Full documentation about extending the plugin (#27)

* add docs

Signed-off-by: Hugo Queinnec <[email protected]>

* full intro

Signed-off-by: Hugo Queinnec <[email protected]>

* update

Signed-off-by: Hugo Queinnec <[email protected]>

* four classes to use in generics

Signed-off-by: Hugo Queinnec <[email protected]>

* engine

Signed-off-by: Hugo Queinnec <[email protected]>

* check registrar

Signed-off-by: Hugo Queinnec <[email protected]>

* finish 1st part

Signed-off-by: Hugo Queinnec <[email protected]>

* update

Signed-off-by: Hugo Queinnec <[email protected]>

* edit tree link

Signed-off-by: Hugo Queinnec <[email protected]>

* update

Signed-off-by: Hugo Queinnec <[email protected]>

* Detailed explanations

Signed-off-by: Hugo Queinnec <[email protected]>

* finish Detailed explanations

Signed-off-by: Hugo Queinnec <[email protected]>

* example

Signed-off-by: Hugo Queinnec <[email protected]>

* special cases

Signed-off-by: Hugo Queinnec <[email protected]>

* update

Signed-off-by: Hugo Queinnec <[email protected]>

* update

Signed-off-by: Hugo Queinnec <[email protected]>

* translation

Signed-off-by: Hugo Queinnec <[email protected]>

* reorganization rules

Signed-off-by: Hugo Queinnec <[email protected]>

* translation

Signed-off-by: Hugo Queinnec <[email protected]>

* asserts and graphs

Signed-off-by: Hugo Queinnec <[email protected]>

* update main readme

Signed-off-by: Hugo Queinnec <[email protected]>

* mistakes

Signed-off-by: Hugo Queinnec <[email protected]>

* proofread language support

Signed-off-by: Hugo Queinnec <[email protected]>

* proofread detection rules

Signed-off-by: Hugo Queinnec <[email protected]>

* diagrams

Signed-off-by: Hugo Queinnec <[email protected]>

* disclaimer

Signed-off-by: Hugo Queinnec <[email protected]>

* architecture diagram

Signed-off-by: Hugo Queinnec <[email protected]>

* fix

Signed-off-by: Hugo Queinnec <[email protected]>

* Update docs/DETECTION_RULE_STRUCTURE.md

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* Update docs/DETECTION_RULE_STRUCTURE.md

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* Update docs/DETECTION_RULE_STRUCTURE.md

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* Apply suggestions from code review

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* coherence

Signed-off-by: Hugo Queinnec <[email protected]>

* Function3 footnote

Signed-off-by: Hugo Queinnec <[email protected]>

* fix

Signed-off-by: Hugo Queinnec <[email protected]>

* clarifications

Signed-off-by: Hugo Queinnec <[email protected]>

* Apply suggestions from code review

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* fix

Signed-off-by: Hugo Queinnec <[email protected]>

* Apply suggestions from code review

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* fix

Signed-off-by: Hugo Queinnec <[email protected]>

* Apply suggestions from code review

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* fix

Signed-off-by: Hugo Queinnec <[email protected]>

* Apply suggestions from code review

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

* fix

Signed-off-by: Hugo Queinnec <[email protected]>

* fix a rule

Signed-off-by: Hugo Queinnec <[email protected]>

* fix

Signed-off-by: Hugo Queinnec <[email protected]>

* final fix of detection_rule_structure

Signed-off-by: Hugo Queinnec <[email protected]>

* Apply suggestions from code review

Co-authored-by: Nicklas Körtge <[email protected]>
Signed-off-by: Hugo Queinnec <[email protected]>

---------

Signed-off-by: Hugo Queinnec <[email protected]>
Co-authored-by: Nicklas Körtge <[email protected]>

README.md

@@ -18,10 +18,16 @@ in source code and generates [CBOM](https://cyclonedx.org/capabilities/cbom/).
 | Language | Cryptographic Library                                                                         | Coverage | 
 |----------|-----------------------------------------------------------------------------------------------|----------|
 | Java     | [JCA](https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html) | 100%     |
-|          | [BouncyCastle](https://github.com/bcgit/bc-java)                                              | 80%      |
+|          | [BouncyCastle](https://github.com/bcgit/bc-java) (*light-weight API*)                         | 100%[^1] |
 | Python   | [pyca/cryptography](https://cryptography.io/en/latest/)                                       | 100%     |
 
-> The plugin is designed so that it can be extended to support additional languages and recognition rules to support more libraries. Detailed instructions on how to add new languages and recognition rules will follow shortly.
+
+[^1]: We only cover the BouncyCastle *light-weight API* according to [this specification](https://javadoc.io/static/org.bouncycastle/bctls-jdk14/1.75/specifications.html)
+
+> [!NOTE]
+> The plugin is designed in a modular way so that it can be extended to support additional languages and recognition rules to support more libraries.
+> - To add support for another language or cryptography library, see [*Extending the Sonar Cryptography Plugin to add support for another language or cryptography library*](./docs/LANGUAGE_SUPPORT.md)
+> - If you just want to know more about the syntax for writing new detection rules, see [*Writing new detection rules for the Sonar Cryptography Plugin*](./docs/DETECTION_RULE_STRUCTURE.md)
 
 ## Installation
 

java/src/main/java/com/ibm/plugin/rules/detection/bc/cipherparameters/BcKeyParameter.java

@@ -47,7 +47,6 @@ private BcKeyParameter() {
                     .withMethodParameter("int")
                     .withMethodParameter("int")
                     .shouldBeDetectedAs(new KeySizeFactory<>(Size.UnitType.BIT))
-                    .asChildOfParameterWithId(-1)
                     .buildForContext(
                             new AlgorithmParameterContext(AlgorithmParameterContext.Kind.KEY))
                     .inBundle(() -> "BcKeyParameter")

java/src/main/java/com/ibm/plugin/translation/reorganizer/rules/AsymmetricBlockCipherReorganizer.java

@@ -134,8 +134,7 @@ private AsymmetricBlockCipherReorganizer() {
                             (node, parent, roots) -> {
                                 INode oaepChild =
                                         node.getChildren()
-                                                .get(OptimalAsymmetricEncryptionPadding.class)
-                                                .deepCopy();
+                                                .get(OptimalAsymmetricEncryptionPadding.class);
                                 INode messageDigestChild =
                                         node.getChildren().get(MessageDigest.class).deepCopy();
 

java/src/main/java/com/ibm/plugin/translation/JavaMapperConfig.java → java/src/main/java/com/ibm/plugin/translation/translator/JavaMapperConfig.java

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package com.ibm.plugin.translation;
+package com.ibm.plugin.translation.translator;
 
 import com.ibm.mapper.configuration.Configuration;
 import javax.annotation.Nonnull;

java/src/main/java/com/ibm/plugin/translation/translator/JavaTranslator.java

@@ -25,7 +25,6 @@
 import com.ibm.mapper.ITranslator;
 import com.ibm.mapper.model.*;
 import com.ibm.mapper.utils.DetectionLocation;
-import com.ibm.plugin.translation.JavaMapperConfig;
 import com.ibm.plugin.translation.translator.contexts.*;
 import java.util.List;
 import java.util.Map;