CryptoAnalysis icon indicating copy to clipboard operation
CryptoAnalysis copied to clipboard

verified publisher icon CROSSINGTUD

Metadata

CogniCrypt_SAST: CrySL-to-Static Analysis Compiler

Results 131 CryptoAnalysis issues
Sort by recently updated
recently updated
newest added

Feature Request: JSON Result Format

1 comment

Because we are using CogniCrypt CryptoAnalysis in a fully automated pipeline-based environment, a JSON result file would allow us to process all results in an automated way. It would be...

luismoeller avatar luismoeller

Release 2.7.3

AnakinRaW avatar AnakinRaW

CSV logs give less information than TXT Logs

3 comment

Running with CSV as report format does not give me the same log information as running with .TXT as report format. This is the log with CSV: ``` [main] INFO...

Maximilianhummel avatar Maximilianhummel

False Positive using MessageDigest in Kotlin

Consider the following application: ```kotlin package com.example.digest import java.security.MessageDigest fun main() { testFail("abc123ABC") testOk("abc123ABC") } fun testFail(input: String) { val someManipulation = input.substring(0, 2) MessageDigest.getInstance("SHA-256").digest(someManipulation.toByteArray()) } fun testOk(input: String) {...

AnakinRaW avatar AnakinRaW

false positive

Soot 4.3.0 Causes test failure.

1 comment

For some reason when using soot version `4.3.0-SNAPSHOT`, Boomerang throws the an `ImperciseException` on test `SecretKeyTest` (clearPasswordPredicateTest, secretKeyUsagePattern7 and clearPasswordPredicateTest2). The error is: ``` java.lang.AssertionError: Imprecise results: Did not expect...

AnakinRaW avatar AnakinRaW

bug

Issue 389

Re-Implemented the necessary parts with Picocli library.

Projucti avatar Projucti

Re-Implement the necessary parts in CryptoAnalysis to make use of the Picocli library

Projucti avatar Projucti

Bump gson from 2.8.6 to 2.8.9 in /CryptoAnalysis

Bumps [gson](https://github.com/google/gson) from 2.8.6 to 2.8.9. Release notes Sourced from gson's releases. Gson 2.8.9 Make OSGi bundle's dependency on sun.misc optional (#1993). Deprecate Gson.excluder() exposing internal Excluder class (#1986). Prevent...

dependabot[bot] avatar dependabot[bot]

dependencies

Bump bcprov-jdk15on from 1.56 to 1.67 in /CryptoAnalysisTargets/BragaCryptoBench/cryptomisuses/statisticPRNG

Bumps [bcprov-jdk15on](https://github.com/bcgit/bc-java) from 1.56 to 1.67. Changelog Sourced from bcprov-jdk15on's changelog. 2.1.1 Version Release: 1.72 Date:      TBD 2.2.1 Version Release: 1.71 Date:      2022, March 31st. ... (truncated) Commits See full...

dependabot[bot] avatar dependabot[bot]

dependencies

Bump bcprov-jdk15on from 1.56 to 1.67 in /CryptoAnalysisTargets/BragaCryptoBench/cryptomisuses/staticCounterCTR

Bumps [bcprov-jdk15on](https://github.com/bcgit/bc-java) from 1.56 to 1.67. Changelog Sourced from bcprov-jdk15on's changelog. 2.1.1 Version Release: 1.72 Date:      TBD 2.2.1 Version Release: 1.71 Date:      2022, March 31st. ... (truncated) Commits See full...

dependabot[bot] avatar dependabot[bot]

dependencies

Metadata

60
Stars
39
Forks
Watchers

Owner

verified publisher icon CROSSINGTUD

Metadata

CogniCrypt_SAST: CrySL-to-Static Analysis Compiler

Back