Commit 0452ec42 authored by Paff's avatar Paff
Browse files

change in analysishelper for path beginning

analysis enryptedpathcontinues unencrypted
parent 60fa678e
/**
* Generated on Mon Oct 20 17:02:36 CEST 2014
* Generated on Tue Oct 21 13:59:39 CEST 2014
*/
config {
Require-Model:
......
/**
* Generated on Mon Oct 20 17:02:55 CEST 2014
* Generated on Tue Oct 21 13:59:58 CEST 2014
*/
config {
Require-Model:
......
......@@ -131,4 +131,9 @@ public enum MontiSecArcAnalysisErrorCodes implements IErrorCode {
*/
ListThirdPartyComponents,
/**
* The encrypted path continues unencrypted. Checks which component can read the data
*/
EncryptedPathContinuesUnencrypted
}
......@@ -25,21 +25,21 @@ public final class AnalysisHelper {
* @return
* @throws AmbigousException
*/
public static boolean isPortBenningOfPath(ASTArcPort node, Resolver resolver, NameSpace np, NameSpace npParent) throws AmbigousException {
public static ConnectorEntry isPortBenningOfPath(ASTArcPort node, Resolver resolver, NameSpace np, NameSpace npParent) throws AmbigousException {
//Checks if the port is the beginning of an connections
//Checks in current component
ConnectorEntry connectEntry = (ConnectorEntry) resolver.resolve(node.getName(), ConnectorEntry.KIND, np);
if(connectEntry != null) {
return false;
}
return connectEntry;
}
//Checks in parent component
String qualifiedNamePort = getQualifiedName(node);
if(node.getMainParent() != null) {
connectEntry = (ConnectorEntry) resolver.resolve(qualifiedNamePort, ConnectorEntry.KIND, np);
if(connectEntry != null) {
return false;
}
return connectEntry;
}
if(node.getMainParent().getMainParent() != null) {
//Checks in in all subcomponents of the parent component
......@@ -48,7 +48,7 @@ public final class AnalysisHelper {
for(SubComponentEntry subcomponent : componentParent.getSubComponents()) {
for(ConnectorEntry connector : subcomponent.getComponentType().getConnectors()) {
if(connector.getName().equals(qualifiedNamePort)) {
return false;
return connector;
}
}
}
......@@ -56,7 +56,7 @@ public final class AnalysisHelper {
}
}
return true;
return null;
}
/**
......
package secarc.ets.analysis.connect;
import org.jgrapht.traverse.DepthFirstIterator;
import org.jgrapht.traverse.GraphIterator;
import interfaces2.STEntry;
import interfaces2.resolvers.AmbigousException;
import mc.IErrorCode;
import mc.umlp.arcd._ast.ASTArcPort;
import mc.umlp.arcd.ets.entries.ConnectorEntry;
import mc.umlp.arcd.ets.entries.PortEntry;
import secarc.error.MontiSecArcAnalysisErrorCodes;
import secarc.ets.analysis.checker.Analysis;
import secarc.ets.analysis.checker.AnalysisHelper;
import secarc.ets.analysis.checker.ISecAnalysisPortChecker;
import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.entries.SecConnectorEntry;
import secarc.ets.entries.SecPortEntry;
import secarc.ets.graph.ArchitectureGraph;
import secarc.ets.graph.Edge;
import secarc.ets.graph.Vertex;
public class EncryptedPathContinuesUnencrypted extends Analysis implements
ISecAnalysisPortChecker {
public EncryptedPathContinuesUnencrypted() {
super(MontiSecArcAnalysisConstants.ENCRYPTED_PATH_CONTINUES_UNENCRYPTED);
}
@Override
public void check(ASTArcPort node, SecPortEntry entry,
ArchitectureGraph graph) throws AmbigousException {
//Checks if the port is a target of an encrypted connection
ConnectorEntry connectorEntry = AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node), getNameSpaceFor(node.getMainParent()));
//No encryption before
if(connectorEntry == null || ((SecConnectorEntry) connectorEntry).isUnencrypted()) {
return;
}
Vertex<PortEntry> portVertex = Vertex.of(entry);
//Look for paths with port as beginning
GraphIterator<Vertex<? extends STEntry>, Edge> iterator = new DepthFirstIterator<Vertex<? extends STEntry>, Edge>(graph.getRawGraph(), portVertex);
//First element is not needed
iterator.next();
//Unencrypted path starts
boolean unencryptedEnds = false;
//output allowed
boolean outputAllowed = false;
STEntry element = null;
int count = 0;
//Build Message
StringBuilder sbuilder = new StringBuilder("The port " + entry.getName() + " is the end of an unencrypted path. The path continues unencrypted: ");
//Run over paths
while(iterator.hasNext()) {
//Next element from graph
element = iterator.next().getArchitectureElement();
//Next path
if(element.equals(entry) || !iterator.hasNext()) {
unencryptedEnds = false;
sbuilder.append(", ");
count = 0;
}
//Continues unencrypted
if(element instanceof ConnectorEntry && ((SecConnectorEntry) element).isUnencrypted() && !unencryptedEnds) {
if(count > 0) {
sbuilder.append(" -> ");
}
sbuilder.append(element);
outputAllowed = true;
count++;
} else if(element instanceof ConnectorEntry && ((SecConnectorEntry) element).isEncrypted()) {
//Continues encrypted
unencryptedEnds = true;
}
}
if(outputAllowed) {
addReport(sbuilder.toString(), node.get_SourcePositionStart());
}
}
@Override
public IErrorCode getErrorCode() {
return MontiSecArcAnalysisErrorCodes.EncryptedPathContinuesUnencrypted;
}
}
......@@ -53,7 +53,7 @@ public class EncryptedPathWithUnencryptedPart extends Analysis
public void check(ASTArcPort node, SecPortEntry entry, ArchitectureGraph graph) throws AmbigousException{
//Checks if the path starts with this port
if(!AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node.getMainParent()), getNameSpaceFor(node.getMainParent().getMainParent()))) {
if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node.getMainParent()), getNameSpaceFor(node.getMainParent().getMainParent())) != null) {
return;
}
......
