Scanning

QSE Usage

import { Tabs, TabItem } from ‘@astrojs/starlight/components’;

Scanning in VSCode

:::note[Useful Links]

Initiating scans as described here

:::

Kicking off the scan and seeing results

Let’s scan the code base for the cli for QSE

In our example, we’ve created a directory called QSE and extracted all the installation elements of QSE.

Scanning1

Open that directory in VSCode.

cd QSE

code .

Scanning2

On VSCode, open a new terminal in the code window. This can be done with the following key combo: Ctrl-Shift-Backtick(`)

Scanning3

In windows this will open a powershell terminal

Press Ctlr-Shift-P to open the Command Palette and search for Quantum Safe Explorer. Select Quantum Safe Explorer Scan.

Scanning4

The following notification should pop up

Scanning5

Let it scan until it completes.

When the scan completes, you should see the following directories show up in the Explorer window of VSCode

Scanning6

We should now see the QUANTUM SAFE EXPLORER DASHBOARD populated with some graphs and charts.

Scanning7

Executing the IBM Quantum Safe Explorer CLI

Make sure that Git Bash is installed and use a Git Bash terminal window for the instructions below.

Change directory to M0GT6EN where ever you had it extracted and run the following command:

/usr/bin/sed -i 's/^RSP_LICENSE_ACCEPTED=.*/RSP_LICENSE_ACCEPTED=true/' LicenseAcceptance.config

To make sure you have the correct permissions to run the shell script first run:

chmod +x cli.sh

Next, run the following help command

./cli.sh -h 

Note:

The run will also point out that you have already accepted the licensing agreement.

Before you officially perform the script run, it is helpful to know the list of required parameters:

QSEmacos1

As well as the optional parameters:

QSEmacos2

You initiate a scan using the required program package path. The command can be run for single or multiple languages. Here is an example:

/cli.sh -i <package-path> -clean -nmo -ccdir resource:class-catalog -l .java

Note:

If you are scanning more than one language, then the command needs to be run in double quotation marks. Use the Help command by running ./cli.sh -h for more details on the various parameters.

Here is an example of a completed scan with a specified program package path:

