scanoss 0.15.7 → 0.16.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +53 -97
- package/LICENSE +20 -20
- package/README.md +75 -3
- package/assets/ReportHTMLTemplate/index.html +11 -8
- package/assets/data/scanoss-crypto-library-rules.json +1 -0
- package/build/main/cli/bin/cli-bin.js +6 -2
- package/build/main/cli/commands/crypto.js +14 -7
- package/build/main/cli/commands/scan.js +66 -23
- package/build/main/sdk/Cryptography/Algorithm/Components/ComponentAlgorithmScanner.d.ts +19 -0
- package/build/main/sdk/Cryptography/Algorithm/Components/ComponentAlgorithmScanner.js +27 -0
- package/build/main/sdk/Cryptography/Algorithm/Files/AlgorithmProcessor.d.ts +1 -0
- package/build/main/sdk/Cryptography/Algorithm/Files/AlgorithmProcessor.js +39 -0
- package/build/main/sdk/Cryptography/Algorithm/Files/FileAlgorithmScanner.d.ts +42 -0
- package/build/main/sdk/Cryptography/Algorithm/Files/FileAlgorithmScanner.js +87 -0
- package/build/main/sdk/Cryptography/{CryptoDef/CryptoDef.d.ts → Algorithm/Files/Helper/Helper.d.ts} +1 -1
- package/build/main/sdk/Cryptography/{CryptoDef/CryptoDef.js → Algorithm/Files/Helper/Helper.js} +1 -1
- package/build/main/sdk/Cryptography/{Scanneable → Algorithm/Files/Scanneable}/CryptoItem.d.ts +2 -2
- package/build/main/sdk/Cryptography/{Scanneable → Algorithm/Files/Scanneable}/CryptoItem.js +1 -1
- package/build/main/sdk/Cryptography/BaseCryptographyScanner.d.ts +25 -0
- package/build/main/sdk/Cryptography/BaseCryptographyScanner.js +23 -0
- package/build/main/sdk/Cryptography/CryptoCfg.d.ts +32 -5
- package/build/main/sdk/Cryptography/CryptoCfg.js +35 -5
- package/build/main/sdk/Cryptography/CryptographyScanner.d.ts +15 -21
- package/build/main/sdk/Cryptography/CryptographyScanner.js +31 -41
- package/build/main/sdk/Cryptography/CryptographyTypes.d.ts +47 -3
- package/build/main/sdk/Cryptography/Helper/ResultCollector/Component/ComponentCryptographyResultColletor.d.ts +32 -0
- package/build/main/sdk/Cryptography/Helper/ResultCollector/Component/ComponentCryptographyResultColletor.js +66 -0
- package/build/main/sdk/Cryptography/Helper/ResultCollector/File/FileCryptographyResultCollector.d.ts +36 -0
- package/build/main/sdk/Cryptography/Helper/ResultCollector/File/FileCryptographyResultCollector.js +65 -0
- package/build/main/sdk/Cryptography/Hint/Components/ComponentHintScanner.d.ts +19 -0
- package/build/main/sdk/Cryptography/Hint/Components/ComponentHintScanner.js +27 -0
- package/build/main/sdk/Cryptography/Hint/Files/FileHintScanner.d.ts +35 -0
- package/build/main/sdk/Cryptography/Hint/Files/FileHintScanner.js +69 -0
- package/build/main/sdk/Cryptography/Hint/Files/HintProcessor.d.ts +1 -0
- package/build/main/sdk/Cryptography/Hint/Files/HintProcessor.js +34 -0
- package/build/main/sdk/Filtering/Filtering.js +1 -2
- package/build/main/sdk/Logger.d.ts +2 -0
- package/build/main/sdk/Logger.js +7 -2
- package/build/main/sdk/Report/DataLayer/DataLayerTypes.d.ts +8 -4
- package/build/main/sdk/Report/DataLayer/DataProviders/CryptographyDataProvider.d.ts +7 -7
- package/build/main/sdk/Report/DataLayer/DataProviders/CryptographyDataProvider.js +71 -11
- package/build/main/sdk/Services/Grpc/BaseService.js +1 -1
- package/build/main/sdk/Services/Grpc/CryptographyService.d.ts +3 -0
- package/build/main/sdk/Services/Grpc/CryptographyService.js +16 -1
- package/build/main/sdk/Services/Grpc/scanoss/api/cryptography/v2/scanoss-cryptography_grpc_pb.d.ts +72 -0
- package/build/main/sdk/Services/Grpc/scanoss/api/cryptography/v2/scanoss-cryptography_grpc_pb.js +87 -3
- package/build/main/sdk/Services/Grpc/scanoss/api/cryptography/v2/scanoss-cryptography_pb.js +1987 -127
- package/build/main/sdk/Utils/Concurrency/Job.d.ts +8 -0
- package/build/main/sdk/Utils/Concurrency/Job.js +17 -0
- package/build/main/sdk/Utils/Concurrency/JobProcessor.d.ts +10 -0
- package/build/main/sdk/Utils/Concurrency/JobProcessor.js +51 -0
- package/build/main/sdk/Utils/Concurrency/WorkerPool.d.ts +14 -0
- package/build/main/sdk/Utils/Concurrency/WorkerPool.js +69 -0
- package/build/main/sdk/Utils/Concurrency/types.d.ts +18 -0
- package/build/main/sdk/Utils/Concurrency/types.js +3 -0
- package/build/main/sdk/scanner/ScannerTypes.js +1 -1
- package/build/main/tsconfig.tsbuildinfo +1 -1
- package/build/module/cli/bin/cli-bin.js +6 -2
- package/build/module/cli/commands/crypto.js +14 -7
- package/build/module/cli/commands/scan.js +66 -23
- package/build/module/sdk/Cryptography/Algorithm/Components/ComponentAlgorithmScanner.d.ts +19 -0
- package/build/module/sdk/Cryptography/Algorithm/Components/ComponentAlgorithmScanner.js +23 -0
- package/build/module/sdk/Cryptography/Algorithm/Files/AlgorithmProcessor.d.ts +1 -0
- package/build/module/sdk/Cryptography/Algorithm/Files/AlgorithmProcessor.js +36 -0
- package/build/module/sdk/Cryptography/Algorithm/Files/FileAlgorithmScanner.d.ts +42 -0
- package/build/module/sdk/Cryptography/Algorithm/Files/FileAlgorithmScanner.js +80 -0
- package/build/module/sdk/Cryptography/{CryptoDef/CryptoDef.d.ts → Algorithm/Files/Helper/Helper.d.ts} +1 -1
- package/build/module/sdk/Cryptography/{CryptoDef/CryptoDef.js → Algorithm/Files/Helper/Helper.js} +1 -1
- package/build/module/sdk/Cryptography/{Scanneable → Algorithm/Files/Scanneable}/CryptoItem.d.ts +2 -2
- package/build/module/sdk/Cryptography/{Scanneable → Algorithm/Files/Scanneable}/CryptoItem.js +1 -1
- package/build/module/sdk/Cryptography/BaseCryptographyScanner.d.ts +25 -0
