I am using blackberry dynamics SDK in my android application for security purpose. For scanning the application I am using Veracode. But I am getting some errors in the Veracode report.
When I scan the application without using blackberry SDK I don't get any error in the Veracode. But when I included the blackberry SDK I am getting an error in the Veracode. All the error are caused due to blackberry SDK methods.
I am using blackberry dynamic SDK SQLite database in the mobile application. I have imported the necessary package in my application.
import com.good.gd.database.sqlite.SQLiteDatabase;
After fetching data from the database I have closed the database connection like this :
database.close();
This is the errors I am getting in the Veracode and I don't even know exactly what actually causing this issue.
1.Improper Resource Shutdown or Release: This condition often occurs with resources such as database connections or file handles This error is occurring in ijnoq() method which belongs to blackberry dynamic SDK.
2.Incorrect Permission Assignment for Critical Resource: This error is occurring in rhdrm() method which belongs to the blackberry dynamic SDK.
3.Use of RSA Algorithm without OAEP: This error is occurring in rhdrm() method which belongs to blackberry dynamic SDK.
4.Use of a Broken or Risky Cryptographic Algorithm This error is occurring in rhdrm(),ywhus() methods which belongs to blackberry dynamic SDK.
5.Information Exposure Through Sent Data: This error is occurring in wtru(),flushBuffer() methods which belong to blackberry dynamic SDK.
If there is an error in my code then it should have pointed towards my class file. But its pointing towards blackberry SDK methods. I don't even know why I am getting that RSA Algorithm, Cryptographic, Incorrect Permission, Information Exposure errors. So, please tell me why I am getting these issues?
