fix(csharp): implement translators for SignatureContext, PRNGContext, and ProtocolContext#422
Conversation
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds .NET (C#) context translation support for PRNG, protocol, and signature detections and wires these translators into the main C# translation pipeline.
Changes:
- Introduced context translators for PRNG, Protocol, and Signature contexts in the C# plugin.
- Updated
CSharpTranslatorto delegate to the new translators instead of returningOptional.empty(). - Added JUnit tests covering the new translators’ basic mappings and unknown-value behavior.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| csharp/src/main/java/com/ibm/plugin/translation/translator/CSharpTranslator.java | Routes PRNG/Signature/Protocol contexts to dedicated translators. |
| csharp/src/main/java/com/ibm/plugin/translation/translator/contexts/CSharpPRNGContextTranslator.java | Adds PRNG context translation for common .NET RNG types. |
| csharp/src/main/java/com/ibm/plugin/translation/translator/contexts/CSharpProtocolContextTranslator.java | Adds protocol translation (TLS + generic fallback). |
| csharp/src/main/java/com/ibm/plugin/translation/translator/contexts/CSharpSignatureContextTranslator.java | Adds signature algorithm/action translation (RSA/ECDSA/DSA + Sign/Verify). |
| csharp/src/test/java/com/ibm/plugin/translation/translator/contexts/CSharpPRNGContextTranslatorTest.java | Tests PRNG mappings + unknown value. |
| csharp/src/test/java/com/ibm/plugin/translation/translator/contexts/CSharpProtocolContextTranslatorTest.java | Tests TLS mapping + generic protocol fallback. |
| csharp/src/test/java/com/ibm/plugin/translation/translator/contexts/CSharpSignatureContextTranslatorTest.java | Tests signature algorithm/action mappings + unknown value. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| assertThat(node.getKind()).isEqualTo(Signature.class); | ||
| assertThat(node.getKind()).isEqualTo(Sign.class); |
| @Nonnull DetectionLocation detectionLocation) { | ||
|
|
||
| if (value instanceof ValueAction<?>) { | ||
| String valueStr = value.asString().toUpperCase().trim(); |
| @Nonnull DetectionLocation detectionLocation) { | ||
|
|
||
| if (value instanceof ValueAction<?> valueAction) { | ||
| String valueStr = valueAction.asString().toUpperCase().trim(); |
| @Nonnull DetectionLocation detectionLocation) { | ||
|
|
||
| if (value instanceof ValueAction<?>) { | ||
| String valueStr = value.asString().toUpperCase().trim(); |
| if (detectionValueContext.is(PRNGContext.class)) { | ||
| return new CSharpPRNGContextTranslator() | ||
| .translate(bundleIdentifier, value, detectionValueContext, detectionLocation); | ||
| } | ||
|
|
||
| if (detectionValueContext.is(SignatureContext.class)) { | ||
| return new CSharpSignatureContextTranslator() | ||
| .translate(bundleIdentifier, value, detectionValueContext, detectionLocation); | ||
| } | ||
|
|
||
| if (detectionValueContext.is(ProtocolContext.class)) { | ||
| return new CSharpProtocolContextTranslator() | ||
| .translate(bundleIdentifier, value, detectionValueContext, detectionLocation); | ||
| } |
… and ProtocolContext Previously, CSharpTranslator returned Optional.empty() for SignatureContext, PRNGContext, and ProtocolContext, causing detected crypto assets (RSA signing, ECDSA, random number generation, TLS protocols) to be silently discarded from CBOM output. This commit adds three new context translators: - CSharpSignatureContextTranslator: maps RSA, ECDSA, DSA to signature nodes - CSharpPRNGContextTranslator: maps .NET random generators to PRNG nodes - CSharpProtocolContextTranslator: maps TLS and generic protocols to protocol nodes Also adds corresponding unit tests for each translator. Fixes silent data loss in C# crypto detection pipeline. Signed-off-by: pranjal2004838 <pranjaljha58@gmail.com>
pranjal2004838
force-pushed
the
fix/csharp-translator-signature-prng-protocol
branch
from
b3c323b to
aad9370
Compare
|
Hi @pranjal2004838,
I believe this won't compile.
Sign passes Sign.class to its super constructor, so getKind() returns Sign.class. Both can't be true at the same time if im not wrong. Did you run mvn test -pl csharp against these tests? I'd expect them to fail at build time. Aside from that, I want to flag some important context for this whole area: I've temporarily excluded the C# module from main due to licensing issues with the ANTLR parser files that were included in the initial draft. I'll be writing a clean ANTLR grammar for C# from scratch, and once that's in place I also need to add more detection rules covering System.Security.Cryptography properly before the translation layer makes sense to extend. Given that, I'd ask everyone to please hold off on C# enhancements for now and reach out to me first before putting work into this area. With the number of PRs coming in at the moment it's getting hard to keep track, and I'd hate for anyone to invest time in something that will conflict with the rewrite. Happy to coordinate once the grammar and detection rule foundation is solid. |
|
Great no issues, ill rather open it as an issue, if in future, the licensise problem of C# is resolved, do let me know, ill add these too. Regards |
This PR completes the C# translation layer for cryptographic contexts that were left unimplemented in the initial C# support draft (PR #376, April 6, 2026).
Previously, CSharpTranslator returned Optional.empty() for SignatureContext, PRNGContext, and ProtocolContext, causing detected crypto assets (RSA signing, ECDSA, random number generation, TLS protocols) to be silently discarded from CBOM output.
Changes:
Fixes silent data loss in C# crypto detection pipeline.