- package/build/module/sdk/Cryptography/BaseCryptographyScanner.js +21 -0
- package/build/module/sdk/Cryptography/CryptoCfg.d.ts +32 -5
- package/build/module/sdk/Cryptography/CryptoCfg.js +39 -6
- package/build/module/sdk/Cryptography/CryptographyScanner.d.ts +15 -21
- package/build/module/sdk/Cryptography/CryptographyScanner.js +32 -39
- package/build/module/sdk/Cryptography/CryptographyTypes.d.ts +47 -3
- package/build/module/sdk/Cryptography/Helper/ResultCollector/Component/ComponentCryptographyResultColletor.d.ts +32 -0
- package/build/module/sdk/Cryptography/Helper/ResultCollector/Component/ComponentCryptographyResultColletor.js +60 -0
- package/build/module/sdk/Cryptography/Helper/ResultCollector/File/FileCryptographyResultCollector.d.ts +36 -0
- package/build/module/sdk/Cryptography/Helper/ResultCollector/File/FileCryptographyResultCollector.js +59 -0
- package/build/module/sdk/Cryptography/Hint/Components/ComponentHintScanner.d.ts +19 -0
- package/build/module/sdk/Cryptography/Hint/Components/ComponentHintScanner.js +23 -0
- package/build/module/sdk/Cryptography/Hint/Files/FileHintScanner.d.ts +35 -0
- package/build/module/sdk/Cryptography/Hint/Files/FileHintScanner.js +62 -0
- package/build/module/sdk/Cryptography/Hint/Files/HintProcessor.d.ts +1 -0
- package/build/module/sdk/Cryptography/Hint/Files/HintProcessor.js +31 -0
- package/build/module/sdk/Filtering/Filtering.js +1 -2
- package/build/module/sdk/Logger.d.ts +2 -0
- package/build/module/sdk/Logger.js +8 -2
- package/build/module/sdk/Report/DataLayer/DataLayerTypes.d.ts +8 -4
- package/build/module/sdk/Report/DataLayer/DataProviders/CryptographyDataProvider.d.ts +7 -7
- package/build/module/sdk/Report/DataLayer/DataProviders/CryptographyDataProvider.js +73 -14
- package/build/module/sdk/Services/Grpc/BaseService.js +1 -1
- package/build/module/sdk/Services/Grpc/CryptographyService.d.ts +3 -0
- package/build/module/sdk/Services/Grpc/CryptographyService.js +16 -1
- package/build/module/sdk/Services/Grpc/scanoss/api/cryptography/v2/scanoss-cryptography_grpc_pb.d.ts +72 -0
- package/build/module/sdk/Services/Grpc/scanoss/api/cryptography/v2/scanoss-cryptography_grpc_pb.js +87 -3
- package/build/module/sdk/Services/Grpc/scanoss/api/cryptography/v2/scanoss-cryptography_pb.js +1987 -127
- package/build/module/sdk/Utils/Concurrency/Job.d.ts +8 -0
- package/build/module/sdk/Utils/Concurrency/Job.js +14 -0
- package/build/module/sdk/Utils/Concurrency/JobProcessor.d.ts +10 -0
- package/build/module/sdk/Utils/Concurrency/JobProcessor.js +47 -0
- package/build/module/sdk/Utils/Concurrency/WorkerPool.d.ts +14 -0
- package/build/module/sdk/Utils/Concurrency/WorkerPool.js +65 -0
- package/build/module/sdk/Utils/Concurrency/types.d.ts +18 -0
- package/build/module/sdk/Utils/Concurrency/types.js +2 -0
- package/build/module/sdk/scanner/ScannerTypes.js +1 -1
- package/build/module/tsconfig.module.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/build/main/sdk/Cryptography/CryptoProvider/LocalCrypto.d.ts +0 -21
- package/build/main/sdk/Cryptography/CryptoProvider/LocalCrypto.js +0 -37
- package/build/main/sdk/Cryptography/Worker/ThreadPool.d.ts +0 -21
- package/build/main/sdk/Cryptography/Worker/ThreadPool.js +0 -87
- package/build/main/sdk/Cryptography/Worker/Worker.d.ts +0 -15
- package/build/main/sdk/Cryptography/Worker/Worker.js +0 -69
- package/build/main/sdk/Cryptography/utils/adapters/cryptoAdapters.d.ts +0 -8
- package/build/main/sdk/Cryptography/utils/adapters/cryptoAdapters.js +0 -15
- package/build/module/sdk/Cryptography/CryptoProvider/LocalCrypto.d.ts +0 -21
- package/build/module/sdk/Cryptography/CryptoProvider/LocalCrypto.js +0 -36
- package/build/module/sdk/Cryptography/Worker/ThreadPool.d.ts +0 -21
- package/build/module/sdk/Cryptography/Worker/ThreadPool.js +0 -89
- package/build/module/sdk/Cryptography/Worker/Worker.d.ts +0 -15
- package/build/module/sdk/Cryptography/Worker/Worker.js +0 -66
- package/build/module/sdk/Cryptography/utils/adapters/cryptoAdapters.d.ts +0 -8
- package/build/module/sdk/Cryptography/utils/adapters/cryptoAdapters.js +0 -12
- /package/assets/data/{defaultCryptoRules.json → scanoss-crypto-algorithm-rules.json} +0 -0
|
@@ -1,31 +1,25 @@
|
|
|
1
|
-
import { CryptoCfg } from
|
|
2
|
-
import {
|
|
1
|
+
import { CryptoCfg } from "./CryptoCfg";
|
|
2
|
+
import { CryptographyResponse, LocalCryptographyResponse } from "./CryptographyTypes";
|
|
3
|
+
import { PurlRequest } from "../Services/Grpc/BaseService";
|
|
3
4
|
/**
|
|
4
|
-
*
|
|
5
|
+
* Provides functionality to scan files and components for cryptographic items.
|
|
6
|
+
* This class acts as the primary entry point for cryptographic scanning.
|
|
5
7
|
*/
|
|
6
8
|
export declare class CryptographyScanner {
|
|
7
|
-
private
|
|
8
|
-
|
|
9
|
-
* Constructs a new CryptographyScanner.
|
|
10
|
-
* @param cryptoCfg The cryptographic configuration.
|
|
11
|
-
*/
|
|
12
|
-
constructor(cryptoCfg: CryptoCfg);
|
|
9
|
+
private readonly config;
|
|
10
|
+
constructor(cfg: CryptoCfg);
|
|
13
11
|
/**
|
|
14
12
|
* Scans an array of files for cryptographic items.
|
|
13
|
+
* Performs both algorithm detection and library scanning.
|
|
15
14
|
* @param files An array of file paths to scan.
|
|
16
|
-
* @returns A promise that resolves to
|
|
17
|
-
*/
|
|
18
|
-
scan(files: Array<string>): Promise<ILocalCryptographyResponse>;
|
|
19
|
-
/**
|
|
20
|
-
* Scans a folder for cryptographic items.
