Commit 70c607bb authored by Paff's avatar Paff
Browse files

new analysis

parent 9d00e4c1
package secarc.ets.analysis.filter;
import interfaces2.resolvers.AmbigousException;
import mc.IErrorCode;
import mc.umlp.arcd._ast.ASTArcPort;
import secarc.error.MontiSecArcAnalysisErrorCodes;
import secarc.ets.analysis.checker.Analysis;
import secarc.ets.analysis.checker.AnalysisHelper;
import secarc.ets.analysis.checker.ISecAnalysisPortChecker;
import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.entries.SecPortEntry;
import secarc.ets.graph.ArchitectureGraph;
public class AvoidInputString extends Analysis implements
ISecAnalysisPortChecker {
public AvoidInputString() {
super(MontiSecArcAnalysisConstants.AVOID_INPUT_STRING);
}
@Override
public void check(ASTArcPort node, SecPortEntry entry,
ArchitectureGraph graph) throws AmbigousException {
if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node), getNameSpaceFor(node.getMainParent()))
&& entry.getTypeReference().getExtendedName().equals("java.lang.String")) {
addReport("The input port " + entry.getName() + " has the type " + entry.getTypeReference() + ". This type is not specific enough.", node.get_SourcePositionStart());
}
}
@Override
public IErrorCode getErrorCode() {
return MontiSecArcAnalysisErrorCodes.AvoidInputString;
}
}
package secarc.ets.analysis.identity;
import mc.IErrorCode;
import interfaces2.coco.ContextCondition;
import interfaces2.namespaces.NameSpace;
import interfaces2.resolvers.AmbigousException;
import secarc._ast.ASTSecArcIdentity;
import secarc.error.MontiSecArcAnalysisErrorCodes;
import secarc.ets.check.CoCoHelper;
import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.cocos.checkers.ISecIdentityChecker;
import secarc.ets.entries.IdentityEntry;
import secarc.ets.entries.SecComponentEntry;
/**
* Check if the trustlevel for the client is lower then the trustlevel for the server
*
* <br>
* <br>
* Copyright (c) 2011 RWTH Aachen. All rights reserved
*
* @author (last commit) $Author$
* @version $Date$<br>
* $Revision$
*
*/
public class TrustlevelClientServer extends ContextCondition implements ISecIdentityChecker {
public TrustlevelClientServer() {
super(MontiSecArcAnalysisConstants.TRUSTLEVEL_CLIENT_SERVER_IDENTITY);
}
/*
* (non-Javadoc)
* @see secarc.ets.cocos.checkers.ISecIdentityChecker#check(secarc._ast.ASTSecArcIdentity, secarc.ets.entries.IdentityEntry)
*/
@Override
public void check(ASTSecArcIdentity node, IdentityEntry entry) throws AmbigousException {
String refSource = entry.getSource();
String refTarget = entry.getTarget();
SecComponentEntry sourceComp = null;
SecComponentEntry targetComp = null;
sourceComp = CoCoHelper.getSecComponentEntry(refSource, node, getNameSpaceFor(node), this);
NameSpace np = getNameSpaceFor(node).getParent();
// Searching for right namespace of target
while (np != null) {
targetComp = CoCoHelper.getSecComponentEntry(refTarget, node, np, this);
if (targetComp != null) {
break;
}
np = np.getParent();
}
//Existence is checked in other coco
if(sourceComp != null && targetComp != null &&
//Trustlevel existence is checked in other coco
sourceComp.getTrustlevel().isPresent() && targetComp.getTrustlevel().isPresent()) {
//Is the Trustelevel of the target higher then the trustlevel of the source
if(sourceComp.getTrustlevel().get().getValue() >= targetComp.getTrustlevel().get().getValue()) {
addReport("The trustlevel of the server " + refTarget + " should be higher than the trustlevel of the client " + refSource + ".", node.get_SourcePositionStart());
}
}
}
/*
* (non-Javadoc)
* @see interfaces2.coco.ContextCondition#getErrorCode()
*/
@Override
public IErrorCode getErrorCode() {
return MontiSecArcAnalysisErrorCodes.TrustlevelClientServerIdentity;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment