From f5ab557a5d9515633209cf5a8486acc43df703c7 Mon Sep 17 00:00:00 2001 From: Isaac Elbaz Date: Fri, 26 Dec 2025 08:44:37 -0500 Subject: [PATCH 1/3] Const evals --- DESIGN.md | 52 +++++++ README.md | 4 +- .../go/crypto_comprehensive/expected.jsonl | 1 + fixtures/go/crypto_comprehensive/src/main.go | 6 + .../java/jca_comprehensive/expected.jsonl | 5 +- .../src/ComprehensiveTest.java | 6 + fixtures/openssl_c/rsa_keygen/expected.jsonl | 1 + fixtures/openssl_c/rsa_keygen/src/test.c | 3 + fixtures/php/openssl_aesgcm/expected.jsonl | 1 + fixtures/php/openssl_aesgcm/src/test.php | 4 + .../python/pyca_comprehensive/expected.jsonl | 1 + .../src/comprehensive_test.py | 6 + src/scan.rs | 142 +++++++++++++++++- 13 files changed, 225 insertions(+), 7 deletions(-) create mode 100644 DESIGN.md diff --git a/DESIGN.md b/DESIGN.md new file mode 100644 index 0000000..af1375f --- /dev/null +++ b/DESIGN.md @@ -0,0 +1,52 @@ +# Cipherscope Architecture + +## Overview +Cipherscope is a static analysis scanner designed to build a cryptographic inventory. It parses source files using Tree-sitter, matches library anchors and algorithm symbols, and emits JSONL findings that can be aggregated into an inventory. + +## Pipeline +```mermaid +flowchart TD + A[Discovery] --> B[Parsing] + B --> C[Library Anchoring] + C --> D[Algorithm Detection] + D --> E[JSONL Output] + + A --> A1[File walk + filters] + B --> B1[Tree-sitter AST] + C --> C1[Import/include anchors] + D --> D1[Symbol match + params] + D1 --> D2[Local constant resolution] + E --> E1[Library + algorithm assets] +``` + +## Data Model +- Library hit: name, file path, evidence location. +- Algorithm hit: name, file path, evidence location, metadata (e.g., key size, primitive). +- Output format is designed for tooling pipelines and inventory aggregation. + +### JSONL Schema (Informal) +```json +{ + "assetType": "library|algorithm", + "identifier": "string", + "path": "string", + "evidence": { + "line": 1, + "column": 1 + }, + "metadata": { + "primitive": "string", + "keySize": 256 + } +} +``` + +## Patterns and Extensibility +Patterns live in `patterns.toml`: +- Libraries define anchors and API regexes. +- Algorithms define symbol patterns and parameter extraction rules. +Adding a new library or algorithm usually only requires editing `patterns.toml`. + +## Scope and Limits +- Inventory-first: it focuses on discovering crypto usage and relevant metadata. +- Local constant resolution only; cross-file or full data-flow analysis is out of scope for now. diff --git a/README.md b/README.md index 805a077..9547ba3 100644 --- a/README.md +++ b/README.md @@ -6,12 +6,13 @@ [![CI](https://github.com/script3r/cipherscope/actions/workflows/ci.yml/badge.svg)](https://github.com/script3r/cipherscope/actions/workflows/ci.yml) -`cipherscope` is a high-performance, command-line tool for scanning source code to detect the usage of cryptographic libraries and algorithms. It uses language-aware static analysis powered by [Tree-sitter](https://tree-sitter.github.io/tree-sitter/) for high precision. +`cipherscope` is a high-performance, command-line tool for scanning source code to detect the usage of cryptographic libraries and algorithms. The goal is to enable building an efficient, comprehensive cryptographic inventory. It uses language-aware static analysis powered by [Tree-sitter](https://tree-sitter.github.io/tree-sitter/) for high precision. ## Key Features - **High Performance**: Parallelized scanning of large codebases. - **Language-Aware**: Uses Tree-sitter parsers to reduce false positives by understanding code structure. +- **Inventory-First**: Focused on assembling a reliable crypto usage inventory across large repos. - **Extensible Patterns**: Easily add new libraries and algorithms via a simple TOML configuration. - **Broad Language Support**: Currently supports C, C++, Java, Python, Go, Swift, PHP, Objective-C, and Rust. - **Developer Friendly**: JSONL output for easy integration with CI/CD pipelines and security tools. @@ -29,6 +30,7 @@ c. **Algorithm Detection**: If an anchor is found, the scanner performs a deeper search within that file for specific algorithm usage patterns, such as function calls and constants. All results are streamed as JSONL to the output, allowing for real-time monitoring and processing. +For a deeper architecture overview, see `DESIGN.md`. ## Installation diff --git a/fixtures/go/crypto_comprehensive/expected.jsonl b/fixtures/go/crypto_comprehensive/expected.jsonl index 49af131..b1dd349 100644 --- a/fixtures/go/crypto_comprehensive/expected.jsonl +++ b/fixtures/go/crypto_comprehensive/expected.jsonl @@ -143,3 +143,4 @@ {"assetType": "algorithm", "evidence": {"column": 18, "line": 271}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 6, "line": 276}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 403}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 2, "line": 462}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} diff --git a/fixtures/go/crypto_comprehensive/src/main.go b/fixtures/go/crypto_comprehensive/src/main.go index 1537743..7667690 100644 --- a/fixtures/go/crypto_comprehensive/src/main.go +++ b/fixtures/go/crypto_comprehensive/src/main.go @@ -455,3 +455,9 @@ func main() { aesKey192 := make([]byte, 24) // 192-bit key rand.Read(aesKey192) } + +const rsaKeySizeConst = 3072 + +func testRsaKeySizeConst() { + rsa.GenerateKey(rand.Reader, rsaKeySizeConst) +} diff --git a/fixtures/java/jca_comprehensive/expected.jsonl b/fixtures/java/jca_comprehensive/expected.jsonl index e67e611..bbb0829 100644 --- a/fixtures/java/jca_comprehensive/expected.jsonl +++ b/fixtures/java/jca_comprehensive/expected.jsonl @@ -68,10 +68,6 @@ {"assetType": "algorithm", "evidence": {"column": 32, "line": 88}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 35, "line": 127}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 201}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 34, "line": 12}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 17}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 22}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 27}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 25, "line": 27}, "identifier": "AES-ECB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 29, "line": 143}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 29, "line": 162}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} @@ -94,3 +90,4 @@ {"assetType": "algorithm", "evidence": {"column": 30, "line": 219}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 192}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 31, "line": 149}, "identifier": "SHA256withRSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 377}, "identifier": "AES", "metadata": {"keySize": 192, "primitive": "symmetric"}, "path": "FIXME"} diff --git a/fixtures/java/jca_comprehensive/src/ComprehensiveTest.java b/fixtures/java/jca_comprehensive/src/ComprehensiveTest.java index bd11b32..c41c13e 100644 --- a/fixtures/java/jca_comprehensive/src/ComprehensiveTest.java +++ b/fixtures/java/jca_comprehensive/src/ComprehensiveTest.java @@ -370,6 +370,12 @@ public static void testKdfAlgorithms() throws Exception { PBEKeySpec pbeSpec512 = new PBEKeySpec(password, salt, 10000, 256); SecretKey pbkdf2Sha512Key = pbkdf2Sha512.generateSecret(pbeSpec512); } + + private static final int AES_KEY_SIZE_CONST = 192; + + public static void testAesKeySizeConst() throws Exception { + KeyGenerator.getInstance("AES").init(AES_KEY_SIZE_CONST); + } public static void main(String[] args) throws Exception { testSymmetricCiphers(); diff --git a/fixtures/openssl_c/rsa_keygen/expected.jsonl b/fixtures/openssl_c/rsa_keygen/expected.jsonl index 977d280..85972d3 100644 --- a/fixtures/openssl_c/rsa_keygen/expected.jsonl +++ b/fixtures/openssl_c/rsa_keygen/expected.jsonl @@ -1,2 +1,3 @@ {"assetType": "library", "evidence": {"column": 1, "line": 2}, "identifier": "OpenSSL", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 79, "line": 3}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 94, "line": 6}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} diff --git a/fixtures/openssl_c/rsa_keygen/src/test.c b/fixtures/openssl_c/rsa_keygen/src/test.c index dd74654..310a406 100644 --- a/fixtures/openssl_c/rsa_keygen/src/test.c +++ b/fixtures/openssl_c/rsa_keygen/src/test.c @@ -1,3 +1,6 @@ #include #include int main(){ RSA *r = RSA_new(); BIGNUM *b = BN_new(); BN_set_word(b, RSA_F4); RSA_generate_key_ex(r, 2048, b, NULL); return 0; } + +const int RSA_KEY_SIZE_CONST = 3072; +void test_const_keysize(){ RSA *r = RSA_new(); BIGNUM *b = BN_new(); BN_set_word(b, RSA_F4); RSA_generate_key_ex(r, RSA_KEY_SIZE_CONST, b, NULL); } diff --git a/fixtures/php/openssl_aesgcm/expected.jsonl b/fixtures/php/openssl_aesgcm/expected.jsonl index ba2f33b..c07e6f0 100644 --- a/fixtures/php/openssl_aesgcm/expected.jsonl +++ b/fixtures/php/openssl_aesgcm/expected.jsonl @@ -1,2 +1,3 @@ {"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL (PHP)", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 15, "line": 7}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 11}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} diff --git a/fixtures/php/openssl_aesgcm/src/test.php b/fixtures/php/openssl_aesgcm/src/test.php index 70449c5..6ed03e5 100644 --- a/fixtures/php/openssl_aesgcm/src/test.php +++ b/fixtures/php/openssl_aesgcm/src/test.php @@ -6,3 +6,7 @@ $tag = ''; $ciphertext = openssl_encrypt($plaintext, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $iv, $tag); echo strlen($ciphertext); + +const AES_GCM_CIPHER = 'aes-128-gcm'; +$ciphertext2 = openssl_encrypt($plaintext, AES_GCM_CIPHER, $key, OPENSSL_RAW_DATA, $iv, $tag); +echo strlen($ciphertext2); diff --git a/fixtures/python/pyca_comprehensive/expected.jsonl b/fixtures/python/pyca_comprehensive/expected.jsonl index 5eb0b36..05a8a18 100644 --- a/fixtures/python/pyca_comprehensive/expected.jsonl +++ b/fixtures/python/pyca_comprehensive/expected.jsonl @@ -195,3 +195,4 @@ {"assetType": "algorithm", "evidence": {"column": 24, "line": 214}, "identifier": "X448", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 138}, "identifier": "SEED", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 139}, "identifier": "SEED", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 596}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} diff --git a/fixtures/python/pyca_comprehensive/src/comprehensive_test.py b/fixtures/python/pyca_comprehensive/src/comprehensive_test.py index 5d7b801..eb93344 100644 --- a/fixtures/python/pyca_comprehensive/src/comprehensive_test.py +++ b/fixtures/python/pyca_comprehensive/src/comprehensive_test.py @@ -588,3 +588,9 @@ def test_kdf_algorithms(): test_mac_algorithms() test_kdf_algorithms() print("All cryptography tests completed") + +RSA_KEY_SIZE_CONST = 3072 + + +def test_rsa_key_size_const(): + rsa.generate_private_key(public_exponent=65537, key_size=RSA_KEY_SIZE_CONST) diff --git a/src/scan.rs b/src/scan.rs index ff72cc7..7e8fa66 100644 --- a/src/scan.rs +++ b/src/scan.rs @@ -1,5 +1,6 @@ use ahash::{AHashMap as HashMap, AHashSet as HashSet}; use anyhow::{Context, Result}; +use regex::Regex; use tree_sitter::{Language as TsLanguage, Node, Parser, Point, Tree}; use crate::patterns::{Language, ParameterPattern, PatternSet}; @@ -156,12 +157,23 @@ pub fn find_algorithms<'a>( let Some(lib) = patterns.libraries.iter().find(|l| l.name == library_name) else { return result; }; + let constants = collect_constants(lang, content); // Collect raw hits let mut hits_by_alg: HashMap<&str, Vec<(AlgorithmHit<'a>, bool)>> = HashMap::new(); for node in code_symbol_nodes(lang, tree.root_node()) { let text = node.utf8_text(content.as_bytes()).unwrap_or(""); + let resolved_text = if constants.is_empty() { + None + } else { + Some(replace_constants(text, &constants)) + }; + let match_text = resolved_text.as_deref().unwrap_or(text); for alg in &lib.algorithms { - if alg.symbol_regexes.iter().any(|re| re.is_match(text)) { + if alg + .symbol_regexes + .iter() + .any(|re| re.is_match(text) || re.is_match(match_text)) + { let mut metadata = HashMap::new(); // Add primitive if present if let Some(primitive) = &alg.primitive { @@ -169,7 +181,8 @@ pub fn find_algorithms<'a>( } let mut had_param_capture = false; for pp in &alg.parameter_patterns { - if let Some(val) = extract_parameter(pp, text) { + let source_text = match_text; + if let Some(val) = extract_parameter(pp, source_text) { metadata.insert(pp.name.as_str(), val); had_param_capture = true; } else if let Some(default_val) = &pp.default_value { @@ -277,6 +290,131 @@ fn extract_parameter(pp: &ParameterPattern, text: &str) -> Option HashMap { + let mut constants = HashMap::new(); + let patterns: &[&str] = match lang { + Language::C | Language::Cpp | Language::Objc => &[ + r"(?m)^\s*#\s*define\s+([A-Za-z_][A-Za-z0-9_]*)\s+([^\n]+)$", + r"(?m)^\s*(?:static\s+)?const\s+[^=;]+?\b([A-Za-z_][A-Za-z0-9_]*)\s*=\s*([^;]+);", + ], + Language::Java => &[ + r"(?m)^\s*(?:public|private|protected)?\s*(?:static\s+)?final\s+(?:int|long|String)\s+([A-Za-z_][A-Za-z0-9_]*)\s*=\s*([^;]+);", + ], + Language::Go => &[r"(?m)^\s*const\s+([A-Za-z_][A-Za-z0-9_]*)\s*=\s*([^\n]+)$"], + Language::Python => &[ + r"(?m)^\s*([A-Z_][A-Z0-9_]*)\s*=\s*([^#\n]+)", + ], + Language::Php => &[ + r"(?m)^\s*const\s+([A-Z_][A-Z0-9_]*)\s*=\s*([^;]+);", + r#"define\(\s*['"]([A-Z_][A-Z0-9_]*)['"]\s*,\s*([^)]+)\)"#, + ], + Language::Rust => &[ + r"(?m)^\s*const\s+([A-Za-z_][A-Za-z0-9_]*)\s*:[^=]+=\s*([^;]+);", + ], + _ => &[], + }; + + for pattern in patterns { + let re = Regex::new(pattern).expect("valid regex"); + for caps in re.captures_iter(content) { + let Some(name) = caps.get(1).map(|m| m.as_str()) else { + continue; + }; + let Some(raw_value) = caps.get(2).map(|m| m.as_str()) else { + continue; + }; + if let Some(value) = normalize_const_value(raw_value) { + constants.insert(name.to_string(), value); + } + } + } + + constants +} + +fn normalize_const_value(raw: &str) -> Option { + let mut value = raw.trim(); + if let Some((before, _)) = value.split_once("//") { + value = before.trim(); + } + if let Some((before, _)) = value.split_once("/*") { + value = before.trim(); + } + value = value.trim_end_matches(';').trim_end_matches(',').trim(); + while value.starts_with('(') && value.ends_with(')') && value.len() > 2 { + value = value[1..value.len() - 1].trim(); + } + if value.is_empty() { + return None; + } + if value.starts_with('"') || value.starts_with('\'') { + return Some(value.to_string()); + } + + let mut digits = String::new(); + for ch in value.chars() { + if ch.is_ascii_digit() { + digits.push(ch); + } else { + break; + } + } + if !digits.is_empty() { + let suffix = value[digits.len()..].trim(); + if suffix.is_empty() || suffix.chars().all(|c| c.is_ascii_alphabetic()) { + return Some(digits); + } + } + + if is_identifier(value) { + return Some(value.to_string()); + } + + None +} + +fn is_identifier(value: &str) -> bool { + let mut chars = value.chars(); + let Some(first) = chars.next() else { + return false; + }; + if !