CROSSINGTUD · sritejakv · May 28, 2019 · May 29, 2019 · May 30, 2019 · May 31, 2019
diff --git a/CryptoAnalysis/pom.xml b/CryptoAnalysis/pom.xml
@@ -282,6 +282,22 @@
 			<artifactId>gson</artifactId>
 			<version>2.8.6</version>
 		</dependency>
+		<!-- https://mvnrepository.com/artifact/com.google.apis/google-api-services-sheets -->
+		<dependency>
+			<groupId>com.google.apis</groupId>
+			<artifactId>google-api-services-sheets</artifactId>
+			<version>v4-rev614-1.18.0-rc</version>
+		</dependency>
+		<dependency>
+			<groupId>com.google.oauth-client</groupId>
+			<artifactId>google-oauth-client-jetty</artifactId>
+			<version>1.31.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.google.api-client</groupId>
+			<artifactId>google-api-client</artifactId>
+			<version>1.30.10</version>
+		</dependency>
 		<dependency>
 			<groupId>de.darmstadt.tu.crossing.CrySL</groupId>
 			<artifactId>de.darmstadt.tu.crossing.CrySL</artifactId>
@@ -304,6 +320,12 @@
 			<artifactId>org.eclipse.emf.ecore</artifactId>
 			<version>2.23.0</version>
 		</dependency>
+		<!-- https://mvnrepository.com/artifact/org.eclipse.jgit/org.eclipse.jgit -->
+		<dependency>
+			<groupId>org.eclipse.jgit</groupId>
+			<artifactId>org.eclipse.jgit</artifactId>
+			<version>4.8.0.201706111038-r</version>
+		</dependency>
 		<!-- https://mvnrepository.com/artifact/javax.servlet/javax.servlet-api -->
 		<dependency>
 			<groupId>javax.servlet</groupId>

diff --git a/CryptoAnalysis/src/main/java/crypto/reporting/CommandLineReporter.java b/CryptoAnalysis/src/main/java/crypto/reporting/CommandLineReporter.java
@@ -13,7 +13,7 @@ public class CommandLineReporter extends ErrorMarkerListener {
 	private File outputFolder;
 	private List<CrySLRule> rules;
 	private Collection<IAnalysisSeed> objects = new HashSet<>();
-	
+
 	/**
 	 * The analysis report
 	 */
@@ -22,24 +22,24 @@ public class CommandLineReporter extends ErrorMarkerListener {
 
 	/**
 	 * Creates {@link CommandLineReporter} a constructor with reportDir and rules as parameter
-	 * 
+	 *
 	 * @param reportDir a {@link String} path giving the location of the report directory
 	 * @param rules {@link CrySLRule} the rules with which the project is analyzed
 	 */
 	public CommandLineReporter(String reportDir, List<CrySLRule> rules) {
 		this.outputFolder = (reportDir != null ? new File(reportDir) : null);
 		this.rules = rules;
 	}
-	
+
 	/**
 	 * Creates {@link CommandLineReporter} a constructor with reportDir and rules as parameter
-	 * 
+	 *
 	 * @param rules {@link CrySLRule} the rules with which the project is analyzed
 	 */
 	public CommandLineReporter(List<CrySLRule> rules) {
 		this.rules = rules;
 	}
-	
+
 	@Override
 	public void discoveredSeed(IAnalysisSeed object) {
 		this.objects.add(object);
@@ -48,5 +48,25 @@ public void discoveredSeed(IAnalysisSeed object) {
 	public void afterAnalysis() {
 		this.analysisReport = ReporterHelper.generateReport(this.rules, this.objects, this.secureObjects, this.errorMarkers, this.errorMarkerCount);
 		System.out.println(analysisReport);
+
+		/*
+		if (outputFolder != null) {
+			try {
+				FileWriter writer = new FileWriter(outputFolder +"/CogniCrypt-Report.txt");
+				writer.write(s);
+				writer.close();
+				for (SootClass c : this.errorMarkers.rowKeySet()) {
+					FileOutputStream streamOut = new FileOutputStream(new File(outputFolder +"/"+c.toString()+".jimple"));
+					PrintWriter writerOut = new PrintWriter(new EscapedWriter(new OutputStreamWriter(streamOut)));
+					Printer.v().printTo(c, writerOut);
+					writerOut.flush();
+					streamOut.close();
+					writerOut.close();
+				}
+			} catch (IOException e) {
+				throw new RuntimeException("Could not write to file " + outputFolder);
+			}
+		}
+		*/
 	}
 }
diff --git a/CryptoAnalysis/src/main/java/crypto/reporting/ReporterHelper.java b/CryptoAnalysis/src/main/java/crypto/reporting/ReporterHelper.java
@@ -65,6 +65,7 @@ public static String generateReport(List<CrySLRule> rules, Collection<IAnalysisS
 					}
 					report += String.format("\t\t\t%s\n", marker.toErrorMarkerString());
 					report += String.format("\t\t\tat statement: %s\n\n", marker.getErrorLocation().getUnit().get());
+					report += String.format("\t\t\tat line: %s\n\n", marker.getErrorLocation().getUnit().get().getJavaSourceStartLineNumber());
 				}
 			}
 			report += "\n";

