Skip to content

Commit

Permalink
Merge branch 'develop' into dependabot/maven/org.bouncycastle-bctls-j…
Browse files Browse the repository at this point in the history
…dk15on-1.70
  • Loading branch information
smeyer198 authored Nov 10, 2023
2 parents 99f8157 + fd64f2f commit 74c1f61
Show file tree
Hide file tree
Showing 21 changed files with 1,185 additions and 625 deletions.
34 changes: 34 additions & 0 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
name: Deploy CryptoAnalysis

on: [workflow_dispatch]

jobs:
deployment:
runs-on: ubuntu-latest
name: CryptoAnalysis deployment
steps:
- name: Checkout source code
uses: actions/checkout@v3
# Sets up Java version
- name: Set up Java
uses: actions/setup-java@v3
with:
distribution: 'adopt'
java-package: 'jdk'
java-version: '8'
server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin
server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name
server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret
gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase
# Sets up Maven version
- name: Set up Maven
uses: stCarolas/[email protected]
with:
maven-version: 3.6.3
- name: Build & Deploy CryptoAnalysis
run: mvn -B -U clean deploy -Pdeployment -DskipTests
env:
SIGN_KEY_PASS: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}
OSSRH_USERNAME: ${{ secrets.SONATYPE_USER }}
OSSRH_PASSWORD: ${{ secrets.SONATYPE_PW }}
4 changes: 3 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
bin/
tmp/
*.tmp
*.temp
*.bak
*.swp
*~.nib
Expand Down Expand Up @@ -202,4 +203,5 @@ buildNumber.properties

# End of https://www.toptal.com/developers/gitignore/api/java,maven,eclipse,intellij+all

.flattened-pom.xml
.flattened-pom.xml
/shippable/testresults/
63 changes: 20 additions & 43 deletions CryptoAnalysis-Android/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@
<parent>
<groupId>de.fraunhofer.iem</groupId>
<artifactId>CryptoAnalysis-Parent</artifactId>
<version>${revision}</version>
<version>2.8.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

<properties>
<flowDroidVersion>2.7.1</flowDroidVersion>
<flowDroidVersion>2.12.0</flowDroidVersion>
</properties>
<build>
<plugins>
Expand Down Expand Up @@ -69,53 +69,30 @@
<artifactId>CryptoAnalysis</artifactId>
</dependency>
<dependency>
<groupId>de.tud.sse</groupId>
<artifactId>soot-infoflow</artifactId>
<version>${flowDroidVersion}</version>
</dependency>
<dependency>
<groupId>de.tud.sse</groupId>
<artifactId>soot-infoflow-android</artifactId>
<version>${flowDroidVersion}</version>
</dependency>
<dependency>
<groupId>de.tud.sse</groupId>
<artifactId>soot-infoflow-cmd</artifactId>
<version>${flowDroidVersion}</version>
</dependency>
<groupId>de.fraunhofer.sit.sse.flowdroid</groupId>
<artifactId>soot-infoflow</artifactId>
<version>${flowDroidVersion}</version>
</dependency>
<dependency>
<groupId>de.fraunhofer.sit.sse.flowdroid</groupId>
<artifactId>soot-infoflow-summaries</artifactId>
<version>${flowDroidVersion}</version>
</dependency>
<dependency>
<groupId>de.fraunhofer.sit.sse.flowdroid</groupId>
<artifactId>soot-infoflow-android</artifactId>
<version>${flowDroidVersion}</version>
</dependency>
</dependencies>

<distributionManagement>
<snapshotRepository>
<id>soot-snapshot</id>
<name>Soot snapshot repository</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-snapshot/</url>
<layout>default</layout>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<uniqueVersion>true</uniqueVersion>
<id>soot-release</id>
<name>Soot release repository</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-release/</url>
<layout>default</layout>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>

<repositories>
<repository>
<id>soot-snapshot</id>
<name>soot snapshots</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-snapshot/</url>
<releases>
<enabled>false</enabled>
</releases>
</repository>

<repository>
<id>soot-release</id>
<name>soot release</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-release/</url>
</repository>
</repositories>

</project>
48 changes: 17 additions & 31 deletions CryptoAnalysis/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
<parent>
<groupId>de.fraunhofer.iem</groupId>
<artifactId>CryptoAnalysis-Parent</artifactId>
<version>${revision}</version>
<version>2.8.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