(first == '_' || first.is_ascii_alphabetic()) { + return false; + } + chars.all(|c| c == '_' || c.is_ascii_alphanumeric()) +} + +fn replace_constants(text: &str, constants: &HashMap) -> String { + if constants.is_empty() { + return text.to_string(); + } + + let mut resolved = String::with_capacity(text.len()); + let mut token = String::new(); + let flush_token = |token: &mut String, resolved: &mut String| { + if token.is_empty() { + return; + } + if let Some(value) = constants.get(token) { + resolved.push_str(value); + } else { + resolved.push_str(token); + } + token.clear(); + }; + + for ch in text.chars() { + if ch == '_' || ch.is_ascii_alphanumeric() { + token.push(ch); + } else { + flush_token(&mut token, &mut resolved); + resolved.push(ch); + } + } + flush_token(&mut token, &mut resolved); + resolved +} + fn import_like_nodes<'a>(lang: Language, root: Node<'a>) -> Vec> { let mut nodes = Vec::new(); let mut stack = vec![root]; From 6c099ed4a34cd07631318d319c16c18d4af9186d Mon Sep 17 00:00:00 2001 From: Isaac Elbaz Date: Fri, 26 Dec 2025 09:01:40 -0500 Subject: [PATCH 2/3] Dedup specificity --- DESIGN.md | 8 + .../libsodium_comprehensive/expected.jsonl | 98 +++--- .../cpp/mbedtls_comprehensive/expected.jsonl | 201 +++++------ .../cpp/openssl_comprehensive/expected.jsonl | 62 ++-- fixtures/cpp/tink_aesgcm/expected.jsonl | 2 +- .../go/crypto_comprehensive/expected.jsonl | 235 ++++++------ fixtures/go/std_aesgcm/expected.jsonl | 5 +- fixtures/go/tink_aesgcm/expected.jsonl | 8 +- fixtures/java/jca_aesgcm/expected.jsonl | 5 +- .../java/jca_comprehensive/expected.jsonl | 146 ++++---- fixtures/java/tink_aesgcm/expected.jsonl | 4 +- fixtures/objc/commoncrypto_aes/expected.jsonl | 2 +- .../commoncrypto_comprehensive/expected.jsonl | 137 +++---- fixtures/objc/tink_aesgcm/expected.jsonl | 2 +- .../objc/tink_comprehensive/expected.jsonl | 22 +- fixtures/openssl_c/aes_gcm/expected.jsonl | 2 +- fixtures/openssl_c/ecdsa_p384/expected.jsonl | 3 +- fixtures/openssl_c/rsa_keygen/expected.jsonl | 2 +- fixtures/openssl_c/sha256/expected.jsonl | 2 +- fixtures/php/openssl_aesgcm/expected.jsonl | 2 +- fixtures/python/pyca_aesgcm/expected.jsonl | 4 +- .../python/pyca_comprehensive/expected.jsonl | 333 +++++++++--------- fixtures/python/tink_aesgcm/expected.jsonl | 4 +- .../swift/cryptokit_aesgcm/expected.jsonl | 2 +- .../cryptokit_comprehensive/expected.jsonl | 52 +-- src/scan.rs | 69 +++- 26 files changed, 720 insertions(+), 692 deletions(-) diff --git a/DESIGN.md b/DESIGN.md index af1375f..d9ba773 100644 --- a/DESIGN.md +++ b/DESIGN.md @@ -41,6 +41,14 @@ flowchart TD } ``` +## Dedupe Policy +To reduce overcounting on a single callsite, Cipherscope applies a simple same-line dedupe rule after matching: +- If two algorithms share the same `primitive` and line, drop the generic identifier when a more specific variant is present. +- A more specific identifier is one that either: + - starts with the generic identifier plus a `-` (e.g., `AES-GCM` over `AES`), or + - shares the same non-numeric tokens but adds numeric detail (e.g., `ECDSA-P256` over `ECDSA`). +- Different primitives on the same line are kept. + ## Patterns and Extensibility Patterns live in `patterns.toml`: - Libraries define anchors and API regexes. diff --git a/fixtures/cpp/libsodium_comprehensive/expected.jsonl b/fixtures/cpp/libsodium_comprehensive/expected.jsonl index 8087bad..859dc6c 100644 --- a/fixtures/cpp/libsodium_comprehensive/expected.jsonl +++ b/fixtures/cpp/libsodium_comprehensive/expected.jsonl @@ -1,14 +1,26 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "libsodium", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 208}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 212}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 213}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 214}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 184}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 253}, "identifier": "HMAC-SHA512-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 115}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 115}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 119}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 122}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 130}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 130}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 133}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 133}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 13}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 141}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 142}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 146}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 150}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 159}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 164}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 171}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 176}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 17}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 181}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 184}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 187}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 188}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 189}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} @@ -17,47 +29,12 @@ {"assetType": "algorithm", "evidence": {"column": 5, "line": 202}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 203}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 204}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 287}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 288}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 289}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 293}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 294}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 295}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 273}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 274}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 275}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 279}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 280}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 281}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 249}, "identifier": "HMAC-SHA512-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 252}, "identifier": "HMAC-SHA512-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 253}, "identifier": "HMAC-SHA512-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 13}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 17}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 21}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 24}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 25}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 115}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 130}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 133}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 259}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 260}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 261}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 265}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 266}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 267}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 115}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 119}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 122}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 130}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 133}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 141}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 142}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 146}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 150}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 208}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 212}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 213}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 214}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 218}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 21}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 224}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 230}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 231}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} @@ -66,11 +43,36 @@ {"assetType": "algorithm", "evidence": {"column": 5, "line": 239}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 240}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 241}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 249}, "identifier": "HMAC-SHA512-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 24}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 252}, "identifier": "HMAC-SHA512-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 259}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 25}, "identifier": "XSalsa20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 260}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 261}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 265}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 266}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 267}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 273}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 274}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 275}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 279}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 280}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 281}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 287}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 288}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 289}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 293}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 294}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 295}, "identifier": "Poly1305", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 301}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 302}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 308}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 309}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 310}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 37}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 40}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 49}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 87}, "identifier": "XChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 90}, "identifier": "XChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 97}, "identifier": "XChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} @@ -78,6 +80,4 @@ {"assetType": "algorithm", "evidence": {"column": 9, "line": 63}, "identifier": "AES-256-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 66}, "identifier": "AES-256-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 73}, "identifier": "AES-256-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 37}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 40}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 49}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "libsodium", "path": "FIXME"} diff --git a/fixtures/cpp/mbedtls_comprehensive/expected.jsonl b/fixtures/cpp/mbedtls_comprehensive/expected.jsonl index 4e2d50e..89581d4 100644 --- a/fixtures/cpp/mbedtls_comprehensive/expected.jsonl +++ b/fixtures/cpp/mbedtls_comprehensive/expected.jsonl @@ -1,135 +1,128 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 29}, "identifier": "MbedTLS", "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 15, "line": 421}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 15, "line": 480}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 15, "line": 484}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 97}, "identifier": "AES-CFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 40, "line": 441}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 48, "line": 88}, "identifier": "AES-OFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 106}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 107}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 108}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 115}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 116}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 121}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 122}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 123}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 352}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 353}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 359}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 319}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 320}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 326}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 200}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 436}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 445}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 128}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 129}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 130}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 133}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 134}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 139}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 140}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 141}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 144}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 145}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 151}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 152}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 153}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 158}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 159}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 160}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 106}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 107}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 108}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 66}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 67}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 68}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 72}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 73}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 253}, "identifier": "secp256k1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 341}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 342}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 348}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 481}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 485}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 491}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 492}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 493}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 385}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 396}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 397}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 403}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 15, "line": 484}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 386}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 392}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 397}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 407}, "identifier": "RIPEMD-160", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 408}, "identifier": "RIPEMD-160", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 414}, "identifier": "RIPEMD-160", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 241}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 180}, "identifier": "RSA", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 180}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 181}, "identifier": "RSA", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 206}, "identifier": "RSA", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 186}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 190}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 190}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 191}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 196}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 196}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 200}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 200}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 206}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 207}, "identifier": "RSA", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 115}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 116}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 48, "line": 88}, "identifier": "AES-OFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 48}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 52}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 214}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 217}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 217}, "identifier": "ECDSA-P192", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 219}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 219}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 225}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 226}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 226}, "identifier": "ECDSA-P224", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 231}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 232}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 232}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 234}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 234}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 