Stefan Krüger
Stefan Krüger
This project is being developed by Prof. Blömer's group at Uni Paderborn. For more information, ask me for a project description. The implementation, packed as a jar file, can be...
Some(tm) cryptographers prefer to implement cryptographic schemes in C(++). Extend the integration interface of #13 such that algorithms implemented in C(++) can be integrated as well. In particular, add a...
Each provider supports a certain number of algorithms in different configurations. Take [the Cipher class](https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJCEProvider) of the SunJCE Provider for instance (). If AES is taken as a cipher, only...
Whenever such a predicate is ensured SAST reports it as an error. One can supply forbidden predicates through the forbPreds command-line option. The option takes a txt file that specifies...
Extend CogniCrypt_SAST to take a list of packages that should be ignored during the analysis. These packages may contain test cases, come from libraries, or contain misuses not intended to...
The authors of [this paper](https://ieeexplore.ieee.org/document/7839783/) argue for the use of a Regulator pattern for cryptographic libraries. With a regular pattern, such a library could automatically update the algorithms it uses...
As of now, there are rules for the JCA. However, "the JCA" in its default configuration actually comes as a set of [individual providers](https://docs.oracle.com/javase/9/security/oracleproviders.htm#GUID-FE2D2E28-C991-4EF9-9DBE-2A4982726313). Create one project for each of...