Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.
This commit is contained in:
master
@@ -0,0 +1,21 @@
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace StellaOps.Cryptography;
|
||||
|
||||
/// <summary>
|
||||
/// Describes key material surfaced by crypto providers for diagnostics.
|
||||
/// </summary>
|
||||
public sealed record CryptoProviderKeyDescriptor(
|
||||
string Provider,
|
||||
string KeyId,
|
||||
string AlgorithmId,
|
||||
IReadOnlyDictionary<string, string?> Metadata);
|
||||
|
||||
/// <summary>
|
||||
/// Optional interface for providers that can expose key metadata without revealing private material.
|
||||
/// </summary>
|
||||
public interface ICryptoProviderDiagnostics
|
||||
{
|
||||
IEnumerable<CryptoProviderKeyDescriptor> DescribeKeys();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user