240}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 241}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 241}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 246}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 247}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 247}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 252}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 253}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 97}, "identifier": "AES-CFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 180}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 186}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 196}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 206}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 190}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 196}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 200}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 219}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 234}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 253}, "identifier": "secp256k1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 259}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 260}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 261}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 266}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 271}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 272}, "identifier": "Curve25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 273}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 278}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 279}, "identifier": "Curve448", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 280}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 286}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 296}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 300}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 302}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 319}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 320}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 326}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 330}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 331}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 337}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 341}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 342}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 348}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 352}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 353}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 359}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 363}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 364}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 370}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 374}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 375}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 381}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 15, "line": 421}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 40, "line": 441}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 15, "line": 480}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 385}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 386}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 392}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 396}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 397}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 397}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 403}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 407}, "identifier": "RIPEMD-160", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 408}, "identifier": "RIPEMD-160", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 414}, "identifier": "RIPEMD-160", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 436}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 445}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 455}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 462}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 466}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 139}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 140}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 141}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 144}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 145}, "identifier": "ARIA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 128}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 129}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 130}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 133}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 134}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 364}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 370}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 272}, "identifier": "Curve25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 279}, "identifier": "Curve448", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 217}, "identifier": "ECDSA-P192", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 190}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 191}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 58}, "identifier": "AES-CTR", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 286}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 296}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 300}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 302}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 232}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 260}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 46}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 47}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 481}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 485}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 48}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 491}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 492}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 493}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 51}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 52}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 58}, "identifier": "AES-CTR", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 61}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 66}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 67}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 68}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 72}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 73}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 79}, "identifier": "AES-CCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 80}, "identifier": "AES-CCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 81}, "identifier": "AES-CCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 259}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 261}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 266}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 271}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 273}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 278}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 280}, "identifier": "ECDH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 247}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 330}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 331}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 337}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 151}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 152}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 153}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 226}, "identifier": "ECDSA-P224", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 29}, "identifier": "MbedTLS", "path": "FIXME"} diff --git a/fixtures/cpp/openssl_comprehensive/expected.jsonl b/fixtures/cpp/openssl_comprehensive/expected.jsonl index 0394e9f..868f7d1 100644 --- a/fixtures/cpp/openssl_comprehensive/expected.jsonl +++ b/fixtures/cpp/openssl_comprehensive/expected.jsonl @@ -1,42 +1,40 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 19}, "identifier": "OpenSSL", "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 137}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 72}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 80}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 88}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 238}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 227}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 106}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 122}, "identifier": "DH", "metadata": {"keySize": 2048, "primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 158}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 163}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 168}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 173}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 178}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 51}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 59}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 35}, "identifier": "AES-GCM", "metadata": {"keySize": 128, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 40}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 29}, "identifier": "AES-CBC", "metadata": {"keySize": 128, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 32}, "identifier": "AES-CBC", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 183}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 188}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 193}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 198}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 203}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 208}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 213}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 226}, "identifier": "PBKDF2", "metadata": {"iterations": 10000, "primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 158}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 163}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 137}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 29}, "identifier": "AES", "metadata": {"keySize": 128, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 32}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 226}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 234}, "identifier": "Scrypt", "metadata": {"N": 16384, "primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 238}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 239}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 240}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 173}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 106}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 62}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 198}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 183}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 168}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 226}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 227}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 240}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 98}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 188}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 203}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 72}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 80}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 88}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 29}, "identifier": "AES-CBC", "metadata": {"keySize": 128, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 32}, "identifier": "AES-CBC", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 35}, "identifier": "AES-GCM", "metadata": {"keySize": 128, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 40}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 45}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 122}, "identifier": "DH", "metadata": {"keySize": 2048, "primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 213}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 114}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 54}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 208}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 45}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 48}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 51}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 54}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 59}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 62}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 98}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 19}, "identifier": "OpenSSL", "path": "FIXME"} diff --git a/fixtures/cpp/tink_aesgcm/expected.jsonl b/fixtures/cpp/tink_aesgcm/expected.jsonl index f8dcf93..aaee664 100644 --- a/fixtures/cpp/tink_aesgcm/expected.jsonl +++ b/fixtures/cpp/tink_aesgcm/expected.jsonl @@ -1,3 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Google Tink (C++)", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 25}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 26}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Google Tink (C++)", "path": "FIXME"} diff --git a/fixtures/go/crypto_comprehensive/expected.jsonl b/fixtures/go/crypto_comprehensive/expected.jsonl index b1dd349..e0375e3 100644 --- a/fixtures/go/crypto_comprehensive/expected.jsonl +++ b/fixtures/go/crypto_comprehensive/expected.jsonl @@ -1,146 +1,139 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Go std crypto", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 207}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 212}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 334}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 388}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 44}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 10, "line": 46}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 51}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 52}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 56}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 62}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 66}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 71}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 10, "line": 46}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 11, "line": 350}, "identifier": "scrypt", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 11, "line": 353}, "identifier": "scrypt", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 11, "line": 72}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 76}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 11, "line": 72}, "identifier": "AES-OFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 11, "line": 77}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 84}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 91}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 44}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 11, "line": 77}, "identifier": "AES-CFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 132}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 153}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 52}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 52}, "identifier": "AES-CTR", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 57}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 106}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 106}, "identifier": "ChaCha20Poly1305", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 143}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 199}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 357}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 357}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 362}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 362}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 383}, "identifier": "HMAC-MD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 383}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 414}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 13, "line": 51}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 13, "line": 56}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 57}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 