$ ./cli.sh -i ~/Virtualenvs/java-projects -clean -nmo -ccdir resource:class-catalog -l .java
License Agreement have been already completed.
canonical pathname >> /Users/gerald.trotmanibm.com/Virtualenvs/java-projects
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
build_class_catalog  : 
class-catalogs_directory : resource:class-catalog
clear_results        : 
dart_class_catalog   : ../quantum-safe-sca-tng/class-catalog/dart-class-catalog.json
data_analytics       : false
data_mine_class_catalog : 
enable_detail_log    : 
exact_match          : true
input_folder         : /Users/gerald.trotmanibm.com/Virtualenvs/java-projects
internal_utility     : 
java_class_catalog   : ../quantum-safe-sca-tng/class-catalog/java-class-catalog.json
language_list        : .java
library_usage        : 
name_matching_only   : 
output_folder        : /Users/gerald.trotmanibm.com/Virtualenvs/java-projects/qs_scan_result
path_exclusion_filter : 
path_filter          : 
python_class_catalog : ../quantum-safe-sca-tng/class-catalog/python-class-catalog.json
regression_test      : 
single_steps         : multi-language-selection
source_filter        : 
tab_size             : 4
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Version 1.23.0.1065 -- Generated On Tue Jul 23 13:22:12 PDT 2024
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+                PARAMETERS SENT TO SCA AND ANALYTICS
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ error-log-file                          : qs_scan_result/log/multi-language-err.log
+ parameter-class-catalogs-directory      : resource:class-catalog
+ parameter-demo-mode                     : true
+ parameter-detail-results                : true
+ parameter-language-processing-list      : .java
+ parameter-library-selection             : pycrypto
+ parameter-path-exclusion-filter         : 
+ parameter-path-filter                   : 
+ parameter-run-single-step               : delete-project-root,crypto-name-matching-only,multi-language-selection
+ parameter-source-filter                 : 
+ parameter-source-filter-exact-match     : true
+ parameter-tab-size                      : 4
+ parameter-use-absolute-source-paths     : true
+ project-root                            : qs_scan_result
+ root                                    : /Users/gerald.trotmanibm.com/Virtualenvs/java-projects
+ run-log-file                            : qs_scan_result/log/multi-language.log
+ source-dart-class-catalog-json          : ../quantum-safe-sca-tng/class-catalog/dart-class-catalog.json
+ source-java-class-catalog-json          : ../quantum-safe-sca-tng/class-catalog/java-class-catalog.json
+ source-knowledge-base-db                : kb/cd_kb.db
+ source-python-class-catalog-json        : ../quantum-safe-sca-tng/class-catalog/python-class-catalog.json
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[23/07/2024 13:22:12.119] Setting Log File To           : /Users/gerald.trotmanibm.com/Virtualenvs/java-projects/qs_scan_result/log/multi-language.log
[23/07/2024 13:22:12.121] Setting Error File To         : /Users/gerald.trotmanibm.com/Virtualenvs/java-projects/qs_scan_result/log/multi-language-err.log
[23/07/2024 13:22:12.125] Running Task                  : com.ibm.quantumsafe.sca.lang.base.task.impl.LoadCryptoKBImpl
[23/07/2024 13:22:12.544] Running Task                  : com.ibm.quantumsafe.sca.lang.general.task.impl.DeleteProjectRootDirectoryImpl
[23/07/2024 13:22:12.573] Running Task                  : com.ibm.quantumsafe.sca.lang.general.task.impl.ClearScanResultsImpl
[23/07/2024 13:22:12.611] Running Task                  : com.ibm.quantumsafe.sca.lang.java.task.impl.JavaPreprocessImpl
[23/07/2024 13:22:12.639] Running Task                  : com.ibm.quantumsafe.sca.lang.java.task.impl.JavaTokenizeImpl
[23/07/2024 13:22:12.671] Running Task                  : com.ibm.quantumsafe.sca.reporting.task.impl.AddLineNumbersImpl
[23/07/2024 13:22:12.695] Running Task                  : com.ibm.quantumsafe.sca.lang.java.task.impl.JavaStructureImpl
[23/07/2024 13:22:12.732] Running Task                  : com.ibm.quantumsafe.sca.framework.common.BuildLocalClassCatalogImpl
[23/07/2024 13:22:13.191] Class Catalog Size            : 11010
[23/07/2024 13:22:15.175] Running Task                  : com.ibm.quantumsafe.sca.lang.java.task.impl.ExternalizeNestedCallsmpl
[23/07/2024 13:22:15.198] Running Task                  : com.ibm.quantumsafe.sca.framework.common.JavaBuildGraphModelImpl
[23/07/2024 13:22:15.234] Running Task                  : com.ibm.quantumsafe.sca.reporting.task.impl.BuildRcgSummaryAndCBOMFromModelImpl
[23/07/2024 13:22:15.253] Running Task                  : com.ibm.quantumsafe.sca.framework.common.AnalyzeClasssCatalogImpl
[23/07/2024 13:22:15.739] Running Task                  : com.ibm.quantumsafe.sca.reporting.task.impl.BuildDashboardFromFindings
[23/07/2024 13:22:15.745] Running Task                  : com.ibm.quantumsafe.sca.lang.general.task.impl.SendScanResultsImpl
[23/07/2024 13:22:15.756] Running Task                  : com.ibm.quantumsafe.sca.framework.common.impl.ProfileProcessImpl

Note: When scanning large applications (e.g., more than 500,000 lines of code) on macOS systems, IBM Quantum Safe Explorer consumes a large amount of disk space. It is advised to archive and clear the results folder and to reboot the machine before initiating a scan on another application.

Accessing the IBM Quantum Safe Explorer CLI scan results

The results of your scan are written to a findings.json file and can be found nested within your project path. It resemble the following:

/<package-path>/qs_scan_result/scan-results/

The file is quite verbose. Here’s a snippet of the result:

Accessing1

Viewing the CLI scan results in the IBM Quantum Safe Explorer Visual Studio Code Extension

Opening the scanned folder

As of IBM Quantum Safe Explorer 1.0.1 release, you can now view the CLI scan results in Visual Studio Code.

When you execute a scan, a qs_explorer_result folder is generated along with the qs_scan_result folder.

Opening1

Note: To view the results, you need to have the Visual Studio Code extension installed on your system.

Navigate to the File menu drop down, select the Open Folder to locate your /<package-path> folder:

Opening2

Once you have found your /<package-path> simply open it to populate the project in the Visual Studio Code Explorer view:

Opening3

To populate the SCAN RESULTS, we must first navigate to the QUANTUM SAFE EXPLORER tab. This then populates the SCAN RESULTS menu. That menu drop down then brings you to the Crypto Artifacts. For example:

Opening4

To view the results dashboard, you simply toggle to the QUANTUM SAFE EXPLORER DASHBOARD tab and click the + symbol on the right hand side to expand the view:

Opening5

This should then expose the dashboard as shown below:

Opening6