diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/clientcrypto/service/impl/ClientCryptoFacade.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/clientcrypto/service/impl/ClientCryptoFacade.java
index b634f690..a439844d 100644
--- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/clientcrypto/service/impl/ClientCryptoFacade.java
+++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/clientcrypto/service/impl/ClientCryptoFacade.java
@@ -115,14 +115,15 @@ public byte[] encrypt(byte[] publicKey, byte[] dataToEncrypt) {
     public boolean validateSignature(ClientType clientType, byte[] publicKey, byte[] signature, byte[] actualData) {
         clientType = isTPMKey(publicKey) ? ClientType.TPM : clientType;
 
-        switch (clientType == null ? clientType.LOCAL : clientType) {
+        switch (clientType == null ? ClientType.LOCAL : clientType) {
             case TPM:
                 return TPMClientCryptoServiceImpl.validateSignature(publicKey, signature, actualData);
             case ANDROID:
                 return AndroidClientCryptoServiceImpl.validateSignature(publicKey, signature, actualData);
+            default:
+                LOGGER.warn("USING LOCAL CLIENT SECURITY USED TO SIGN DATA, IGNORING IF THIS IS NON-PROD ENV");
+                return LocalClientCryptoServiceImpl.validateSignature(publicKey, signature, actualData);
         }
-        LOGGER.warn("USING LOCAL CLIENT SECURITY USED TO SIGN DATA, IGNORE IF THIS IS NON-PROD ENV");
-        return LocalClientCryptoServiceImpl.validateSignature(publicKey, signature, actualData);
     }
 
     public byte[] encrypt(ClientType clientType, byte[] publicKey, byte[] dataToEncrypt) {
@@ -134,7 +135,7 @@ public byte[] encrypt(ClientType clientType, byte[] publicKey, byte[] dataToEncr
         byte[] cipher = cryptoCore.symmetricEncrypt(secretKey, dataToEncrypt, iv, aad);
 
         byte[] encryptedSecretKey = null;
-        switch (clientType == null ? clientType.LOCAL : clientType)  {
+        switch (clientType == null ? ClientType.LOCAL : clientType)  {
             case TPM:
                 encryptedSecretKey = TPMClientCryptoServiceImpl.asymmetricEncrypt(publicKey, secretKey.getEncoded());
                 break;
diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/cryptomanager/service/impl/CryptomanagerServiceImpl.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/cryptomanager/service/impl/CryptomanagerServiceImpl.java
index 1dbb93d6..bb02eab7 100644
--- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/cryptomanager/service/impl/CryptomanagerServiceImpl.java
+++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/cryptomanager/service/impl/CryptomanagerServiceImpl.java
@@ -570,7 +570,13 @@ public Argon2GenerateHashResponseDto generateArgon2Hash(Argon2GenerateHashReques
 		if (!cryptomanagerUtil.isDataValid(saltData)) {
 			SecretKey aesKey = (SecretKey) saltGenParamsCache.get(CryptomanagerConstant.CACHE_AES_KEY);
 			AtomicLong intCounter = (AtomicLong) saltGenParamsCache.get(CryptomanagerConstant.CACHE_INT_COUNTER);
-			long saltInput = intCounter.getAndIncrement();
+			if (Objects.isNull(intCounter)) {
+				if(secureRandom == null)
+					secureRandom = new SecureRandom();
+				intCounter = new AtomicLong(secureRandom.nextLong());
+			}
+            long saltInput = intCounter.getAndIncrement();
+
 			saltGenParamsCache.put(CryptomanagerConstant.CACHE_INT_COUNTER, intCounter);
 			saltBytes = getSaltBytes(getLongBytes(saltInput), aesKey);
 			saltData = CryptoUtil.encodeToURLSafeBase64(saltBytes);
diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/keymanagerservice/helper/KeymanagerDBHelper.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/keymanagerservice/helper/KeymanagerDBHelper.java
index 87b6eba3..efb93444 100644
--- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/keymanagerservice/helper/KeymanagerDBHelper.java
+++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/keymanagerservice/helper/KeymanagerDBHelper.java
@@ -186,7 +186,6 @@ public void storeKeyInAlias(String applicationId, LocalDateTime timeStamp, Strin
     * 
     * @param alias               alias
     * @param masterAlias         masterAlias
-    * @param publicKey           publicKey
     * @param encryptedPrivateKey encryptedPrivateKey
     */
     public void storeKeyInDBStore(String alias, String masterAlias, String certificateData, String encryptedPrivateKey) {
@@ -209,10 +208,12 @@ public void storeKeyInDBStore(String alias, String masterAlias, String certifica
 	 *         referenceId with key "keyAlias"; and a list of all keyalias with
 	 *         matching timestamp with key "currentKeyAlias"
 	 */
+    @SuppressWarnings({"JAVA:S2221","JAVA:S2699", "null"}) //Suppress the potential NullPointer exception 
 	public Map<String, List<KeyAlias>> getKeyAliases(String applicationId, String referenceId, LocalDateTime timeStamp) {
         LOGGER.info(KeymanagerConstant.SESSIONID, KeymanagerConstant.EMPTY, KeymanagerConstant.EMPTY, KeymanagerConstant.GETALIAS);
         Map<String, List<KeyAlias>> hashmap = new HashMap<>();
         String appIdRefIdKey = applicationId + KeymanagerConstant.APP_REF_ID_SEP + referenceId;
+
         List<KeyAlias> keyAliases = keyAliasCache.get(appIdRefIdKey).stream()
                 .sorted((alias1, alias2) -> alias1.getKeyGenerationTime().compareTo(alias2.getKeyGenerationTime()))
                 .collect(Collectors.toList());