Expand All @@ -30,7 +30,7 @@
<pluginExecutionFilter>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<versionRange>3.1.1</versionRange>
<versionRange>3.3.0</versionRange>
<goals>
<goal>unpack</goal>
</goals>
Expand Down Expand Up @@ -251,16 +251,23 @@
<version>4.13.2</version>
<scope>test</scope>
</dependency>
<dependency>
<!-- Not sure why, but without this explicit dependency,
any newer version of maven-invoker-plugin than 3.2.1, causes tests to crash with runtime exceptions. -->
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
<version>5.1.0</version>
</dependency>
<dependency>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-invoker-plugin</artifactId>
<version>3.2.1</version>
<version>3.3.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.68</version>
<version>1.70</version>
<scope>test</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bctls-jdk15on -->
Expand All @@ -284,12 +291,12 @@
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>2.9.1</version>
<version>2.10</version>
</dependency>
<dependency>
<groupId>de.darmstadt.tu.crossing.CrySL</groupId>
<artifactId>de.darmstadt.tu.crossing.CrySL</artifactId>
<version>2.0.1</version>
<version>2.0.2</version>
</dependency>
<dependency>
<groupId>org.eclipse.xtext</groupId>
Expand Down Expand Up @@ -329,33 +336,12 @@

<distributionManagement>
<snapshotRepository>
<id>soot-snapshot</id>
<name>Soot snapshot repository</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-snapshot/</url>
<layout>default</layout>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<uniqueVersion>true</uniqueVersion>
<id>soot-release</id>
<name>Soot release repository</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-release/</url>
<layout>default</layout>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>

<repositories>
<repository>
<id>soot-snapshot</id>
<name>soot snapshots</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-snapshot/</url>
<releases>
<enabled>false</enabled>
</releases>
</repository>
<repository>
<id>soot-release</id>
<name>soot release</name>
<url>https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-release/</url>
</repository>
</repositories>
</project>
91 changes: 63 additions & 28 deletions CryptoAnalysis/src/main/java/crypto/HeadlessCryptoScanner.java
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import com.google.common.base.Stopwatch;
import com.google.common.collect.Lists;
Expand All @@ -27,8 +28,9 @@
import crypto.preanalysis.SeedFactory;
import crypto.providerdetection.ProviderDetection;
import crypto.reporting.CSVReporter;
import crypto.reporting.CSVSummaryReporter;
import crypto.reporting.CommandLineReporter;
import crypto.reporting.ErrorMarkerListener;
import crypto.reporting.Reporter;
import crypto.reporting.SARIFReporter;
import crypto.reporting.TXTReporter;
import crypto.rules.CrySLRule;
Expand Down Expand Up @@ -162,10 +164,10 @@ private void analyse() {
}

public String toString() {
String s = "HeadllessCryptoScanner: \n";
s += "\tSoftwareIdentifier: "+ softwareIdentifier() +"\n";
s += "\tApplicationClassPath: "+ applicationClassPath() +"\n";
s += "\tSootClassPath: "+ sootClassPath() +"\n\n";
String s = "HeadlessCryptoScanner: \n";
s += "\tSoftwareIdentifier: " + softwareIdentifier() + "\n";
s += "\tApplicationClassPath: " + applicationClassPath() + "\n";
s += "\tSootClassPath: " + sootClassPath() + "\n\n";
return s;
}

Expand All @@ -178,25 +180,52 @@ protected void internalTransform(String phaseName, Map<String, String> options)
BoomerangPretransformer.v().apply();
ObservableDynamicICFG observableDynamicICFG = new ObservableDynamicICFG(false);
List<CrySLRule> rules = HeadlessCryptoScanner.rules;
ErrorMarkerListener fileReporter;
if(reportFormat()!= null) {
switch (reportFormat()) {
case SARIF:
fileReporter = new SARIFReporter(getOutputFolder(), rules);
break;
case CSV:
fileReporter = new CSVReporter(getOutputFolder(), softwareIdentifier(), rules, callGraphWatch.elapsed(TimeUnit.MILLISECONDS));
break;
default:
fileReporter = new TXTReporter(getOutputFolder(), rules);

long callgraphConstructionTime = callGraphWatch.elapsed(TimeUnit.MILLISECONDS);

final CrySLResultsReporter reporter = new CrySLResultsReporter();
Reporter fileReporter;

