issues
search
IBM
/
sonar-cryptography
This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.
Apache License 2.0
18
stars
1
forks
source link
Handle edge cases for BouncyCastle library
#31
Open
hugoqnc
opened
2 weeks ago
hugoqnc
commented
2 weeks ago
[ ] Investigate if capturing elliptic curves is possible
[ ] Handle cases where crypto assets have multiple nodes of the same type at the same level (like two digests)
[ ] Handle all static fields
[ ] Better handle enrichment: move all the enriched content currently in translation to enrichment
[ ] Look into missing classes in
org.bouncycastle.crypto
: is there missing information?
org.bouncycastle.crypto
: is there missing information?