|
|
21
|
-
* @param path The path of the folder to scan.
|
|
22
|
-
* @returns A promise that resolves to an ILocalCryptographyResponse.
|
|
23
|
-
* @throws Error if the specified path is not a directory.
|
|
15
|
+
* @returns {LocalCryptographyResponse} A promise that resolves to a LocalCryptographyResponse containing scan results.
|
|
24
16
|
*/
|
|
25
|
-
|
|
17
|
+
scanFiles(files: Array<string>): Promise<LocalCryptographyResponse>;
|
|
26
18
|
/**
|
|
27
|
-
*
|
|
28
|
-
*
|
|
19
|
+
* Scans components for cryptographic.
|
|
20
|
+
* Performs both algorithm detection and library scanning at the component level.
|
|
21
|
+
* @param req A request containing PURL's to scan
|
|
22
|
+
* @returns {CryptographyResponse} A promise that resolves to an array of CryptographyResponse objects.
|
|
29
23
|
*/
|
|
30
|
-
|
|
24
|
+
scanComponents(req: PurlRequest): Promise<Array<CryptographyResponse>>;
|
|
31
25
|
}
|
|
@@ -1,52 +1,45 @@
|
|
|
1
|
-
import
|
|
2
|
-
import {
|
|
3
|
-
import {
|
|
4
|
-
import {
|
|
5
|
-
import
|
|
1
|
+
import { FileAlgorithmScanner } from "./Algorithm/Files/FileAlgorithmScanner";
|
|
2
|
+
import { FileHintScanner } from "./Hint/Files/FileHintScanner";
|
|
3
|
+
import { FileCryptographyResultCollector } from "./Helper/ResultCollector/File/FileCryptographyResultCollector";
|
|
4
|
+
import { ComponentCryptographyResultCollector } from "./Helper/ResultCollector/Component/ComponentCryptographyResultColletor";
|
|
5
|
+
import { ComponentAlgorithmScanner } from "./Algorithm/Components/ComponentAlgorithmScanner";
|
|
6
|
+
import { ComponentHintScanner } from "./Hint/Components/ComponentHintScanner";
|
|
6
7
|
/**
|
|
7
|
-
*
|
|
8
|
+
* Provides functionality to scan files and components for cryptographic items.
|
|
9
|
+
* This class acts as the primary entry point for cryptographic scanning.
|
|
8
10
|
*/
|
|
9
11
|
export class CryptographyScanner {
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
* @param cryptoCfg The cryptographic configuration.
|
|
14
|
-
*/
|
|
15
|
-
constructor(cryptoCfg) {
|
|
16
|
-
this.cryptoConfig = cryptoCfg;
|
|
12
|
+
config;
|
|
13
|
+
constructor(cfg) {
|
|
14
|
+
this.config = cfg;
|
|
17
15
|
}
|
|
18
16
|
/**
|
|
19
17
|
* Scans an array of files for cryptographic items.
|
|
18
|
+
* Performs both algorithm detection and library scanning.
|
|
20
19
|
* @param files An array of file paths to scan.
|
|
21
|
-
* @returns A promise that resolves to
|
|
22
|
-
*/
|
|
23
|
-
async scan(files) {
|
|
24
|
-
const cryptographyRules = await this.loadRules(this.cryptoConfig.getRulesPath());
|
|
25
|
-
const localCrypto = new LocalCrypto(cryptographyRules, this.cryptoConfig.getNumberOfThreads());
|
|
26
|
-
const cryptoItems = await localCrypto.search(files);
|
|
27
|
-
return mapToILocalCryptographyResponse(cryptoItems);
|
|
28
|
-
}
|
|
29
|
-
/**
|
|
30
|
-
* Scans a folder for cryptographic items.
|
|
31
|
-
* @param path The path of the folder to scan.
|
|
32
|
-
* @returns A promise that resolves to an ILocalCryptographyResponse.
|
|
33
|
-
* @throws Error if the specified path is not a directory.
|
|
20
|
+
* @returns {LocalCryptographyResponse} A promise that resolves to a LocalCryptographyResponse containing scan results.
|
|
34
21
|
*/
|
|
35
|
-
async
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
const
|
|
39
|
-
|
|
40
|
-
|
|
22
|
+
async scanFiles(files) {
|
|
23
|
+
const cryptoResultCollector = new FileCryptographyResultCollector();
|
|
24
|
+
const cryptoAlgorithmScanner = new FileAlgorithmScanner(this.config, cryptoResultCollector);
|
|
25
|
+
const cryptoHintScanner = new FileHintScanner(this.config, cryptoResultCollector);
|
|
26
|
+
await cryptoAlgorithmScanner.scan(files);
|
|
27
|
+
await cryptoHintScanner.scan(files);
|
|
28
|
+
return cryptoResultCollector.getResults();
|
|
41
29
|
}
|
|
42
30
|
/**
|
|
43
|
-
*
|
|
44
|
-
*
|
|
31
|
+
* Scans components for cryptographic.
|
|
32
|
+
* Performs both algorithm detection and library scanning at the component level.
|
|
33
|
+
* @param req A request containing PURL's to scan
|
|
34
|
+
* @returns {CryptographyResponse} A promise that resolves to an array of CryptographyResponse objects.
