sonar-cryptography icon indicating copy to clipboard operation
sonar-cryptography copied to clipboard
Published 1 month ago verified publisher icon cbomkit

Use various providers in JCA

Open hugoqnc opened this issue 1 year ago • 0 comments

JCA uses a provider-based architecture, where one can specify a cryptography provider (like BouncyCastle) which will provide the implementations of JCA APIs.

  • [ ] Investigate if we can often identify the provider when tracking JCA crypto calls
  • [ ] If so, restructure the JCA rules to make them depend on the provider
  • [ ] Add BouncyCastle as a cryptography provider for JCA

hugoqnc avatar Jul 02 '24 12:07 hugoqnc