62}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 63}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 66}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 67}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 13, "line": 71}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 13, "line": 76}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 84}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 13, "line": 84}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 111}, "identifier": "ChaCha20Poly1305", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 111}, "identifier": "XChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 207}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 388}, "identifier": "HMAC-SHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 388}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 44}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 63}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 67}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 91}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 91}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 16, "line": 215}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 220}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 215}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 223}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 231}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 231}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 239}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 368}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 368}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 393}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 393}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 398}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 398}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 62}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 66}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 129}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 129}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 137}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 148}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 158}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 172}, "identifier": "ECDH-P256", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 177}, "identifier": "ECDH-P384", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 182}, "identifier": "ECDH-P521", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 82}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 125}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 128}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 128}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 133}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 263}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 271}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 279}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 287}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 373}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 373}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 403}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 90}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 90}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 96}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 393}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 120}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 121}, "identifier": "RSA", "metadata": {"keySize": 4096, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 414}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 199}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 204}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 383}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 82}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 90}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 231}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 239}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 244}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 124}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 187}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 301}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 320}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 2, "line": 462}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 20, "line": 247}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 252}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 20, "line": 247}, "identifier": "SHA-512/224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 20, "line": 255}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 260}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 8, "line": 340}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 362}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 398}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 231}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 236}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 20, "line": 255}, "identifier": "SHA-512/256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 20, "line": 295}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 20, "line": 315}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 142}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 143}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 142}, "identifier": "ECDSA-P224", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 147}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 148}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 147}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 152}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 153}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 152}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 157}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 158}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 128}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 129}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 132}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 215}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 223}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 228}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 8, "line": 337}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 357}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 367}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 368}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 373}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 393}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 444}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "golang.org/x/crypto", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 111}, "identifier": "XChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 334}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 8, "line": 337}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 8, "line": 340}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 8, "line": 344}, "identifier": "Argon2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 8, "line": 347}, "identifier": "Argon2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 106}, "identifier": "ChaCha20Poly1305", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 111}, "identifier": "ChaCha20Poly1305", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 398}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 383}, "identifier": "HMAC-MD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 20, "line": 247}, "identifier": "SHA-512/224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 252}, "identifier": "SHA-512/224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 124}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 125}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 137}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 138}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 102}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 10, "line": 46}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 84}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 91}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 52}, "identifier": "AES-CTR", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 106}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 157}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 279}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 284}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 287}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 292}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 20, "line": 255}, "identifier": "SHA-512/256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 260}, "identifier": "SHA-512/256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 177}, "identifier": "ECDH-P384", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 173}, "identifier": "ECDH-P256", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 178}, "identifier": "ECDH-P384", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 20, "line": 295}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 301}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 306}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 311}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 312}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 11, "line": 350}, "identifier": "scrypt", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 11, "line": 353}, "identifier": "scrypt", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 147}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 263}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 268}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 142}, "identifier": "ECDSA-P224", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 11, "line": 77}, "identifier": "AES-CFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 182}, "identifier": "ECDH-P521", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 183}, "identifier": "ECDH-P521", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 11, "line": 72}, "identifier": "AES-OFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 172}, "identifier": "ECDH-P256", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 173}, "identifier": "ECDH-P256", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 388}, "identifier": "HMAC-SHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 133}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 134}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 44, "line": 162}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 367}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 22, "line": 163}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 102}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 188}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 306}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 44, "line": 162}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 134}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 138}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 6, "line": 164}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 6, "line": 168}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 128}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 129}, "identifier": "RSA-OAEP", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 20, "line": 315}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 320}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 6, "line": 325}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 357}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 13, "line": 362}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 368}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 373}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 187}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 188}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 152}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 271}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 204}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 212}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 220}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 228}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 236}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 244}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 252}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 252}, "identifier": "SHA-512/224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 260}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 260}, "identifier": "SHA-512/256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 268}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 6, "line": 276}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 403}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 2, "line": 462}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 284}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 292}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 311}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 312}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 325}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 6, "line": 444}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 8, "line": 337}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 8, "line": 337}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 8, "line": 340}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 8, "line": 340}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 8, "line": 344}, "identifier": "Argon2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 8, "line": 347}, "identifier": "Argon2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 334}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 334}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Go std crypto", "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "golang.org/x/crypto", "path": "FIXME"} diff --git a/fixtures/go/std_aesgcm/expected.jsonl b/fixtures/go/std_aesgcm/expected.jsonl index 50b14a3..a65f78a 100644 --- a/fixtures/go/std_aesgcm/expected.jsonl +++ b/fixtures/go/std_aesgcm/expected.jsonl @@ -1,4 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Go std crypto", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 13}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 12, "line": 14}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 13}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 13}, "identifier": "AES-GCM", "metadata": {"keySize": 32, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Go std crypto", "path": "FIXME"} diff --git a/fixtures/go/tink_aesgcm/expected.jsonl b/fixtures/go/tink_aesgcm/expected.jsonl index 0a1e6fc..9d29ac5 100644 --- a/fixtures/go/tink_aesgcm/expected.jsonl +++ b/fixtures/go/tink_aesgcm/expected.jsonl @@ -1,6 +1,6 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Google Tink (Go)", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 20, "line": 48}, "identifier": "AES-CTR-HMAC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 58}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 12, "line": 76}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 13, "line": 21}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 20, "line": 48}, "identifier": "AES-CTR-HMAC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 21, "line": 72}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 12, "line": 76}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 58}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Google Tink (Go)", "path": "FIXME"} diff --git a/fixtures/java/jca_aesgcm/expected.jsonl b/fixtures/java/jca_aesgcm/expected.jsonl index 31f8541..70b6e88 100644 --- a/fixtures/java/jca_aesgcm/expected.jsonl +++ b/fixtures/java/jca_aesgcm/expected.jsonl @@ -1,4 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Java JCA/JCE", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 9}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 15}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 25, "line": 15}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 9}, "identifier": "AES", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Java JCA/JCE", "path": "FIXME"} diff --git a/fixtures/java/jca_comprehensive/expected.jsonl