|
|
45
35
|
*/
|
|
46
|
-
async
|
|
47
|
-
const
|
|
48
|
-
const
|
|
49
|
-
|
|
36
|
+
async scanComponents(req) {
|
|
37
|
+
const componentCryptoResultCollector = new ComponentCryptographyResultCollector();
|
|
38
|
+
const componentCryptoAlgorithmScanner = new ComponentAlgorithmScanner(this.config, componentCryptoResultCollector);
|
|
39
|
+
const componentCryptoHintScanner = new ComponentHintScanner(this.config, componentCryptoResultCollector);
|
|
40
|
+
await componentCryptoAlgorithmScanner.scan(req);
|
|
41
|
+
await componentCryptoHintScanner.scan(req);
|
|
42
|
+
return componentCryptoResultCollector.getResults();
|
|
50
43
|
}
|
|
51
44
|
}
|
|
52
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
45
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ3J5cHRvZ3JhcGh5U2Nhbm5lci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9zZGsvQ3J5cHRvZ3JhcGh5L0NyeXB0b2dyYXBoeVNjYW5uZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUNMLG9CQUFvQixFQUNyQixNQUFNLHdDQUF3QyxDQUFDO0FBQ2hELE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSw4QkFBOEIsQ0FBQztBQU0vRCxPQUFPLEVBQ0wsK0JBQStCLEVBQ2hDLE1BQU0sK0RBQStELENBQUM7QUFDdkUsT0FBTyxFQUNMLG9DQUFvQyxFQUNyQyxNQUFNLHdFQUF3RSxDQUFDO0FBQ2hGLE9BQU8sRUFDTCx5QkFBeUIsRUFDMUIsTUFBTSxrREFBa0QsQ0FBQztBQUMxRCxPQUFPLEVBQ0wsb0JBQW9CLEVBQ3JCLE1BQU0sd0NBQXdDLENBQUM7QUFJaEQ7OztHQUdHO0FBQ0gsTUFBTSxPQUFPLG1CQUFtQjtJQUViLE1BQU0sQ0FBWTtJQUVuQyxZQUFZLEdBQWM7UUFDeEIsSUFBSSxDQUFDLE1BQU0sR0FBRyxHQUFHLENBQUM7SUFDcEIsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0ksS0FBSyxDQUFDLFNBQVMsQ0FBQyxLQUFvQjtRQUN6QyxNQUFNLHFCQUFxQixHQUFHLElBQUksK0JBQStCLEVBQUUsQ0FBQztRQUNwRSxNQUFNLHNCQUFzQixHQUFHLElBQUksb0JBQW9CLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBQyxxQkFBcUIsQ0FBQyxDQUFDO1FBQzNGLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxlQUFlLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxxQkFBcUIsQ0FBQyxDQUFDO1FBQ2xGLE1BQU0sc0JBQXNCLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3pDLE1BQU0saUJBQWlCLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3BDLE9BQU8scUJBQXFCLENBQUMsVUFBVSxFQUFFLENBQUM7SUFDNUMsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0ksS0FBSyxDQUFDLGNBQWMsQ0FBQyxHQUFnQjtRQUMxQyxNQUFNLDhCQUE4QixHQUFHLElBQUksb0NBQW9DLEVBQUUsQ0FBQztRQUNsRixNQUFNLCtCQUErQixHQUFHLElBQUkseUJBQXlCLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSw4QkFBOEIsQ0FBQyxDQUFDO1FBQ25ILE1BQU0sMEJBQTBCLEdBQUcsSUFBSSxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLDhCQUE4QixDQUFDLENBQUM7UUFDekcsTUFBTSwrQkFBK0IsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDaEQsTUFBTSwwQkFBMEIsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDM0MsT0FBTyw4QkFBOEIsQ0FBQyxVQUFVLEVBQUUsQ0FBQztJQUNyRCxDQUFDO0NBQ0YifQ==
|
|
@@ -5,10 +5,54 @@ export interface CryptoAlgorithm {
|
|
|
5
5
|
export interface CryptoAlgorithmRules extends CryptoAlgorithm {
|
|
6
6
|
keywords: Array<string>;
|
|
7
7
|
}
|
|
8
|
-
export interface
|
|
8
|
+
export interface CryptoAlgorithmJobResponse {
|
|
9
9
|
file: string;
|
|
10
10
|
algorithms: Array<CryptoAlgorithm>;
|
|
11
11
|
}
|
|
12
|
-
export interface
|
|
13
|
-
|
|
12
|
+
export interface LocalCryptoAlgorithmJob {
|
|
13
|
+
file: string;
|
|
14
|
+
rules: Map<string, RegExp>;
|
|
15
|
+
cryptoMapper: Map<string, CryptoAlgorithm>;
|
|
16
|
+
}
|
|
17
|
+
export interface CryptoHintRule {
|
|
18
|
+
"id": string;
|
|
19
|
+
"name": string;
|
|
20
|
+
"description": string;
|
|
21
|
+
"keywords": Array<string>;
|
|
22
|
+
"url"?: string;
|
|
23
|
+
"category": string;
|
|
24
|
+
"purl"?: string;
|
|
25
|
+
"tags": Array<string>;
|
|
26
|
+
}
|
|
27
|
+
export interface LocalCryptoHintJob {
|
|
28
|
+
file: string;
|
|
29
|
+
rules: Array<CryptoHintRule>;
|
|
30
|
+
}
|
|
31
|
+
export interface CryptoHintJobResponse {
|
|
32
|
+
file: string;
|
|
33
|
+
hints: Array<CryptoHintResponse>;
|
|
34
|
+
}
|
|
35
|
+
export interface CryptoHintResponse {
|
|
36
|
+
"id": string;
|
|
37
|
+
"name": string;
|
|
38
|
+
"description": string;
|
|
39
|
+
"url"?: string;
|
|
40
|
+
"category": string;
|
|
41
|
+
"purl"?: string;
|
|
42
|
+
}
|
|
43
|
+
export interface CryptoAlgorithmResponse extends CryptoAlgorithm {
|
|
44
|
+
}
|
|
45
|
+
export interface LocalCryptography {
|
|
46
|
+
file: string;
|
|
47
|
+
algorithms: Array<CryptoAlgorithmResponse>;
|
|
48
|
+
hints: Array<CryptoHintResponse>;
|
|
49
|
+
}
|
|
50
|
+
export interface LocalCryptographyResponse {
|
|
51
|
+
fileList: Array<LocalCryptography>;
|
|
52
|
+
}
|
|
53
|
+
export interface CryptographyResponse {
|
|
54
|
+
purl: string;
|
|
55
|
+
version: string;
|
|
56
|
+
algorithms: Array<CryptoAlgorithmResponse>;
|
|
57
|
+
hints: Array<CryptoHintResponse>;
|
|
14
58
|
}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { CryptographyResponse } from "../../../CryptographyTypes";
|
|
2
|
+
import { AlgorithmResponse, HintsResponse } from "../../../../Services/Grpc/CryptographyService";
|
|
3
|
+
/**
|
|
4
|
+
* Collects and organizes cryptographic scan results for software components.
|
|
5
|
+
* This class maintains a mapping of component identifiers to their respective
|
|
6
|
+
* algorithm and hint detection results.
|
|
7
|
+
*/
|
|
8
|
+
export declare class ComponentCryptographyResultCollector {
|
|
9
|
+
private resultMapper;
|
|
10
|
+
/**
|
|
11
|
+
* Gets an existing result entry for a component or creates a new one if it doesn't exist.
|
|
12
|
+
* @param purl The Package URL identifier for the component.
|
|
13
|
+
* @param version The version of the component.
|
|
14
|
+
* @returns The result entry for the specified component.
|
|
15
|
+
*/
|
|
16
|
+
private getOrCreateResult;
|
|
17
|
+
/**
|
|
18
|
+
* Collects algorithm detection results and organizes them by component.
|
|
19
|
+
* @param algorithmResults The algorithm detection results to collect.
|
|
20
|
+
*/
|
|
21
|
+
collectAlgorithmResults(algorithmResults: AlgorithmResponse): void;
|
|
22
|
+
/**
|
|
23
|
+
* Collects hint detection results and organizes them by component.
|
|
24
|
+
* @param hintResults The hint detection results to collect.
|
|
25
|
+
*/
|
|
26
|
+
collectHintResults(hintResults: HintsResponse): void;
|
|
27
|
+
/**
|
|
28
|
+
* Retrieves all collected cryptography results.
|
|
29
|
+
* @returns An array of cryptography responses, one for each component.
|
|
30
|
+
*/
|
|
31
|
+
getResults(): Array<CryptographyResponse>;
|
|
32
|
+
}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Collects and organizes cryptographic scan results for software components.
|
|
3
|
+
* This class maintains a mapping of component identifiers to their respective
|
|
4
|
+
* algorithm and hint detection results.
