Skip to content

Commit

Permalink
updated preference page.
Browse files Browse the repository at this point in the history
Signed-off-by: Shahrzad <[email protected]>
  • Loading branch information
shahrzadav committed Apr 20, 2022
1 parent a640285 commit fcd70be
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions content/documentation/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ title: "Documentation"
date: 2018-09-03T19:48:11+02:00
---

CogniCrypt comprises two features to assist in the usage of cryptographic APIs. First, its code generator CogniCrypt<sub>GEN</sub> may generate code wrappers around cryptographic APIs that implement programming tasks involving cryptography. Currently, CogniCrypt<sub>GEN</sub> supports code generation for five such tasks. CogniCrypt also employs a suite of static code analyses CogniCrypt<sub>SAST</sub> constantly running the background and checking for misuses of cryptographic APIs. Thanks to its tight integration with Eclipse, developers are being alerted of misuses by means of regular Eclipse error markers. Both CogniCrypt<sub>GEN</sub> and CogniCrypt<sub>SAST</sub> are parameterized and configured by rules in the specification languge CrySL. For more details on all three, please refer to their corresponding tutorial pages:
CogniCrypt comprises two features to assist in the usage of cryptographic APIs. First, its code generator CogniCrypt<sub>GEN</sub> may generate code wrappers around cryptographic APIs that implement programming tasks involving cryptography. Currently, CogniCrypt<sub>GEN</sub> supports code generation for five such tasks. CogniCrypt also employs a suite of static code analyses CogniCrypt<sub>SAST</sub> constantly running the background and checking for misuses of cryptographic APIs. Thanks to its tight integration with Eclipse, developers are being alerted of misuses by means of regular Eclipse error markers. Both CogniCrypt<sub>GEN</sub> and CogniCrypt<sub>SAST</sub> are parameterized and configured by rules in the specification language CrySL. For more details on all three, please refer to their corresponding tutorial pages:

* [CrySL - Usage Specifications for Cryptographic APIs](crysl)

Expand All @@ -19,9 +19,11 @@ Through its preference menu, CogniCrypt may be configured in several different w
<img class="center-fit" src='./preferences.png' alt="Preferences">
</div>

* `Source of CrySL Rules` : Users may select in this table which CrySL rules CogniCrypt should include in its analyis and code generation. By default, there are three rule sets, one for the JCA, one for BouncyCastle, and one for Google Tink. However, users may add new ruleset through the button below the table.
* `Source of CrySL Rules` : Users may select in this table which CrySL rules CogniCrypt should include in its analysis and code generation. By default, there are three rule sets, one for the JCA, one for BouncyCastle, and one for Google Tink. However, users may add new ruleset through the button below the table.

* `Select Custom Rules` : As explained [here](crysl), users may write their own custom CrySL rules in CogniCrypt directly if they do not want to specify a complete rule set. For CogniCrypt to use these custom rules, a user has to enable this option here.
* `Select Custom Rules` : As explained [here](crysl), users may write their own custom CrySL rules in CogniCrypt directly if they do not want to specify a complete ruleset. For CogniCrypt to use these custom rules, a user has to enable this option here. Users may add their custom rules via a URL (Add Remote Ruleset) or from their local machine (Add Local Ruleset).

* `Load Rules From Analyzed Project's Directory` : When this is enabled, CogniCrypt<sub>SAST</sub> would automatically look into the analyzed project directory for CrySL rules.

* `Enable Automated Analysis when Saving` : When this option is enabled, CogniCrypt<sub>SAST</sub> executes whenever a source-code file is saved. Otherwise, the user has to trigger CogniCrypt<sub>SAST</sub> manually

Expand All @@ -31,8 +33,10 @@ Through its preference menu, CogniCrypt may be configured in several different w

* `Include Dependencies to Analysis` : When enabled, CogniCrypt<sub>SAST</sub> not only checks the application code directly, but any library code the application code depends on.

* `Suppress warnings related to legacy code generated by CogniCrypt` : If a user chooses to support legacy systems in the CogniCrypt<sub>GEN</sub> wizard, they might not opt for the highest security requirements. Therefore, they can choose a less secure configuration by enabling this checkbox.

* `Call-graph construction algorithm` : Users may select which algorithm CogniCrypt<sub>SAST</sub> uses for call-graph construction.

* `Error-Warning Types` : By means of these options, users may set the severity CogniCrypt<sub>SAST</sub>'s error types are reported with. They may chosse between Error, Warning, Info, or Ignore.
* `Error-Warning Types` : By means of these options, users may set the severity CogniCrypt<sub>SAST</sub>'s error types are reported with. They may choose between Error, Warning, Info, or Ignore.

* `Persist Code-generation Configuration` : If enabled, CogniCrypt<sub>GEN</sub> stores the configuration it uses to generate code for a cryptographic use case into the root folder of the user's project.
Binary file added content/documentation/preferences.jpg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed content/documentation/preferences.png
Binary file not shown.

0 comments on commit fcd70be

Please sign in to comment.