This repository is a demo on how to integrate the on githaub Action of CryptoAnalysis into a reposity. This demo is performed on CamBench as it provides labeled examples of cryptographic API misuses and correct usages in CamBench_Cap The github action is configured in cognicrypt.yml and executed in pull requests. More detailed results can be seen in the workflow's summary.
CamBench envisions to be a comprehensive benchmark for cryptographic API misuse detection tools consisting of three components:
- CamBench_Real includes real-world Java applications with manually labeled usages.
- CamBench_Cap includes synthetic test cases to cover analysis capabilities.
- CamBench_Cov is a heuristic for crypto API coverage.
CamBench is accepted as a registered report at MSR 22 [^1]. If you are interested in the progress of CamBench, please watch the repository or reach out to us. If you want to contribute to CamBench, feel free to raise an issue or contact us.
- logos contains the CamBench logo
- presentations contains the various slides we used to present CamBench
[^1] Schlichtig, M., Wickert, A. K., Krüger, S., Bodden, E., & Mezini, M. (2022). CamBench--Cryptographic API Misuse Detection Tool Benchmark Suite. arXiv preprint arXiv:2204.06447.
The artwork and logos of the projects are licensed under CC BY-SA 4.0.