b/fixtures/java/jca_comprehensive/expected.jsonl index bbb0829..bd05052 100644 --- a/fixtures/java/jca_comprehensive/expected.jsonl +++ b/fixtures/java/jca_comprehensive/expected.jsonl @@ -1,93 +1,93 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Java JCA/JCE", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 136}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 35, "line": 120}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 35, "line": 131}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 162}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 31, "line": 168}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 175}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 185}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 195}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 51}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 43, "line": 339}, "identifier": "HmacSHA3-384", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 341}, "identifier": "HmacSHA3-384", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 34, "line": 274}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 31, "line": 155}, "identifier": "SHA512withRSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 22, "line": 33}, "identifier": "DES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 22}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 17}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 38, "line": 283}, "identifier": "HmacMD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 22, "line": 51}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 22, "line": 57}, "identifier": "RC2", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 23, "line": 285}, "identifier": "HmacMD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 39, "line": 359}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 41, "line": 364}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 41, "line": 369}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 41, "line": 311}, "identifier": "HmacSHA384", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 292}, "identifier": "HmacSHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 17}, "identifier": "AES-CBC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 22}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 27}, "identifier": "AES-ECB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 39}, "identifier": "3DES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 299}, "identifier": "HmacSHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 306}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 26, "line": 313}, "identifier": "HmacSHA384", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 41, "line": 318}, "identifier": "HmacSHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 26, "line": 320}, "identifier": "HmacSHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 39, "line": 207}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 32, "line": 210}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 84}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 84}, "identifier": "RSA-Cipher", "metadata": {"primitive": "pke"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 45}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 63}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 80}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 80}, "identifier": "RSA-Cipher", "metadata": {"primitive": "pke"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 201}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 201}, "identifier": "RSASSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 327}, "identifier": "HmacSHA3-224", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 334}, "identifier": "HmacSHA3-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 341}, "identifier": "HmacSHA3-384", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 348}, "identifier": "HmacSHA3-512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 143}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 143}, "identifier": "SHA1withRSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 162}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 162}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 29, "line": 162}, "identifier": "SHA1withDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 229}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 219}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 234}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 31, "line": 149}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 31, "line": 149}, "identifier": "SHA256withRSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 31, "line": 155}, "identifier": "SHA512withRSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 31, "line": 168}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 31, "line": 168}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 175}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 31, "line": 168}, "identifier": "SHA256withDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 32, "line": 210}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 32, "line": 239}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 32, "line": 244}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 80}, "identifier": "RSA-Cipher", "metadata": {"primitive": "pke"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 84}, "identifier": "RSA-Cipher", "metadata": {"primitive": "pke"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 32, "line": 249}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 32, "line": 254}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 32, "line": 88}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 32, "line": 88}, "identifier": "RSA-Cipher", "metadata": {"primitive": "pke"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 39}, "identifier": "3DES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 37, "line": 93}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 37, "line": 99}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 37, "line": 105}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 34, "line": 135}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 175}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 175}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 37, "line": 181}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 175}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 175}, "identifier": "SHA256withECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 185}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 185}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 37, "line": 191}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 185}, "identifier": "SHA384withECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 195}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 195}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 195}, "identifier": "SHA512withECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 185}, "identifier": "SHA384withECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 41, "line": 297}, "identifier": "HmacSHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 299}, "identifier": "HmacSHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 34, "line": 264}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 32, "line": 254}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 229}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 175}, "identifier": "SHA256withECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 31, "line": 168}, "identifier": "SHA256withDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 143}, "identifier": "SHA1withRSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 34, "line": 111}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 34, "line": 135}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 34, "line": 259}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 34, "line": 264}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 34, "line": 269}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 34, "line": 274}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 34, "line": 55}, "identifier": "RC2", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 35, "line": 116}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 306}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 45}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 43, "line": 332}, "identifier": "HmacSHA3-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 334}, "identifier": "HmacSHA3-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 43, "line": 325}, "identifier": "HmacSHA3-224", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 327}, "identifier": "HmacSHA3-224", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 35, "line": 75}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 80}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 84}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 32, "line": 88}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 35, "line": 120}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 35, "line": 127}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 201}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 27}, "identifier": "AES-ECB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 143}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 162}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 234}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 63}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 32, "line": 239}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 43, "line": 346}, "identifier": "HmacSHA3-512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 348}, "identifier": "HmacSHA3-512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 201}, "identifier": "RSASSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 182}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 32, "line": 249}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 34, "line": 55}, "identifier": "RC2", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 57}, "identifier": "RC2", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 35, "line": 131}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 35, "line": 68}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 34, "line": 269}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 39, "line": 290}, "identifier": "HmacSHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 292}, "identifier": "HmacSHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 34, "line": 259}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 35, "line": 75}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 37, "line": 105}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 37, "line": 181}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 37, "line": 191}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 37, "line": 216}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 219}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 37, "line": 93}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 37, "line": 99}, "identifier": "ECDSA", "metadata": {"curve": "P-256", "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 38, "line": 283}, "identifier": "HmacMD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 39, "line": 207}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 39, "line": 290}, "identifier": "HmacSHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 39, "line": 359}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 41, "line": 297}, "identifier": "HmacSHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 41, "line": 311}, "identifier": "HmacSHA384", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 41, "line": 318}, "identifier": "HmacSHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 41, "line": 364}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 41, "line": 369}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 43, "line": 325}, "identifier": "HmacSHA3-224", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 43, "line": 332}, "identifier": "HmacSHA3-256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 43, "line": 339}, "identifier": "HmacSHA3-384", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 43, "line": 346}, "identifier": "HmacSHA3-512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 136}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 182}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 192}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 31, "line": 149}, "identifier": "SHA256withRSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 377}, "identifier": "AES", "metadata": {"keySize": 192, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Java JCA/JCE", "path": "FIXME"} diff --git a/fixtures/java/tink_aesgcm/expected.jsonl b/fixtures/java/tink_aesgcm/expected.jsonl index 7a7c448..94c735c 100644 --- a/fixtures/java/tink_aesgcm/expected.jsonl +++ b/fixtures/java/tink_aesgcm/expected.jsonl @@ -1,3 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Java JCA/JCE", "path": "FIXME"} -{"assetType": "library", "evidence": {"column": 1, "line": 4}, "identifier": "Google Tink (Java)", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 37, "line": 13}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 4}, "identifier": "Google Tink (Java)", "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 5}, "identifier": "Java JCA/JCE", "path": "FIXME"} diff --git a/fixtures/objc/commoncrypto_aes/expected.jsonl b/fixtures/objc/commoncrypto_aes/expected.jsonl index 87edf31..e59d9bb 100644 --- a/fixtures/objc/commoncrypto_aes/expected.jsonl +++ b/fixtures/objc/commoncrypto_aes/expected.jsonl @@ -1,2 +1,2 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 2}, "identifier": "CommonCrypto (Objective-C)", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 30, "line": 12}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 2}, "identifier": "CommonCrypto (Objective-C)", "path": "FIXME"} diff --git a/fixtures/objc/commoncrypto_comprehensive/expected.jsonl b/fixtures/objc/commoncrypto_comprehensive/expected.jsonl index 03242b9..149b9f9 100644 --- a/fixtures/objc/commoncrypto_comprehensive/expected.jsonl +++ b/fixtures/objc/commoncrypto_comprehensive/expected.jsonl @@ -1,113 +1,92 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 6}, "identifier": "CommonCrypto (Objective-C)", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 59}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 128}, "identifier": "AES-CTR", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 180}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 184}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 185}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 186}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 120}, "identifier": "AES-CFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 22}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 28}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 257}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 177}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 105}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 105}, "identifier": "AES-ECB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 111}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 120}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 120}, "identifier": "AES-CFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 128}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 128}, "identifier": "AES-CTR", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 136}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 136}, "identifier": "AES-OFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 144}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 157}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 164}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 164}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 167}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 170}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 180}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 184}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 185}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 186}, "identifier": "MD2", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 189}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 