Set<ReportFormat> formats = reportFormats();

if (formats.size() > 0) {
for (ReportFormat format : formats) {
switch (format) {
case CMD:
fileReporter = new CommandLineReporter(softwareIdentifier(), rules, callgraphConstructionTime, includeStatistics());
reporter.addReportListener(fileReporter);
break;
case TXT:
fileReporter = new TXTReporter(getOutputFolder(), softwareIdentifier(), rules, callgraphConstructionTime, includeStatistics());
reporter.addReportListener(fileReporter);
break;
case SARIF:
fileReporter = new SARIFReporter(getOutputFolder(), softwareIdentifier(), rules, callgraphConstructionTime, includeStatistics());
reporter.addReportListener(fileReporter);
break;
case CSV:
fileReporter = new CSVReporter(getOutputFolder(), softwareIdentifier(), rules, callgraphConstructionTime, includeStatistics());
reporter.addReportListener(fileReporter);
break;
case CSV_SUMMARY:
fileReporter = new CSVSummaryReporter(getOutputFolder(), softwareIdentifier(), rules, callgraphConstructionTime, includeStatistics());
reporter.addReportListener(fileReporter);
break;
default:
fileReporter = new CommandLineReporter(softwareIdentifier(), rules, callgraphConstructionTime, includeStatistics());
reporter.addReportListener(fileReporter);
}
}
} else {
// if the --reportformat flag is not set or no format is specified, use the command line reporter as default
fileReporter = new CommandLineReporter(softwareIdentifier(), rules, callgraphConstructionTime, includeStatistics());
reporter.addReportListener(fileReporter);
}
else {
fileReporter = new CommandLineReporter(rules);

if(getAdditionalListener() != null) {
reporter.addReportListener(getAdditionalListener());
}
final CrySLResultsReporter reporter = new CrySLResultsReporter();
if(getAdditionalListener() != null)
reporter.addReportListener(getAdditionalListener());

CryptoScanner scanner = new CryptoScanner() {

@Override
Expand All @@ -215,23 +244,25 @@ public Debugger<TransitionFunction> debugger(IDEALSeedSolver<TransitionFunction>
if(getOutputFolder() == null) {
LOGGER.error("The visualization requires the --reportDir option.");
}
File vizFile = new File(getOutputFolder()+"/viz/ObjectId#"+seed.getObjectId()+".json");

File vizFile = new File(getOutputFolder() + "/viz/ObjectId#" + seed.getObjectId() + ".json");
vizFile.getParentFile().mkdirs();

return new IDEVizDebugger<>(vizFile, icfg());
}
return super.debugger(solver, seed);
}
};

reporter.addReportListener(fileReporter);

if (providerDetection()) {
ProviderDetection providerDetection = new ProviderDetection();

if(rulesetRootPath == null) {
rulesetRootPath = System.getProperty("user.dir")+File.separator+"src"+File.separator+"main"+File.separator+"resources";
rulesetRootPath = System.getProperty("user.dir") + File.separator + "src" + File.separator + "main" + File.separator + "resources";
}

String detectedProvider = providerDetection.doAnalysis(observableDynamicICFG, rulesetRootPath);

if(detectedProvider != null) {
rules.clear();
switch(settings.getRulesetPathType()) {
Expand Down Expand Up @@ -366,15 +397,19 @@ protected boolean isPreAnalysis() {
protected boolean enableVisualization(){
return settings.isVisualization();
}
protected ReportFormat reportFormat() {
return settings.getReportFormat();

protected Set<ReportFormat> reportFormats() {
return settings.getReportFormats();
}

protected boolean providerDetection() {
return settings.isProviderDetectionAnalysis();
}

protected boolean includeStatistics() {
return settings.isIncludeStatistics();
}

private static String pathToJCE() {
// When whole program mode is disabled, the classpath misses jce.jar
return System.getProperty("java.home") + File.separator + "lib" + File.separator + "jce.jar";
Expand Down
Loading

0 comments on commit 74c1f61

Please sign in to comment.