......@@ -21,7 +21,7 @@ public class AvoidInputString extends Analysis implements
@Override
public void check(ASTArcPort node, SecPortEntry entry,
ArchitectureGraph graph) throws AmbigousException {
if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node), getNameSpaceFor(node.getMainParent()))
if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node), getNameSpaceFor(node.getMainParent())) != null
&& entry.getTypeReference().getExtendedName().equals("java.lang.String")) {
addReport("The input port " + entry.getName() + " has the type " + entry.getTypeReference() + ". This type is not specific enough.", node.get_SourcePositionStart());
}
......
......@@ -60,7 +60,7 @@ public class EncryptedPathEndInLowTrustlevel extends Analysis implements
public void check(ASTArcPort node, SecPortEntry entry,
ArchitectureGraph graph) throws AmbigousException {
if(!AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node.getMainParent()), getNameSpaceFor(node.getMainParent().getMainParent()))) {
if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node.getMainParent()), getNameSpaceFor(node.getMainParent().getMainParent())) != null) {
return;
}
......
......@@ -34,7 +34,7 @@ public class TaintPropergation extends ContextCondition implements
public void check(ASTArcPort node, SecPortEntry entry,
ArchitectureGraph graph) throws AmbigousException {
if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node), getNameSpaceFor(node.getMainParent()))) {
if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node), getNameSpaceFor(node.getMainParent())) == null) {
addReport("The input port " + entry.getName() + " has the type " + entry.getTypeReference() + ".", node.get_SourcePositionStart());
}
}
......
......@@ -30,6 +30,8 @@ public final class MontiSecArcAnalysisConstants {
public static final String UNENCRYPTED_CONNECTOR_THROUGH_LOW_TRUSTLEVEL = "Checks if an unencrypted connector is embedded in a component with a low trustlevel.";
public static final String ENCRYPTED_PATH_CONTINUES_UNENCRYPTED = "Checks if an encrypted path continues unencrypted and lists which components can read the data.";
public static final String TRUSTLEVEL_PATH_HIGHER_THAN_ENVIRONMENT = "Checks if the trustlevels of an encrypted path should be higher than the trustlevel of the environment.";
public static final String ALL_FILTER_ANALYSIS = "Checks all analysis related to filters.";
......
......@@ -8,6 +8,7 @@ import java.util.Map;
import secarc.ets.analysis.component.ListThirdPartyComponents;
import secarc.ets.analysis.configuration.ReviewedConfiguration;
import secarc.ets.analysis.connect.EncryptedPathContinuesUnencrypted;
import secarc.ets.analysis.connect.EncryptedPathWithUnencryptedPart;
import secarc.ets.analysis.connect.UnencryptedConnectorThroughLowTurstlevel;
import secarc.ets.analysis.filter.AvoidInputString;
......@@ -107,9 +108,6 @@ public final class MontiSecArcAnalysisCreator {
//Analysis for connetors
CompositeContextCondition connectorAnalysis = new CompositeContextCondition(MontiSecArcAnalysisConstants.ALL_ENCRYPTED_CONNECT);
//List all encrypted connectors
// connectorAnalysis.addChild(new ListEncryptedData());
//Find all path from a port which has at least one encrypted connection
connectorAnalysis.addChild(new EncryptedPathWithUnencryptedPart());
......@@ -122,6 +120,9 @@ public final class MontiSecArcAnalysisCreator {
//Trustlevel of environment higher than encrypted path
connectorAnalysis.addChild(new TrustlevelPathHigherThanEnvironment());
//An encrypted path continues unencrypted
connectorAnalysis.addChild(new EncryptedPathContinuesUnencrypted());
//Analysis for filters
CompositeContextCondition filterAnalysis = new CompositeContextCondition(MontiSecArcAnalysisConstants.ALL_FILTER_ANALYSIS);
......
......@@ -75,7 +75,7 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
tool.init();
assertTrue(tool.run());
assertEquals(6, handler.getWarnings().size());
assertEquals(7, handler.getWarnings().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment