Stefan Krüger
Stefan Krüger
In some cases, the user may opt for a less secure configuration in the code-generator wizard if their application has to support legacy systems that may not comply with the...
Look at the class KeyGenParameterSpec[1] and create a CrySL rule for it This article is a good starting point for a general overview: https://medium.com/@ericfu/securely-storing-secrets-in-an-android-application-501f030ae5a3 [1] https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html
The TLS task has not been implemented in CogniCryptGEN yet. Please do so by preparing a [code template](https://github.com/eclipse-cognicrypt/CogniCrypt/tree/develop/plugins/de.cognicrypt.codegenerator/src/main/java/de/cognicrypt/codegenerator/crysl/templates). The necessary CrySL rules hould all already exist. Assigned @AndreSonntag.
For most misuses, Cognicrypt may suggest correct alternatives via quick-fixes. For example: **Regular typestate errors** Generate additional call to expected method right before encountered call **End-of-Lifecycle typestate errors** Generate addtional...
**Is your feature request related to a problem? Please describe.** The fluent interfaces of CogniCryptGEN allow calls to three methods for configuration: includeClass, addParameter, and addReturnObject. The last one associates...
User authentication is one of the most common use cases application developers wish to implement. Integrate multiple solutions for that use case. This integration includes 1) Providing an implementation, 2)...
CogniCrypt's code generator supports a solution for long time archiving (see #8). However, as of now, CogniCrypt_SAST does not, that is, it cannot check whether someone is using this solution...
When the user ever has CogniCrypt re-generate the code for their application, but has changed the code CogniCrypt has generated for them the first time, CogniCrypt as of now overrides...