CrySL is a domain-specific language that allows to specify the correct usage of APIs. Example specifications for the JavaCryptographicArchitecture (JCA), BouncyCastle and Tink can be found here.
CrySL uses Maven as build tool. You can install this project via
mvn clean install -DskipTests
Installing requires at least Java 17 and Maven 3.9.0.
We implemented a parser that reads a set of .crysl files and parses them into Java objects. Include the following dependency in your project (replace x.y.z with the latest version):
<dependency>
<groupId>de.darmstadt.tu.crossing.CrySL</groupId>
<artifactId>CrySLParser</artifactId>
<version>x.y.z</version>
</dependency>In your program, you can import the crysl.CrySLParser and read a set of .crysl files from a directory or a .zip file:
CrySLParser parser = new CrySLParser();
Collection<CrySLRule> rules = parser.parseRulesFromPath("path/to/directory_or_zip_file");
System.out.println("Found " + rules.size() + " rules for classes:");
for (CrySLRule rule : rules) {
System.out.println(rule.getClassName());
}Paper: https://ieeexplore.ieee.org/document/8880510
More information can be found under the following link.