search

crocs-muni / sec-certs

Tool for analysis of security certificates and their security targets (Common Criteria, NIST FIPS140-2...).
https://sec-certs.org
MIT License
12 stars 8 forks source link

Display cleaned extracted SARs on web #235

Closed adamjanovsky closed 2 years ago

adamjanovsky commented 2 years ago

Given a certificate, we currently show SARs extracted from pdfs on the web. These are slightly unreliable and should be ideally replaced with SARs processed by SARTransformer. These SARs reside in CCHeuristics.extracted_sars variable.

https://github.com/crocs-muni/sec-certs/blob/299c02136a303c49b6f2cf03423332125a9a8f62/sec_certs/sample/common_criteria.py#L307

@J08nY, could we please display these SARs instead of those extracted from pdfs?

I think that displaying them in "Heuristics Summary" at the top of the page would be just fine.

J08nY commented 2 years ago

I will add the heuristicaly-extracted SARs into the page. I would like to also keep the raw extracted SARs in the page, as we display all of the regex matches currently.

J08nY commented 2 years ago

Btw. do we also do something for SFRs?

J08nY commented 2 years ago

This is now done, see e.g.: https://seccerts.org/cc/131f67a45cd91c49/#heuristics-info