Skip to content

Added changes proposed by Rodrigo #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added changes proposed by Rodrigo #31

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions content/documentation/crysl/_index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,9 +77,9 @@ ENSURES
Above is an excerpt of the rule for `SecretKeySpec`. The predicate `generatedKey` is listed within the `ENSURES` block of this rule. The static analysis labels any object of type `SecretKeySpec` by `generatedKey` when the analysis finds the object to be used correctly (with respect to its *CrySL* rule).

## Addition or Modification of CrySL Rules
All *CrySL* rules currently used by CogniCrypt are present in the repository named [Crypto-API-Rules](https://github.com/CROSSINGTUD/Crypto-API-Rules). As of June 2019, it contains three project, one each for the APIs of Java Cryptography Architecture, Google Tink, and BouncyCastle through its lightweight API. You need to clone the corresponding project and import it as a maven project into Eclipse where you have already installed CogniCrypt and the *CrySL* plugins. These plugins let you update the *CrySL* rules on the fly. You can edit them or even add new rules. CogniCrypt automatically parses these rules and takes them into account in any future analyses.
All *CrySL* rules currently used by CogniCrypt are present in the repository named [Crypto-API-Rules](https://github.com/CROSSINGTUD/Crypto-API-Rules). As of June 2019, it contains three project[s], each one with CrySL specifications for Java Cryptography Architecture, Google Tink, and BouncyCastle through its lightweight API. You need to clone the corresponding project and import it as a maven project into Eclipse where you have already installed CogniCrypt and the *CrySL* plugins. These plugins let you update the *CrySL* rules on the fly. You can edit them or even add new rules. CogniCrypt automatically parses these rules and takes them into account in any future analyses.

The below tutorial describes how to modify *CrySL* rules on the fly. The first screenshot shows an example code which uses `KeyGenerator` that is created with correct algorithm, namely "AES", and later initialized with a proper keySize i.e. 128. Hence the plugin doesn't show any error markers.
The following tutorial describes how to modify *CrySL* rules on the fly. The first screenshot shows an example code which uses `KeyGenerator` that is created with correct algorithm, namely "AES", and later initialized with a proper keySize i.e. 128. Hence the plugin doesn't show any error markers.

<div class="imgbox">
<img class="center-fit" src='./images/correctcode.png' alt="An example code without any misuse">
Expand Down