="error"/>
<issue id="GetInstance" severity="error"/>
<issue id="PluralsCandidate" severity="error"/> <issue id="PluralsCandidate" severity="error"/>
<issue id="HardcodedText" severity="error"/> <issue id="HardcodedText" severity="error"/>

14
app/src/full/java/kellinwood/security/zipsigner/optional/PasswordObfuscator.java
View File

@ -65,6 +65,13 @@ public class PasswordObfuscator {
return result; return result;
} }
/**
* <b>This uses the AES-ECB cipher which is known to be insecure</b>
*
* @see <a href="https://blog.filippo.io/the-ecb-penguin/">The ECB Penguin</a>
*/
@Deprecated
@SuppressWarnings("GetInstance")
public String encode(String junk, char[] password) { public String encode(String junk, char[] password) {
if (password == null) return null; if (password == null) return null;
try { try {
@ -84,6 +91,13 @@ public class PasswordObfuscator {
return null; return null;
} }
/**
* <b>This uses the AES-ECB cipher which is known to be insecure</b>
*
* @see <a href="https://blog.filippo.io/the-ecb-penguin/">The ECB Penguin</a>
*/
@Deprecated
@SuppressWarnings("GetInstance")
public char[] decode(String junk, String password) { public char[] decode(String junk, String password) {
if (password == null) return null; if (password == null) return null;
try { try {