diff --git a/CryptoAnalysis/src/main/java/crypto/reporting/SARIFConfig.java b/CryptoAnalysis/src/main/java/crypto/reporting/SARIFConfig.java
@@ -1,6 +1,8 @@
 package crypto.reporting;
 
 public class SARIFConfig {
+	public static final String SCHEMA_KEY = "$schema";
+	public static final String SCHEMA_VALUE = "http://json.schemastore.org/sarif-2.0.0";
 	public static final String VERSION = "version";
 	public static final String SARIF_VERSION_NUMBER = "2.0.0";
 	public static final String VERSION_NUMBER = "1.0.0";

diff --git a/CryptoAnalysis/src/main/java/crypto/reporting/SARIFReporter.java b/CryptoAnalysis/src/main/java/crypto/reporting/SARIFReporter.java
@@ -110,6 +110,7 @@ private JSONObject makeSARIF() {
 		this.resources.put(SARIFConfig.RULES_KEY, this.rules);
 		JSONObject sarif = new JSONObject();
 		sarif.put(SARIFConfig.VERSION, SARIFConfig.SARIF_VERSION_NUMBER);
+		sarif.put(SARIFConfig.SCHEMA_KEY, SARIFConfig.SCHEMA_VALUE);
 		JSONArray runs = new JSONArray();
 		JSONObject run = new JSONObject();
 		run.put(SARIFConfig.TOOL_KEY, this.sarifHelper.getToolInfo());

