Hardcoded Cryptographic keys in the app

nic-delhi / AarogyaSetu_Android

Aarogya Setu Android app native code

https://www.aarogyasetu.gov.in/

Other

2.88k stars 1.85k forks source link

Hardcoded Cryptographic keys in the app #532

Open bhaskartelagi opened 3 years ago

bhaskartelagi commented 3 years ago

Hi Team,

Some code scanning tool raised an alert Hardcoded Cryptographic keys in the app code. can you please fix the code.

The variable ""aarogya_setu_sp"" at line 50 of app\src\main\java\nic\goi\aarogyasetu\utility\SecureUtil.java is assigned a hardcoded, literal value. This static value is used as an encryption key.