AnakinRaW
AnakinRaW
# Description Fixes an possible API-Linking issue with CrySL dependency version `2.0.0`. Thus the dependency was updated to version `2.0.1`. To avoid issues when resolving the dependency chain this plugin's...
In the (current) version 1.0.0.201905151726 the generated code (Encode Password for Secure Storage) produces an Insecure Class Composition Problem "Second parameter was not properly generated as randomized" on the Line:...
Consider the following application: ```kotlin package com.example.digest import java.security.MessageDigest fun main() { testFail("abc123ABC") testOk("abc123ABC") } fun testFail(input: String) { val someManipulation = input.substring(0, 2) MessageDigest.getInstance("SHA-256").digest(someManipulation.toByteArray()) } fun testOk(input: String) {...
For some reason when using soot version `4.3.0-SNAPSHOT`, Boomerang throws the an `ImperciseException` on test `SecretKeyTest` (clearPasswordPredicateTest, secretKeyUsagePattern7 and clearPasswordPredicateTest2). The error is: ``` java.lang.AssertionError: Imprecise results: Did not expect...
Currently if CryptoAnalysis was run as the result of an external process (e.g. as a Maven Plugin) it was unable to load load any rules but JCA rules. Reason is,...
Crypto-Analysis, as far as I see this, currently is in an "ugly" state. The following list identifies some items I think we should change before version `2.8.0` gets stable: -...
Currently the class IMO has a weak API design: * [ ] Add a constructor overload that **only** gets a *collection* (no list required) of rules. * [ ] Add...