|
|
5
|
+
*/
|
|
6
|
+
export class ComponentCryptographyResultCollector {
|
|
7
|
+
resultMapper = new Map;
|
|
8
|
+
/**
|
|
9
|
+
* Gets an existing result entry for a component or creates a new one if it doesn't exist.
|
|
10
|
+
* @param purl The Package URL identifier for the component.
|
|
11
|
+
* @param version The version of the component.
|
|
12
|
+
* @returns The result entry for the specified component.
|
|
13
|
+
*/
|
|
14
|
+
getOrCreateResult(purl, version) {
|
|
15
|
+
const key = `${purl}@${version}`;
|
|
16
|
+
if (!this.resultMapper.has(key)) {
|
|
17
|
+
this.resultMapper.set(key, {
|
|
18
|
+
purl,
|
|
19
|
+
version,
|
|
20
|
+
algorithms: [],
|
|
21
|
+
hints: []
|
|
22
|
+
});
|
|
23
|
+
}
|
|
24
|
+
return this.resultMapper.get(key);
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* Collects algorithm detection results and organizes them by component.
|
|
28
|
+
* @param algorithmResults The algorithm detection results to collect.
|
|
29
|
+
*/
|
|
30
|
+
collectAlgorithmResults(algorithmResults) {
|
|
31
|
+
algorithmResults.purlsList.forEach((p) => {
|
|
32
|
+
if (p.version) {
|
|
33
|
+
const version = p.version.startsWith('v') ? p.version.slice(1) : p.version;
|
|
34
|
+
const result = this.getOrCreateResult(p.purl, version);
|
|
35
|
+
result.algorithms = p.algorithmsList;
|
|
36
|
+
}
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* Collects hint detection results and organizes them by component.
|
|
41
|
+
* @param hintResults The hint detection results to collect.
|
|
42
|
+
*/
|
|
43
|
+
collectHintResults(hintResults) {
|
|
44
|
+
hintResults.purlsList.forEach((h) => {
|
|
45
|
+
if (h.versionsList.length > 0) {
|
|
46
|
+
const version = h.versionsList[0].startsWith('v') ? h.versionsList[0].slice(1) : h.versionsList[0];
|
|
47
|
+
const result = this.getOrCreateResult(h.purl, version);
|
|
48
|
+
result.hints = h.hintsList;
|
|
49
|
+
}
|
|
50
|
+
});
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Retrieves all collected cryptography results.
|
|
54
|
+
* @returns An array of cryptography responses, one for each component.
|
|
55
|
+
*/
|
|
56
|
+
getResults() {
|
|
57
|
+
return Array.from(this.resultMapper.values());
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ29tcG9uZW50Q3J5cHRvZ3JhcGh5UmVzdWx0Q29sbGV0b3IuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvc2RrL0NyeXB0b2dyYXBoeS9IZWxwZXIvUmVzdWx0Q29sbGVjdG9yL0NvbXBvbmVudC9Db21wb25lbnRDcnlwdG9ncmFwaHlSZXN1bHRDb2xsZXRvci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFNQTs7OztHQUlHO0FBQ0gsTUFBTSxPQUFPLG9DQUFvQztJQUV2QyxZQUFZLEdBQUcsSUFBSSxHQUt6QixDQUFBO0lBRUY7Ozs7O09BS0c7SUFDSyxpQkFBaUIsQ0FBQyxJQUFZLEVBQUUsT0FBYztRQUNwRCxNQUFNLEdBQUcsR0FBRyxHQUFHLElBQUksSUFBSSxPQUFPLEVBQUUsQ0FBQztRQUNqQyxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUNoQyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxHQUFHLEVBQUU7Z0JBQ3pCLElBQUk7Z0JBQ0osT0FBTztnQkFDUCxVQUFVLEVBQUUsRUFBRTtnQkFDZCxLQUFLLEVBQUUsRUFBRTthQUNWLENBQUMsQ0FBQztRQUNMLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFFRDs7O09BR0c7SUFDSSx1QkFBdUIsQ0FBQyxnQkFBbUM7UUFDaEUsZ0JBQWdCLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO1lBQ3ZDLElBQUksQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO2dCQUNkLE1BQU0sT0FBTyxHQUFHLENBQUMsQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQztnQkFDM0UsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ3RELE1BQU0sQ0FBQyxVQUFVLEdBQUcsQ0FBQyxDQUFDLGNBQWMsQ0FBQztZQUN2QyxDQUFDO1FBQ0gsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksa0JBQWtCLENBQUMsV0FBMEI7UUFDbEQsV0FBVyxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRTtZQUNsQyxJQUFJLENBQUMsQ0FBQyxZQUFZLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUM5QixNQUFNLE9BQU8sR0FBRyxDQUFDLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ25HLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDLENBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO2dCQUN2RCxNQUFNLENBQUMsS0FBSyxHQUFHLENBQUMsQ0FBQyxTQUFTLENBQUM7WUFDN0IsQ0FBQztRQUNILENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7T0FHRztJQUNJLFVBQVU7UUFDYixPQUFPLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO0lBQ2xELENBQUM7Q0FFRiJ9
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import { CryptoAlgorithmJobResponse, CryptoHintJobResponse, LocalCryptographyResponse } from "../../../CryptographyTypes";
|
|
2
|
+
export interface CryptographyCollector {
|
|
3
|
+
collectAlgorithmResults(algorithmResults: Array<CryptoAlgorithmJobResponse>): void;
|
|
4
|
+
collectHintResults(algorithmResults: Array<CryptoHintJobResponse>): void;
|
|
5
|
+
}
|
|
6
|
+
/**
|
|
7
|
+
* Collects and organizes cryptographic scan results for individual files.
|
|
8
|
+
* This class implements the CryptographyCollector interface and maintains
|
|
9
|
+
* a mapping of file paths to their respective algorithm and hint detection results.
|
|
10
|
+
*/
|
|
11
|
+
export declare class FileCryptographyResultCollector implements CryptographyCollector {
|
|
12
|
+
private resultMapper;
|
|
13
|
+
/**
|
|
14
|
+
* Gets an existing result entry for a file or creates a new one if it doesn't exist.
|
|
15
|
+
* @param file The path to the file.
|
|
16
|
+
* @returns The result entry for the specified file.
|
|
17
|
+
*/
|
|
18
|
+
private getOrCreateFileResult;
|
|
19
|
+
/**
|
|
20
|
+
* Collects algorithm detection results and organizes them by file.
|
|
21
|
+
* Skips files that have no detected algorithms.
|
|
22
|
+
* @param algorithmResults The array of algorithm job responses to collect.
|
|
23
|
+
*/
|
|
24
|
+
collectAlgorithmResults(algorithmResults: Array<CryptoAlgorithmJobResponse>): void;
|
|
25
|
+
/**
|
|
26
|
+
* Collects hint detection results and organizes them by file.
|
|
27
|
+
* Skips files that have no detected hints.
|
|
28
|
+
* @param hintsResults The array of hint job responses to collect.