193}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 194}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 195}, "identifier": "MD4", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 207}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 211}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 212}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 213}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 82}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 74}, "identifier": "RC2", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 198}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 202}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 203}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 204}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 90}, "identifier": "CAST5", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 278}, "identifier": "HMAC-SHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 282}, "identifier": "HMAC-SHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 321}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 327}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 333}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 339}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 345}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 355}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 177}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 243}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 247}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 248}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 249}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 257}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 305}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 309}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 66}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 144}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 22}, "identifier": "AES-ECB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 105}, "identifier": "AES-ECB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 207}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 211}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 212}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 213}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 216}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 220}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 221}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 222}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 260}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 264}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 225}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 229}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 22}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 22}, "identifier": "AES-ECB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 230}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 231}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 234}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 238}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 239}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 240}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 243}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 247}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 248}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 249}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 260}, "identifier": "HMAC-MD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 264}, "identifier": "HMAC-MD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 265}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 266}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 269}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 273}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 269}, "identifier": "HMAC-SHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 273}, "identifier": "HMAC-SHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 274}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 275}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 278}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 282}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 278}, "identifier": "HMAC-SHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 282}, "identifier": "HMAC-SHA224", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 283}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 284}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 287}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 291}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 287}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 28}, "identifier": "AES-128", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 291}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 292}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 293}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 296}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 300}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 296}, "identifier": "HMAC-SHA384", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 300}, "identifier": "HMAC-SHA384", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 301}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 302}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 305}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 309}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 305}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 309}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 310}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 311}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 296}, "identifier": "HMAC-SHA384", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 300}, "identifier": "HMAC-SHA384", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 260}, "identifier": "HMAC-MD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 264}, "identifier": "HMAC-MD5", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 234}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 238}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 239}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 240}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 269}, "identifier": "HMAC-SHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 273}, "identifier": "HMAC-SHA1", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 22}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 28}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 321}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 327}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 333}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 339}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 345}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 34}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 355}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 40}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 46}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 105}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 111}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 120}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 128}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 136}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 157}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 164}, "identifier": "AES", "metadata": {"mode": "CBC", "primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 136}, "identifier": "AES-OFB", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 157}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 164}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 167}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 170}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 5, "line": 53}, "identifier": "DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 225}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 229}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 230}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 231}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 287}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 291}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 59}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 66}, "identifier": "RC4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 74}, "identifier": "RC2", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 82}, "identifier": "Blowfish", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 90}, "identifier": "CAST5", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 6}, "identifier": "CommonCrypto (Objective-C)", "path": "FIXME"} diff --git a/fixtures/objc/tink_aesgcm/expected.jsonl b/fixtures/objc/tink_aesgcm/expected.jsonl index 395e3ce..17bf85c 100644 --- a/fixtures/objc/tink_aesgcm/expected.jsonl +++ b/fixtures/objc/tink_aesgcm/expected.jsonl @@ -1,2 +1,2 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 6}, "identifier": "Google Tink (Objective-C)", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 20}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 6}, "identifier": "Google Tink (Objective-C)", "path": "FIXME"} diff --git a/fixtures/objc/tink_comprehensive/expected.jsonl b/fixtures/objc/tink_comprehensive/expected.jsonl index 583ab10..fc04810 100644 --- a/fixtures/objc/tink_comprehensive/expected.jsonl +++ b/fixtures/objc/tink_comprehensive/expected.jsonl @@ -1,17 +1,17 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 10}, "identifier": "Google Tink (Objective-C)", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 74}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 70}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 88}, "identifier": "HPKE", "metadata": {"primitive": "hybrid"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 87}, "identifier": "ECIES-P256-HKDF", "metadata": {"primitive": "hybrid"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 26}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 42}, "identifier": "XChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 82}, "identifier": "RSA-SSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 78}, "identifier": "RSA-SSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 30}, "identifier": "AES-EAX", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 34}, "identifier": "AES-CTR-HMAC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 38}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 42}, "identifier": "XChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 46}, "identifier": "AES-GCM-SIV", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 52}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 56}, "identifier": "HMAC-SHA256", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 34}, "identifier": "AES-CTR-HMAC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 30}, "identifier": "AES-EAX", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 88}, "identifier": "HPKE", "metadata": {"primitive": "hybrid"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 46}, "identifier": "AES-GCM-SIV", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 60}, "identifier": "HMAC-SHA512", "metadata": {"primitive": "mac"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 33, "line": 66}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 87}, "identifier": "ECIES-P256-HKDF", "metadata": {"primitive": "hybrid"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 70}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 74}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 78}, "identifier": "RSA-SSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 82}, "identifier": "RSA-SSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 10}, "identifier": "Google Tink (Objective-C)", "path": "FIXME"} diff --git a/fixtures/openssl_c/aes_gcm/expected.jsonl b/fixtures/openssl_c/aes_gcm/expected.jsonl index 2987434..fcc53fe 100644 --- a/fixtures/openssl_c/aes_gcm/expected.jsonl +++ b/fixtures/openssl_c/aes_gcm/expected.jsonl @@ -1,2 +1,2 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 2, "line": 10}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL", "path": "FIXME"} diff --git a/fixtures/openssl_c/ecdsa_p384/expected.jsonl b/fixtures/openssl_c/ecdsa_p384/expected.jsonl index 1eacbe3..ac6ea25 100644 --- a/fixtures/openssl_c/ecdsa_p384/expected.jsonl +++ b/fixtures/openssl_c/ecdsa_p384/expected.jsonl @@ -1,3 +1,2 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 2}, "identifier": "ECDSA", "metadata": {"curve": "NID_secp384r1", "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 25, "line": 2}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL", "path": "FIXME"} diff --git a/fixtures/openssl_c/rsa_keygen/expected.jsonl b/fixtures/openssl_c/rsa_keygen/expected.jsonl index 85972d3..c96f694 100644 --- a/fixtures/openssl_c/rsa_keygen/expected.jsonl +++ b/fixtures/openssl_c/rsa_keygen/expected.jsonl @@ -1,3 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 2}, "identifier": "OpenSSL", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 79, "line": 3}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 94, "line": 6}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 2}, "identifier": "OpenSSL", "path": "FIXME"} diff --git a/fixtures/openssl_c/sha256/expected.jsonl b/fixtures/openssl_c/sha256/expected.jsonl index 6f8903d..c3df6d1 100644 --- a/fixtures/openssl_c/sha256/expected.jsonl +++ b/fixtures/openssl_c/sha256/expected.jsonl @@ -1,2 +1,2 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 34, "line": 2}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL", "path": "FIXME"} diff --git a/fixtures/php/openssl_aesgcm/expected.jsonl b/fixtures/php/openssl_aesgcm/expected.jsonl index c07e6f0..eb2de91 100644 --- a/fixtures/php/openssl_aesgcm/expected.jsonl +++ b/fixtures/php/openssl_aesgcm/expected.jsonl @@ -1,3 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL (PHP)", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 15, "line": 7}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 16, "line": 11}, "identifier": "AES-GCM", "metadata": {"keySize": 256, "primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "OpenSSL (PHP)", "path": "FIXME"} diff --git a/fixtures/python/pyca_aesgcm/expected.jsonl b/fixtures/python/pyca_aesgcm/expected.jsonl index 85ed1ab..a28bdad 100644 --- a/fixtures/python/pyca_aesgcm/expected.jsonl +++ b/fixtures/python/pyca_aesgcm/expected.jsonl @@ -1,3 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "PyCA cryptography", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 7, "line": 4}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 10, "line": 5}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 7, "line": 4}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "PyCA cryptography", "path": "FIXME"} diff --git a/fixtures/python/pyca_comprehensive/expected.jsonl b/fixtures/python/pyca_comprehensive/expected.jsonl index 05a8a18..4e439ec 100644 --- a/fixtures/python/pyca_comprehensive/expected.jsonl +++ b/fixtures/python/pyca_comprehensive/expected.jsonl @@ -1,198 +1,191 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 21}, "identifier": "PyCA cryptography", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 187}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 188}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 312}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 313}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 391}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 461}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 436}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 436}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 57}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 14, "line": 81}, "identifier": "AES-CCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 15, "line": 61}, "identifier": "AES-OCB3", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 441}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 441}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 446}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 446}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 451}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 451}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 456}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 