This PR implements native C/C++ support for the sonar-cryptography plugin using an ANTLR4-based architecture, addressing issue #374.

[Ndugu2]

Key Changes:

• C++ Migration: Moved from the old architecture to a native ANTLR4 parser for C++ code.
• OpenSSL Support: Added detection rules for OpenSSL EVP ciphers and implemented a mapper for OpenSSL algorithm strings.
• Python Polish: Fixed several null-safety and type-safety warnings in the Python detection engine.
• Multi-module integration: Successfully wired the cxx module into the main plugin build.

Fixes #374

[san-zrl]

Hi @Ndugu2 - Thank you for you interest in CBOMkit and your contribution. Perhaps you noted that we have PR #377 that provides language support for C/C++ baed on Sonar (similarly to the language support for Java, Python and Go). We are actively working on merging this PR into CBOMkit in response to issue #374. Your PR would duplicate our efforts for C/C++ support.

[n1ckl0sk0rtge]

Thanks for the contribution, but this PR has some structural issues that make it hard to review or merge as-is. I'm closing it and would ask you to reopen as smaller, focused PRs. High-level points:

1. Vendored Maven distribution committed. maven_fast/apache-maven-3.9.6/ contains an entire local Maven install — JARs, Windows DLLs, license texts, shell scripts. This should not be in the repo; please remove it and add it to .gitignore.

2. Stray C# ANTLR parser. Under engine/src/main/java/com/ibm/engine/language/csharp/antlr/ there are ~40k lines of C# lexer/parser/visitor/listener files (CSharpParser.java alone is 28,349 lines). The PR is about C/C++ support — there's no mention of C# in the description. This looks like accidentally committed scaffolding and should be removed.

3. Token files in the wrong location. engine/src/main/java/CSharpLexer.tokens and CSharpParser.tokens sit at the root of src/main/java/, outside any package. These are build artifacts and shouldn't be committed.

4. Generated ANTLR sources committed. Both the .g4 grammars and the generated CPP14Parser.java (21,735 lines), CPP14Lexer.java, base listeners/visitors are committed (~33k lines of generated code). Please commit only the .g4 grammar and configure antlr4-maven-plugin to generate the Java sources at build time.

5. Mixing concerns. This PR bundles at least four unrelated changes:

• C++ ANTLR-based support (the stated feature)
• OpenSSL detection rules + OsslCipherMapper
• Python null-safety/type-safety cleanup (PythonDetectionEngine, PythonLanguageTranslation, PythonSemantic)
• The accidental C# parser

Each should be its own PR so they can be reviewed independently.

6. engine/pom.xml has -21/+0. 21 lines removed, nothing added. Please verify this didn't drop a build plugin other modules rely on.

7. PR is from main → main. Your fork's head branch is main, which makes follow-up work and parallel PRs awkward. Please use a dedicated feature branch.

8. PR title. The title is a full sentence; please shorten it and move the detail to the body.

Suggested follow-up

Please open separate PRs from feature branches for:

1. C++ engine + ANTLR grammar plumbing (with generated sources excluded from git)
2. OpenSSL detection rules + mapper
3. Python null/type-safety cleanup

Looking forward to the cleaned-up versions.