|
|
29
|
+
*/
|
|
30
|
+
collectHintResults(hintsResults: Array<CryptoHintJobResponse>): void;
|
|
31
|
+
/**
|
|
32
|
+
* Retrieves all collected cryptography results for files.
|
|
33
|
+
* @returns A LocalCryptographyResponse containing results for all files.
|
|
34
|
+
*/
|
|
35
|
+
getResults(): LocalCryptographyResponse;
|
|
36
|
+
}
|
package/build/module/sdk/Cryptography/Helper/ResultCollector/File/FileCryptographyResultCollector.js
ADDED
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Collects and organizes cryptographic scan results for individual files.
|
|
3
|
+
* This class implements the CryptographyCollector interface and maintains
|
|
4
|
+
* a mapping of file paths to their respective algorithm and hint detection results.
|
|
5
|
+
*/
|
|
6
|
+
export class FileCryptographyResultCollector {
|
|
7
|
+
resultMapper = new Map;
|
|
8
|
+
/**
|
|
9
|
+
* Gets an existing result entry for a file or creates a new one if it doesn't exist.
|
|
10
|
+
* @param file The path to the file.
|
|
11
|
+
* @returns The result entry for the specified file.
|
|
12
|
+
*/
|
|
13
|
+
getOrCreateFileResult(file) {
|
|
14
|
+
if (!this.resultMapper.has(file)) {
|
|
15
|
+
this.resultMapper.set(file, {
|
|
16
|
+
file,
|
|
17
|
+
algorithms: [],
|
|
18
|
+
hints: []
|
|
19
|
+
});
|
|
20
|
+
}
|
|
21
|
+
return this.resultMapper.get(file);
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Collects algorithm detection results and organizes them by file.
|
|
25
|
+
* Skips files that have no detected algorithms.
|
|
26
|
+
* @param algorithmResults The array of algorithm job responses to collect.
|
|
27
|
+
*/
|
|
28
|
+
collectAlgorithmResults(algorithmResults) {
|
|
29
|
+
algorithmResults.forEach((r) => {
|
|
30
|
+
if (r.algorithms.length <= 0)
|
|
31
|
+
return;
|
|
32
|
+
const result = this.getOrCreateFileResult(r.file);
|
|
33
|
+
result.algorithms = r.algorithms;
|
|
34
|
+
});
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Collects hint detection results and organizes them by file.
|
|
38
|
+
* Skips files that have no detected hints.
|
|
39
|
+
* @param hintsResults The array of hint job responses to collect.
|
|
40
|
+
*/
|
|
41
|
+
collectHintResults(hintsResults) {
|
|
42
|
+
hintsResults.forEach((r) => {
|
|
43
|
+
if (r.hints.length <= 0)
|
|
44
|
+
return;
|
|
45
|
+
const result = this.getOrCreateFileResult(r.file);
|
|
46
|
+
result.hints = r.hints;
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
|
+
/**
|
|
50
|
+
* Retrieves all collected cryptography results for files.
|
|
51
|
+
* @returns A LocalCryptographyResponse containing results for all files.
|
|
52
|
+
*/
|
|
53
|
+
getResults() {
|
|
54
|
+
return {
|
|
55
|
+
fileList: Array.from(this.resultMapper.values())
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRmlsZUNyeXB0b2dyYXBoeVJlc3VsdENvbGxlY3Rvci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uLy4uL3NyYy9zZGsvQ3J5cHRvZ3JhcGh5L0hlbHBlci9SZXN1bHRDb2xsZWN0b3IvRmlsZS9GaWxlQ3J5cHRvZ3JhcGh5UmVzdWx0Q29sbGVjdG9yLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQVVBOzs7O0dBSUc7QUFDSCxNQUFNLE9BQU8sK0JBQStCO0lBRWxDLFlBQVksR0FBRyxJQUFJLEdBSXpCLENBQUE7SUFFRjs7OztPQUlHO0lBQ0sscUJBQXFCLENBQUMsSUFBWTtRQUN4QyxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUNqQyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUU7Z0JBQzFCLElBQUk7Z0JBQ0osVUFBVSxFQUFFLEVBQUU7Z0JBQ2QsS0FBSyxFQUFFLEVBQUU7YUFDVixDQUFDLENBQUM7UUFDTCxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLHVCQUF1QixDQUFDLGdCQUFrRDtRQUMvRSxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUMsRUFBRTtZQUM1QixJQUFJLENBQUMsQ0FBQyxVQUFVLENBQUMsTUFBTSxJQUFJLENBQUM7Z0JBQUUsT0FBTztZQUNyQyxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMscUJBQXFCLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ2xELE1BQU0sQ0FBQyxVQUFVLEdBQUcsQ0FBQyxDQUFDLFVBQVUsQ0FBQztRQUNuQyxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksa0JBQWtCLENBQUMsWUFBMEM7UUFDbEUsWUFBWSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBQyxFQUFFO1lBQ3hCLElBQUksQ0FBQyxDQUFDLEtBQUssQ0FBQyxNQUFNLElBQUksQ0FBQztnQkFBRSxPQUFPO1lBQ2hDLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDbEQsTUFBTSxDQUFDLEtBQUssR0FBRyxDQUFDLENBQUMsS0FBSyxDQUFDO1FBQ3pCLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7T0FHRztJQUNJLFVBQVU7UUFDZixPQUFPO1lBQ0wsUUFBUSxFQUFFLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxNQUFNLEVBQUUsQ0FBQztTQUNqRCxDQUFBO0lBQ0gsQ0FBQztDQUNGIn0=
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { ComponentCryptographyResultCollector } from "../../Helper/ResultCollector/Component/ComponentCryptographyResultColletor";
|
|
2
|
+
import { PurlRequest } from "../../../Services/Grpc/BaseService";
|
|
3
|
+
import { HintsResponse } from "../../../Services/Grpc/CryptographyService";
|
|
4
|
+
import { BaseCryptographyScanner } from "../../BaseCryptographyScanner";
|
|
5
|
+
/**
|
|
6
|
+
* Scanner for detecting cryptographic hints in software components.
|
|
7
|
+
* This class extends the base cryptography scanner to specifically handle
|
|
8
|
+
* component-level cryptographic hint detection using a remote service.
|
|
9
|
+
*/
|
|
10
|
+
export declare class ComponentHintScanner extends BaseCryptographyScanner<ComponentCryptographyResultCollector, PurlRequest, HintsResponse> {
|
|
11
|
+
/**
|
|
12
|
+
* Scans components identified by PURL for cryptographic hints.
|
|
13
|
+
* This method connects to a cryptography service to retrieve encryption
|
|
14
|
+
* hints for the specified components.
|
|
15
|
+
* @param req A request containing PURL (Package URL) identifiers for components to scan.
|
|
16
|
+
* @returns {HintsResponse} A promise that resolves to a HintsResponse containing detected cryptographic hints.
|
|
17
|
+
*/
|
|
18
|
+
scan(req: PurlRequest): Promise<HintsResponse>;
|
|
19
|
+
}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { CryptographyService } from "../../../Services/Grpc/CryptographyService";
|
|
2
|
+
import { BaseCryptographyScanner } from "../../BaseCryptographyScanner";
|
|
3
|
+
/**
|
|
4
|
+
* Scanner for detecting cryptographic hints in software components.
|
|
5
|
+
* This class extends the base cryptography scanner to specifically handle
|
|
6
|
+
* component-level cryptographic hint detection using a remote service.
|
|
7
|
+
*/
|
|
8
|
+
export class ComponentHintScanner extends BaseCryptographyScanner {
|
|
9
|
+
/**
|
|
10
|
+
* Scans components identified by PURL for cryptographic hints.
|
|
11
|
+
* This method connects to a cryptography service to retrieve encryption
|
|
12
|
+
* hints for the specified components.
|
|
13
|
+
* @param req A request containing PURL (Package URL) identifiers for components to scan.
|
|
14
|
+
* @returns {HintsResponse} A promise that resolves to a HintsResponse containing detected cryptographic hints.
|
|
15
|
+
*/
|
|
16
|
+
async scan(req) {
|
|
17
|
+
const cryptographyService = new CryptographyService(this.config.getApikey(), this.config.getProxy());
|
|
18
|
+
const results = await cryptographyService.getEncryptionHints(req);
|
|
19
|
+
this.resultCollector.collectHintResults(results);
|
|
20
|
+
return results;
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ29tcG9uZW50SGludFNjYW5uZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi9zcmMvc2RrL0NyeXB0b2dyYXBoeS9IaW50L0NvbXBvbmVudHMvQ29tcG9uZW50SGludFNjYW5uZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBSUEsT0FBTyxFQUFFLG1CQUFtQixFQUNYLE1BQU0sNENBQTRDLENBQUM7QUFDcEUsT0FBTyxFQUFFLHVCQUF1QixFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFFeEU7Ozs7R0FJRztBQUNILE1BQU0sT0FBTyxvQkFDWCxTQUFRLHVCQUdRO0lBRWhCOzs7Ozs7T0FNRztJQUNJLEtBQUssQ0FBQyxJQUFJLENBQUMsR0FBZ0I7UUFDaEMsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLG1CQUFtQixDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxFQUFFLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDO1FBQ3JHLE1BQU0sT0FBTyxHQUFHLE1BQU0sbUJBQW1CLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDbEUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNqRCxPQUFPLE9BQU8sQ0FBQztJQUNqQixDQUFDO0NBQ0YifQ==
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { CryptoCfg } from "../../CryptoCfg";
|
|
2
|
+
import { CryptoHintJobResponse } from "../../CryptographyTypes";
|
|
3
|
+
import { BaseCryptographyScanner } from "../../BaseCryptographyScanner";
|
|
4
|
+
import { FileCryptographyResultCollector } from "../../Helper/ResultCollector/File/FileCryptographyResultCollector";
|
|
5
|
+
/**
|
|
6
|
+
* A class responsible for scanning files for cryptographic items.
|
|
7
|
+
*/
|
|
8
|
+
export declare class FileHintScanner extends BaseCryptographyScanner<FileCryptographyResultCollector, Array<string>, Array<CryptoHintJobResponse>> {
|
|
9
|
+
private readonly DEFAULT_CRYPTO_LIBRARY_RULE_FILENAME;
|
|
10
|
+
/**
|
|
11
|
+
* Constructs a new CryptographyScanner.
|
|
12
|
+
* @param cryptoCfg The cryptographic configuration.
|
|
13
|
+
* @param resultCollector cryptography results collector
|
|
14
|
+
*/
|
|
15
|
+
constructor(cryptoCfg: CryptoCfg, resultCollector: FileCryptographyResultCollector);
|
|
16
|
+
/**
|
|
17
|
+
* Builds a collection of cryptographic hint analysis jobs from an array of files.
|
|
18
|
+
* This method loads library rules and initializes job objects for each file
|
|
19
|
+
* that will be used for cryptographic hint detection.
|
|
20
|
+
* @param files An array of file paths to analyze for cryptographic hints.
|
|
21
|
+
* @returns A promise that resolves to an array of job objects configured for hint analysis.
|
|
22
|
+
*/
|
|
23
|
+
private buildJobs;
|
|
24
|
+
/**
|
|
25
|
+
* Scans an array of files for cryptographic items.
|
|
26
|
+
* @param files An array of file paths to scan.
|
|
27
|
+
* @returns A promise that resolves to an ILocalCryptographyResponse.
|
|
28
|
+
*/
|
|
29
|
+
scan(files: Array<string>): Promise<Array<CryptoHintJobResponse>>;
|
|
30
|
+
/**
|
|
31
|
+
* Loads custom cryptographic rules from a file.
|
|
32
|
+
* @returns A promise that resolves to the loaded rules.
|
|
33
|
+
*/
|
|
34
|
+
private loadRules;
|
|
35
|
+
}
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
import { Job } from "../../../Utils/Concurrency/Job";
|
|
2
|
+
import path from "path";
|
|
3
|
+
import fs from "fs";
|
|
4
|
+
import { WorkerPool } from "../../../Utils/Concurrency/WorkerPool";
|
|
5
|
+
import { cryptographyHintProcessor } from "./HintProcessor";
|
|
6
|
+
import { BaseCryptographyScanner } from "../../BaseCryptographyScanner";
|
|
7
|
+
/**
|
|
8
|
+
* A class responsible for scanning files for cryptographic items.
|
|
9
|
+
*/
|
|
10
|
+
export class FileHintScanner extends BaseCryptographyScanner {
|
|
11
|
+
DEFAULT_CRYPTO_LIBRARY_RULE_FILENAME = 'scanoss-crypto-library-rules.json';
|
|
12
|
+
/**
|
|
13
|
+
* Constructs a new CryptographyScanner.
|
|
14
|
+
* @param cryptoCfg The cryptographic configuration.
|
|
15
|
+
* @param resultCollector cryptography results collector
|
|
16
|
+
*/
|
|
17
|
+
constructor(cryptoCfg, resultCollector) {
|
|
18
|
+
super(cryptoCfg, resultCollector);
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Builds a collection of cryptographic hint analysis jobs from an array of files.
|
|
22
|
+
* This method loads library rules and initializes job objects for each file
|
|
23
|
+
* that will be used for cryptographic hint detection.
|
|
24
|
+
* @param files An array of file paths to analyze for cryptographic hints.
|
|
25
|
+
* @returns A promise that resolves to an array of job objects configured for hint analysis.
|
|
26
|
+
*/
|
|
27
|
+
async buildJobs(files) {
|
|
28
|
+
const rules = await this.loadRules(this.config.getLibraryRulesPath());
|
|
29
|
+
const jobs = [];
|
|
30
|
+
files.forEach((f) => {
|
|
31
|
+
const newJob = new Job({
|
|
32
|
+
file: f,
|
|
33
|
+
rules,
|
|
34
|
+
});
|
|
35
|
+
jobs.push(newJob);
|
|
36
|
+
});
|
|
37
|
+
return jobs;
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* Scans an array of files for cryptographic items.