456}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 517}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 517}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 556}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 16, "line": 556}, "identifier": "X963KDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 174}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 282}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 481}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 481}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 486}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 486}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 541}, "identifier": "KBKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 541}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 85}, "identifier": "AES-GCM-SIV", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 147}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 147}, "identifier": "SM4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 33}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 34}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 35}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 41}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 42}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 43}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 421}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 426}, "identifier": "SM3", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 461}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 461}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 466}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 466}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 471}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 471}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 476}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 476}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 496}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 496}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 49}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 50}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 51}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 18, "line": 506}, "identifier": "Scrypt", "metadata": {"primitive": "kdf"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 65}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 66}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 67}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 18, "line": 73}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 74}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 75}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 103}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 103}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 105}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 111}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 113}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 20, "line": 120}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 122}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 129}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 131}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 138}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 140}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 147}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 149}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 224}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 147}, "identifier": "SM4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 148}, "identifier": "SM4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 129}, "identifier": "IDEA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 130}, "identifier": "IDEA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 210}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 20, "line": 120}, "identifier": "CAST5", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 121}, "identifier": "CAST5", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 85}, "identifier": "AES-GCM-SIV", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 15, "line": 61}, "identifier": "AES-OCB3", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 218}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 338}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 279}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 281}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 202}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 27, "line": 330}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 111}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 112}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 81}, "identifier": "AES-CCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 97}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 406}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 476}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 556}, "identifier": "X963KDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 421}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 157}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 237}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 197}, "identifier": "secp256k1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 198}, "identifier": "secp256k1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 517}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 527}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 182}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 187}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 192}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 197}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 289}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 294}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 296}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 300}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 302}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 306}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 308}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 312}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 315}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 317}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 321}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 324}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 326}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 565}, "identifier": "ConcatKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 574}, "identifier": "ConcatKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 244}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 247}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 294}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 296}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 344}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 346}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 138}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 138}, "identifier": "SEED", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 366}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 436}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 89}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 90}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 171}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 173}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 174}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 175}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 258}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 261}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 279}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 281}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 282}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 285}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 306}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 308}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 356}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 358}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 376}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 446}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 496}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 497}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 517}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 518}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 527}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 528}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 541}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 542}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 556}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 557}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 565}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 566}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 574}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 575}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 206}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 334}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 416}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 486}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 103}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 104}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 57}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 85}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 19, "line": 97}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 20, "line": 120}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 20, "line": 120}, "identifier": "CAST5", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 224}, "identifier": "DH", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 371}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 376}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 381}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 386}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 21, "line": 89}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 22, "line": 289}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 22, "line": 411}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 481}, "identifier": "BLAKE2b", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 22, "line": 416}, "identifier": "BLAKE2s", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 111}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 111}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 157}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 171}, "identifier": "RSA-OAEP", "metadata": {"primitive": "pke"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 171}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 175}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 218}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 237}, "identifier": "RSA", "metadata": {"keySize": 2048, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 338}, "identifier": "DSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 391}, "identifier": "SHA3-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 23, "line": 396}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 466}, "identifier": "SHA3-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 401}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 406}, "identifier": "SHA3-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 527}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 527}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 565}, "identifier": "ConcatKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 565}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 574}, "identifier": "ConcatKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 574}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 165}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 182}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 187}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 192}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 214}, "identifier": "X448", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 206}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 279}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 279}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 312}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 321}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 25, "line": 334}, "identifier": "Ed448", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 210}, "identifier": "X25519", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 244}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 244}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 344}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 202}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 27, "line": 330}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 251}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 251}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 258}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 258}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 265}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 265}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 268}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 315}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 317}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 381}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 451}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 272}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 272}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 275}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 324}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 326}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 386}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 456}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 496}, "identifier": "PBKDF2", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 506}, "identifier": "Scrypt", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 251}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 254}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 300}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 302}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 294}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 294}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 350}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 352}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 21, "line": 371}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 441}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 426}, "identifier": "SM3", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 192}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 193}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 25, "line": 321}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 322}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 165}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 356}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 197}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 197}, "identifier": "secp256k1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 300}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 300}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 306}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 306}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 315}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 315}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 324}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 324}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 5, "line": 596}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 104}, "identifier": "3DES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 105}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 112}, "identifier": "Camellia", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 113}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 121}, "identifier": "CAST5", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 122}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 130}, "identifier": "IDEA", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 