diff --git a/CryptoAnalysis/src/test/java/tests/performance/BenchmarkProject.java b/CryptoAnalysis/src/test/java/tests/performance/BenchmarkProject.java
@@ -0,0 +1,77 @@
+package tests.performance;
+
+import crypto.analysis.CrySLRulesetSelector.Ruleset;
+
+public class BenchmarkProject {
+	String name, projectPath, gitUrl, sootClassPath, commitId;
+	boolean isMavenProject;
+	Ruleset[] ruleSet;
+
+	public String getName() {
+		return name;
+	}
+
+	public BenchmarkProject(String name, String projectPath, String gitUrl, String commitId, String sootClassPath, boolean isMavenProject,
+			Ruleset[] ruleSet) {
+		this.name = name;
+		this.projectPath = projectPath;
+		this.gitUrl = gitUrl;
+		this.commitId = commitId;
+		this.sootClassPath = sootClassPath;
+		this.isMavenProject = isMavenProject;
+		this.ruleSet = ruleSet;
+	}
+
+	public String getCommitId() {
+		return commitId;
+	}
+
+	public void setCommitId(String commitId) {
+		this.commitId = commitId;
+	}
+
+	public Ruleset[] getRuleSet() {
+		return ruleSet;
+	}
+
+	public void setRuleSet(Ruleset[] ruleSet) {
+		this.ruleSet = ruleSet;
+	}
+
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public String getProjectPath() {
+		return projectPath;
+	}
+
+	public void setProjectPath(String projectPath) {
+		this.projectPath = projectPath;
+	}
+
+	public String getGitUrl() {
+		return gitUrl;
+	}
+
+	public void setGitUrl(String gitUrl) {
+		this.gitUrl = gitUrl;
+	}
+
+	public String getSootClassPath() {
+		return sootClassPath;
+	}
+
+	public void setSootClassPath(String sootClassPath) {
+		this.sootClassPath = sootClassPath;
+	}
+
+	public boolean getIsMavenProject() {
+		return isMavenProject;
+	}
+
+	public void setIsMavenProject(boolean isMavenProject) {
+		this.isMavenProject = isMavenProject;
+	}
+
+}
diff --git a/CryptoAnalysis/src/test/java/tests/performance/GoogleSpreadsheetWriter.java b/CryptoAnalysis/src/test/java/tests/performance/GoogleSpreadsheetWriter.java
@@ -0,0 +1,120 @@
+package tests.performance;
+
+import java.io.IOException;
+import java.io.StringReader;
+import java.security.GeneralSecurityException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import com.google.api.client.auth.oauth2.Credential;
+import com.google.api.client.extensions.java6.auth.oauth2.AuthorizationCodeInstalledApp;
+import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver;
+import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow;
+import com.google.api.client.googleapis.auth.oauth2.GoogleClientSecrets;
+import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
+import com.google.api.client.googleapis.json.GoogleJsonResponseException;
+import com.google.api.client.http.javanet.NetHttpTransport;
+import com.google.api.client.json.JsonFactory;
+import com.google.api.client.json.jackson2.JacksonFactory;
+import com.google.api.client.util.Lists;
+import com.google.api.client.util.store.FileDataStoreFactory;
+import com.google.api.services.sheets.v4.Sheets;
+import com.google.api.services.sheets.v4.SheetsScopes;
+import com.google.api.services.sheets.v4.model.AddSheetRequest;
+import com.google.api.services.sheets.v4.model.BatchUpdateSpreadsheetRequest;
+import com.google.api.services.sheets.v4.model.Request;
+import com.google.api.services.sheets.v4.model.SheetProperties;
+import com.google.api.services.sheets.v4.model.ValueRange;
+
+public class GoogleSpreadsheetWriter {
+
+	private static final String APPLICATION_NAME = "CryptoAnalysis-Performance";
+	private static final String SPREADSHEET_ID = "1NrfiAUsPYNXYsE05nSimu7JFAO5LXOpSQXtv_8lA8LM"; 
+	private static final JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance();
+	private static final String TOKENS_DIRECTORY_PATH = "tokens";
+
+	/**
+	 * Global instance of the scopes required by this quickstart.
+	 * If modifying these scopes, delete your previously saved tokens/ folder.
+	 */
+	private static final List<String> SCOPES = Collections.singletonList(SheetsScopes.SPREADSHEETS);
+
+	/**
+	 * Creates an authorized Credential object.
+	 * @param HTTP_TRANSPORT The network HTTP Transport.
+	 * @return An authorized Credential object.
+	 * @throws IOException If the credentials.json file cannot be found.
+	 */
+	private static Credential getCredentials(final NetHttpTransport HTTP_TRANSPORT, String credentials) throws IOException {
+		// Load client secrets.
+		GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(JSON_FACTORY, new StringReader(credentials));
+
+		// Build flow and trigger user authorization request.
+		GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
+				HTTP_TRANSPORT, JSON_FACTORY, clientSecrets, SCOPES)
+				.setDataStoreFactory(new FileDataStoreFactory(new java.io.File(TOKENS_DIRECTORY_PATH)))
+				.setAccessType("offline")
+				.build();
+		LocalServerReceiver receiver = new LocalServerReceiver.Builder().setPort(8888).build();
+		return new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");
+	}
+
+	private static boolean addSheet(String projectName, String credentials) throws GoogleJsonResponseException {
+		Sheets service;
+		boolean sheetAdded = true;
+		try {
+			service = getService(credentials);
+			AddSheetRequest addSheet = new AddSheetRequest();
+			addSheet.setProperties(new SheetProperties().setTitle(projectName));
+			List<Request> requests = new ArrayList<>(); 
+			requests.add(new Request().setAddSheet(addSheet));
+			BatchUpdateSpreadsheetRequest requestBody = new BatchUpdateSpreadsheetRequest();
+			requestBody.setRequests(requests);
+			service.spreadsheets().batchUpdate(SPREADSHEET_ID, requestBody).execute();
+		} catch (GoogleJsonResponseException e) {
+			if (e.getMessage().contains("Invalid requests[0].addSheet"))
+				sheetAdded = false;
+			else
+				e.printStackTrace();
+		} catch (IOException | GeneralSecurityException e) {
+			e.printStackTrace();
+			return sheetAdded;
+		}
+		return sheetAdded;
+	}
+
+	private static void addHeaders(List<Object> headers, String projectName, String projectUrl, String credentials) throws IOException, GeneralSecurityException {
+		Sheets service = getService(credentials);
+		ValueRange metricNames = new ValueRange().setValues(Arrays.asList(headers));
+		ValueRange projectDetails = new ValueRange().setValues(Arrays.asList(Arrays.asList(new String[] {projectName, projectUrl})));
+		service.spreadsheets().values().append(SPREADSHEET_ID, projectName, projectDetails).setValueInputOption("USER_ENTERED")
+		.execute();
+		service.spreadsheets().values().append(SPREADSHEET_ID, projectName, metricNames).setValueInputOption("USER_ENTERED")
+		.execute();
+	}
+
+	public static void createSheet(String projectName, String projectUrl, List<Object> headers, String credentials) throws IOException, GeneralSecurityException {
+		if (addSheet(projectName, credentials)) {
+			addHeaders(headers, projectName, projectUrl, credentials);
+		}
+	}
+
+	public static void write(List<Object> data, String projectName, String credentials) throws IOException, GeneralSecurityException  {
+		Sheets service = getService(credentials);
+		ArrayList<List<Object>> rows = Lists.newArrayList();
+		rows.add(data);
+		ValueRange body = new ValueRange().setValues(rows);
+		service.spreadsheets().values().append(SPREADSHEET_ID, projectName, body).setValueInputOption("USER_ENTERED")
+		.execute();
+	}
+
+	private static Sheets getService(String credentials) throws IOException, GeneralSecurityException {
+		// Build a new authorized API client service.
+		final NetHttpTransport HTTP_TRANSPORT = GoogleNetHttpTransport.newTrustedTransport();
+		Credential cred = getCredentials(HTTP_TRANSPORT, credentials);
+		return new Sheets.Builder(HTTP_TRANSPORT, JSON_FACTORY, cred)
+				.setApplicationName(APPLICATION_NAME).build();
+	}
+}