|
|
41
|
+
* @param files An array of file paths to scan.
|
|
42
|
+
* @returns A promise that resolves to an ILocalCryptographyResponse.
|
|
43
|
+
*/
|
|
44
|
+
async scan(files) {
|
|
45
|
+
const workerPool = new WorkerPool(cryptographyHintProcessor, this.config.getNumberOfThreads());
|
|
46
|
+
const jobs = await this.buildJobs(files);
|
|
47
|
+
workerPool.loadJobs(jobs);
|
|
48
|
+
const results = await workerPool.run();
|
|
49
|
+
this.resultCollector.collectHintResults(results);
|
|
50
|
+
return results;
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Loads custom cryptographic rules from a file.
|
|
54
|
+
* @returns A promise that resolves to the loaded rules.
|
|
55
|
+
*/
|
|
56
|
+
async loadRules(rulePath) {
|
|
57
|
+
const cryptoRulePath = rulePath ? rulePath : path.join(__dirname, '../../../../../../assets/data', this.DEFAULT_CRYPTO_LIBRARY_RULE_FILENAME);
|
|
58
|
+
const rules = await fs.promises.readFile(cryptoRulePath, 'utf-8');
|
|
59
|
+
return JSON.parse(rules);
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRmlsZUhpbnRTY2FubmVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vc3JjL3Nkay9DcnlwdG9ncmFwaHkvSGludC9GaWxlcy9GaWxlSGludFNjYW5uZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUFFLEdBQUcsRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBS3JELE9BQU8sSUFBSSxNQUFNLE1BQU0sQ0FBQztBQUN4QixPQUFPLEVBQUUsTUFBTSxJQUFJLENBQUM7QUFDcEIsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLHVDQUF1QyxDQUFDO0FBQ25FLE9BQU8sRUFBRSx5QkFBeUIsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQzVELE9BQU8sRUFBRSx1QkFBdUIsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBTXhFOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGVBQ1gsU0FBUSx1QkFHdUI7SUFFZCxvQ0FBb0MsR0FBRyxtQ0FBbUMsQ0FBQztJQUU1Rjs7OztPQUlHO0lBQ0gsWUFBWSxTQUFvQixFQUFFLGVBQWdEO1FBQ2hGLEtBQUssQ0FBQyxTQUFTLEVBQUMsZUFBZSxDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNLLEtBQUssQ0FBQyxTQUFTLENBQUMsS0FBZTtRQUNyQyxNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLENBQUM7UUFDdEUsTUFBTSxJQUFJLEdBQW1DLEVBQUUsQ0FBQztRQUNoRCxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7WUFDbEIsTUFBTSxNQUFNLEdBQUcsSUFBSSxHQUFHLENBQXFCO2dCQUN6QyxJQUFJLEVBQUMsQ0FBQztnQkFDTixLQUFLO2FBQ04sQ0FBQyxDQUFDO1lBQ0gsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQTtRQUNuQixDQUFDLENBQUMsQ0FBQztRQUNILE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxLQUFLLENBQUMsSUFBSSxDQUFDLEtBQW9CO1FBQ3BDLE1BQU0sVUFBVSxHQUFHLElBQUksVUFBVSxDQUE0Qyx5QkFBeUIsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLGtCQUFrQixFQUFFLENBQUMsQ0FBQztRQUMxSSxNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDekMsVUFBVSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsQ0FBQTtRQUN6QixNQUFNLE9BQU8sR0FBRyxNQUFNLFVBQVUsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUN2QyxJQUFJLENBQUMsZUFBZSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFBO1FBQ2hELE9BQU8sT0FBTyxDQUFDO0lBQ2pCLENBQUM7SUFFRDs7O09BR0c7SUFDSyxLQUFLLENBQUMsU0FBUyxDQUFDLFFBQWlCO1FBQ3ZDLE1BQU0sY0FBYyxHQUFHLFFBQVEsQ0FBQyxDQUFDLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBRSxJQUFJLENBQUMsSUFBSSxDQUNyRCxTQUFTLEVBQ1QsK0JBQStCLEVBQUUsSUFBSSxDQUFDLG9DQUFvQyxDQUFDLENBQUM7UUFDOUUsTUFBTSxLQUFLLEdBQUcsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxjQUFjLEVBQUMsT0FBTyxDQUFDLENBQUM7UUFDakUsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQzNCLENBQUM7Q0FJRiJ9
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const cryptographyHintProcessor = "\nconst { parentPort } = require('worker_threads');\nconst fs = require('fs');\n\nparentPort.on('message', async (job) => {\n\n const MAX_FILE_SIZE = 2 * 1024 * 1024 * 1024;\n const { data } = job;\n const { file, rules } = data;\n\n const stats = await fs.promises.stat(file);\n if (stats.size > MAX_FILE_SIZE) {\n parentPort.postMessage({ file, hints: [] });\n return;\n }\n\n let content = fs.readFileSync(file, 'utf-8');\n const hints = [];\n rules.forEach((rule) => {\n for (const keyword of rule.keywords) {\n if (content.includes(keyword)) {\n const {id, name, description, url , category, purl } = rule;\n hints.push({ id, name, category, purl, description, url });\n break;\n }\n }\n });\n parentPort.postMessage({ file, hints });\n });\n";
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
export const cryptographyHintProcessor = `
|
|
2
|
+
const { parentPort } = require('worker_threads');
|
|
3
|
+
const fs = require('fs');
|
|
4
|
+
|
|
5
|
+
parentPort.on('message', async (job) => {
|
|
6
|
+
|
|
7
|
+
const MAX_FILE_SIZE = 2 * 1024 * 1024 * 1024;
|
|
8
|
+
const { data } = job;
|
|
9
|
+
const { file, rules } = data;
|
|
10
|
+
|
|
11
|
+
const stats = await fs.promises.stat(file);
|
|
12
|
+
if (stats.size > MAX_FILE_SIZE) {
|
|
13
|
+
parentPort.postMessage({ file, hints: [] });
|
|
14
|
+
return;
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
let content = fs.readFileSync(file, 'utf-8');
|
|
18
|
+
const hints = [];
|
|
19
|
+
rules.forEach((rule) => {
|
|
20
|
+
for (const keyword of rule.keywords) {
|
|
21
|
+
if (content.includes(keyword)) {
|
|
22
|
+
const {id, name, description, url , category, purl } = rule;
|
|
23
|
+
hints.push({ id, name, category, purl, description, url });
|
|
24
|
+
break;
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
});
|
|
28
|
+
parentPort.postMessage({ file, hints });
|
|
29
|
+
});
|
|
30
|
+
`;
|
|
31
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiSGludFByb2Nlc3Nvci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL3NyYy9zZGsvQ3J5cHRvZ3JhcGh5L0hpbnQvRmlsZXMvSGludFByb2Nlc3Nvci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxNQUFNLENBQUMsTUFBTSx5QkFBeUIsR0FBRzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Q0E2QnhDLENBQUMifQ==
|