131}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 139}, "identifier": "SEED", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 140}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 148}, "identifier": "SM4", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 149}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 167}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 244}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 173}, "identifier": "RSA-OAEP", "metadata": {"primitive": "pke"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 173}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 183}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 188}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 193}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 198}, "identifier": "secp256k1", "metadata": {"primitive": "signature"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 246}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 251}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 247}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 253}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 258}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 254}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 260}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 265}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 261}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 267}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 272}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 268}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 274}, "identifier": "RSA-PKCS1", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 541}, "identifier": "KBKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 182}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 183}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 289}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 275}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 281}, "identifier": "RSA-PSS", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 281}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 285}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 9, "line": 290}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 171}, "identifier": "RSA-OAEP", "metadata": {"primitive": "pke"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 173}, "identifier": "RSA-OAEP", "metadata": {"primitive": "pke"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 14, "line": 436}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 441}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 446}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 451}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 16, "line": 456}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 461}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 466}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 471}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 476}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 481}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 486}, "identifier": "HMAC", "metadata": {"primitive": "mac"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 401}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 18, "line": 471}, "identifier": "SHA3-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 214}, "identifier": "X448", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 19, "line": 138}, "identifier": "SEED", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 9, "line": 139}, "identifier": "SEED", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 5, "line": 596}, "identifier": "RSA", "metadata": {"keySize": 3072, "primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 296}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 296}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 302}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 302}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 308}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 308}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 313}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 317}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 317}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 322}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 326}, "identifier": "ECDSA", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 326}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 346}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 34}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 352}, "identifier": "SHA-224", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 358}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 35}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 42}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 43}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 50}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 51}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 66}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 67}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 74}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 75}, "identifier": "AES", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 9, "line": 90}, "identifier": "ChaCha20", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 21}, "identifier": "PyCA cryptography", "path": "FIXME"} diff --git a/fixtures/python/tink_aesgcm/expected.jsonl b/fixtures/python/tink_aesgcm/expected.jsonl index 9d1363e..8ea547a 100644 --- a/fixtures/python/tink_aesgcm/expected.jsonl +++ b/fixtures/python/tink_aesgcm/expected.jsonl @@ -1,4 +1,4 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Google Tink (Python)", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 31}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 20, "line": 10}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 20, "line": 26}, "identifier": "AES-CTR-HMAC", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 31}, "identifier": "ChaCha20-Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 3}, "identifier": "Google Tink (Python)", "path": "FIXME"} diff --git a/fixtures/swift/cryptokit_aesgcm/expected.jsonl b/fixtures/swift/cryptokit_aesgcm/expected.jsonl index 7a036ca..12c3942 100644 --- a/fixtures/swift/cryptokit_aesgcm/expected.jsonl +++ b/fixtures/swift/cryptokit_aesgcm/expected.jsonl @@ -1,3 +1,3 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "CryptoKit", "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 13, "line": 5}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 6}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 1}, "identifier": "CryptoKit", "path": "FIXME"} diff --git a/fixtures/swift/cryptokit_comprehensive/expected.jsonl b/fixtures/swift/cryptokit_comprehensive/expected.jsonl index f1ccb4b..d8b6707 100644 --- a/fixtures/swift/cryptokit_comprehensive/expected.jsonl +++ b/fixtures/swift/cryptokit_comprehensive/expected.jsonl @@ -1,39 +1,39 @@ -{"assetType": "library", "evidence": {"column": 1, "line": 2}, "identifier": "CryptoKit", "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 68}, "identifier": "P384-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 31, "line": 71}, "identifier": "P384-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 17, "line": 8}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 19, "line": 146}, "identifier": "MD5", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 20, "line": 142}, "identifier": "SHA-1", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 31}, "identifier": "X25519", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 33, "line": 34}, "identifier": "X25519", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 17, "line": 8}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 22, "line": 130}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 22, "line": 134}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 22, "line": 138}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 23, "line": 21}, "identifier": "ChaCha20Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 153}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 157}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 24, "line": 161}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 108}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 114}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 120}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 53}, "identifier": "P256-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 68}, "identifier": "P384-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 26, "line": 83}, "identifier": "P521-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 12}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 13}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 16}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 17}, "identifier": "AES-GCM", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 90}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 138}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 161}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 38}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 60}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 130}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 153}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 114}, "identifier": "ECDSA-P384", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 30, "line": 38}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 31}, "identifier": "X25519", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 60}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 60}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 75}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 28, "line": 90}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 53}, "identifier": "P256-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 31, "line": 56}, "identifier": "P256-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 28, "line": 75}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 22, "line": 134}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 24, "line": 157}, "identifier": "SHA-384", "metadata": {"primitive": "hash"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 120}, "identifier": "ECDSA-P521", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 29, "line": 46}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 90}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 28, "line": 90}, "identifier": "SHA-512", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 29, "line": 102}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 23, "line": 21}, "identifier": "ChaCha20Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 29, "line": 46}, "identifier": "Ed25519", "metadata": {"primitive": "signature"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 38}, "identifier": "HKDF", "metadata": {"primitive": "kdf"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 30, "line": 38}, "identifier": "SHA-256", "metadata": {"primitive": "hash"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 31, "line": 22}, "identifier": "ChaCha20Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 31, "line": 23}, "identifier": "ChaCha20Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 32, "line": 26}, "identifier": "ChaCha20Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 108}, "identifier": "ECDSA-P256", "metadata": {"primitive": "signature"}, "path": "FIXME"} -{"assetType": "algorithm", "evidence": {"column": 26, "line": 83}, "identifier": "P521-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 31, "line": 56}, "identifier": "P256-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 31, "line": 71}, "identifier": "P384-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} {"assetType": "algorithm", "evidence": {"column": 31, "line": 86}, "identifier": "P521-KeyAgreement", "metadata": {"primitive": "keyexchange"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 32, "line": 26}, "identifier": "ChaCha20Poly1305", "metadata": {"primitive": "symmetric"}, "path": "FIXME"} +{"assetType": "algorithm", "evidence": {"column": 33, "line": 34}, "identifier": "X25519", "metadata": {"primitive": "asymmetric"}, "path": "FIXME"} +{"assetType": "library", "evidence": {"column": 1, "line": 2}, "identifier": "CryptoKit", "path": "FIXME"} diff --git a/src/scan.rs b/src/scan.rs index 7e8fa66..c13df30 100644 --- a/src/scan.rs +++ b/src/scan.rs @@ -257,7 +257,7 @@ pub fn find_algorithms<'a>( } } - result + dedupe_more_specific(result) } fn line_col_from_offset(content: &str, byte_idx: usize) -> (usize, usize) { @@ -469,3 +469,70 @@ fn code_symbol_nodes<'a>(lang: Language, root: Node<'a>) -> Vec> { } nodes } + +fn dedupe_more_specific<'a>(hits: Vec>) -> Vec> { + let mut drop = vec![false; hits.len()]; + for i in 0..hits.len() { + if drop[i] { + continue; + } + for j in 0..hits.len() { + if i == j || drop[j] { + continue; + } + if hits[i].line != hits[j].line { + continue; + } + let Some(p_i) = primitive_of(&hits[i]) else { + continue; + }; + let Some(p_j) = primitive_of(&hits[j]) else { + continue; + }; + if p_i != p_j { + continue; + } + if is_more_specific(&hits[j].algorithm_name, &hits[i].algorithm_name) { + drop[i] = true; + break; + } + } + } + + hits.into_iter() + .enumerate() + .filter_map(|(idx, hit)| if drop[idx] { None } else { Some(hit) }) + .collect() +} + +fn primitive_of<'a>(hit: &'a AlgorithmHit<'a>) -> Option<&'a str> { + hit.metadata + .get("primitive") + .and_then(|v| v.as_str()) +} + +fn is_more_specific(specific: &str, generic: &str) -> bool { + if specific == generic { + return false; + } + if specific.starts_with(generic) && specific.as_bytes().get(generic.len()) == Some(&b'-') { + return true; + } + + let tokens_specific: Vec<&str> = specific.split('-').collect(); + let tokens_generic: Vec<&str> = generic.split('-').collect(); + let tokens_specific_no_num: Vec<&str> = tokens_specific + .iter() + .copied() + .filter(|t| !t.chars().all(|c| c.is_ascii_digit())) + .collect(); + let tokens_generic_no_num: Vec<&str> = tokens_generic + .iter() + .copied() + .filter(|t| !t.chars().all(|c| c.is_ascii_digit())) + .collect(); + + tokens_specific_no_num == tokens_generic_no_num + && tokens_specific.len() > tokens_generic.len() + && tokens_specific.iter().any(|t| t.chars().all(|c| c.is_ascii_digit())) +} From 6f9fab43b1e9d258d6d5347e02d44a9f202870bd Mon Sep 17 00:00:00 2001 From: Isaac Elbaz Date: Fri, 26 Dec 2025 11:23:36 -0500 Subject: [PATCH 3/3] Made fmt changes --- src/scan.rs | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/src/scan.rs b/src/scan.rs index c13df30..68057ad 100644 --- a/src/scan.rs +++ b/src/scan.rs @@ -301,16 +301,12 @@ fn collect_constants(lang: Language, content: &str) -> HashMap { r"(?m)^\s*(?:public|private|protected)?\s*(?:static\s+)?final\s+(?:int|long|String)\s+([A-Za-z_][A-Za-z0-9_]*)\s*=\s*([^;]+);", ], Language::Go => &[r"(?m)^\s*const\s+([A-Za-z_][A-Za-z0-9_]*)\s*=\s*([^\n]+)$"], - Language::Python => &[ - r"(?m)^\s*([A-Z_][A-Z0-9_]*)\s*=\s*([^#\n]+)", - ], + Language::Python => &[r"(?m)^\s*([A-Z_][A-Z0-9_]*)\s*=\s*([^#\n]+)"], Language::Php => &[ r"(?m)^\s*const\s+([A-Z_][A-Z0-9_]*)\s*=\s*([^;]+);", r#"define\(\s*['"]([A-Z_][A-Z0-9_]*)['"]\s*,\s*([^)]+)\)"#, ], - Language::Rust => &[ - r"(?m)^\s*const\s+([A-Za-z_][A-Za-z0-9_]*)\s*:[^=]+=\s*([^;]+);", - ], + Language::Rust => &[r"(?m)^\s*const\s+([A-Za-z_][A-Za-z0-9_]*)\s*:[^=]+=\s*([^;]+);"], _ => &[], }; @@ -492,7 +488,7 @@ fn dedupe_more_specific<'a>(hits: Vec>) -> Vec if p_i != p_j { continue; } - if is_more_specific(&hits[j].algorithm_name, &hits[i].algorithm_name) { + if is_more_specific(hits[j].algorithm_name, hits[i].algorithm_name) { drop[i] = true; break; } @@ -506,9 +502,7 @@ fn dedupe_more_specific<'a>(hits: Vec>) -> Vec } fn primitive_of<'a>(hit: &'a AlgorithmHit<'a>) -> Option<&'a str> { - hit.metadata - .get("primitive") - .and_then(|v| v.as_str()) + hit.metadata.get("primitive").and_then(|v| v.as_str()) } fn is_more_specific(specific: &str, generic: &str) -> bool { @@ -534,5 +528,7 @@ fn is_more_specific(specific: &str, generic: &str) -> bool { tokens_specific_no_num == tokens_generic_no_num && tokens_specific.len() > tokens_generic.len() - && tokens_specific.iter().any(|t| t.chars().all(|c| c.is_ascii_digit())) + && tokens_specific + .iter() + .any(|t| t.chars().all(|c| c.is_ascii_digit())) }