Commit 74aaf16c authored by Paff's avatar Paff
Browse files

comments

bug fixes
parent d03180e1
......@@ -75,15 +75,24 @@ public final class MontiSecArcAnalysis extends MontiSecArc {
//Transformation-Workflow before coco checks (can be called by "preCheckTransformation" on the command line)
addExecutionUnit("preCheckTransformation", new PreCoCoCheckMontiSecArcTransformationWorkflow<MontiSecArcRoot>(LANGUAGE_ROOT));
//Workflow for analysis
this.addAnalysisWorkflow(analysisConfPath, analysisParameter);
//Workflow for analysis with trustlevel
this.addTrustlevelWhatIfWorkflow(analysisParameter, analysisConfPath);
this.addCriticalPortWhatIfWorkflow(analysisParameter, analysisConfPath);
//Workflow for analysis with critical ports
this.addCriticalPortWhatIfWorkflow(analysisConfPath);
}
/**
* Adds analysis workflow
*
* @param analysisConfPath Configuration file path
* @param analysisParameter Referenced components for what if analysis
*/
private void addAnalysisWorkflow(String analysisConfPath, List<String> analysisParameter) {
//Workflow for Analysis
//Workflow for Analysis
MontiSecArcAnalysisWorkflow<MontiSecArcRoot> analysisWorkflow = new MontiSecArcAnalysisWorkflow<MontiSecArcRoot>(LANGUAGE_ROOT);
//AnalysisCreator
analysisWorkflow.setAnalysis(MontiSecArcAnalysisCreator.createAnalysis(analysisConfPath));
......@@ -101,7 +110,12 @@ public final class MontiSecArcAnalysis extends MontiSecArc {
addExecutionUnit(MontiSecArcConstants.ANALYSIS_WORKFLOW_ADVANCED, analysisWorkflow);
}
private void addCriticalPortWhatIfWorkflow(List<String> analysisParameter, String analysisConfPath) {
/**
* Adds what if workflow for critical ports
*
* @param analysisConfPath Configuration file path
*/
private void addCriticalPortWhatIfWorkflow(String analysisConfPath) {
AnalysisCriticalPortTransformationWorkflow<MontiSecArcRoot> criticalPortTransformationWorkflow = new AnalysisCriticalPortTransformationWorkflow<MontiSecArcRoot>(
MontiSecArcRoot.class);
criticalPortTransformationWorkflow.setAdvanced(false);
......@@ -112,6 +126,12 @@ public final class MontiSecArcAnalysis extends MontiSecArc {
addExecutionUnit(MontiSecArcConstants.ANALYSIS_WORKFLOW_BEGINNERS_WHAT_IF_CRITICAL_PORT, criticalPortTransformationWorkflow);
}
/**
* Adds what if workflow for trustlevel
*
* @param analysisParameter Referenced components for what if analysis
* @param analysisConfPath Configuration file path
*/
private void addTrustlevelWhatIfWorkflow(List<String> analysisParameter, String analysisConfPath) {
AnalysisTrustlevelTransformationWorkflow<MontiSecArcRoot> trustlevelTransformationWorkflow = new AnalysisTrustlevelTransformationWorkflow<MontiSecArcRoot>(MontiSecArcRoot.class);
trustlevelTransformationWorkflow.setAnalysisParameter(analysisParameter);
......
......@@ -14,11 +14,6 @@ import mc.IErrorCode;
* $Revision$
*/
public enum MontiSecArcAnalysisErrorCodes implements IErrorCode {
/**
* Lists all encrypted connections
*/
ListEncryptedConnected,
/**
* Lists all filters
......@@ -75,11 +70,6 @@ public enum MontiSecArcAnalysisErrorCodes implements IErrorCode {
*/
DerivedRolesComponent,
/**
* Propergates the needed filter
*/
TaintPropergation,
/**
* Identity link is used with encryption
*/
......@@ -121,11 +111,6 @@ public enum MontiSecArcAnalysisErrorCodes implements IErrorCode {
*/
AvoidInputString,
/**
* The input must be filter again in a higher trustlevel
*/
RepeatFilteringInHigherTrustlevel,
/**
* Lists all third party components
*/
......
......@@ -20,9 +20,12 @@ import interfaces2.resolvers.AmbigousException;
public interface ISecAnalysisComponentChecker {
/**
* Checks analysis for components
*
* @param node
* @param entry
* @param node ast node to check
* @param entry entry of ast node
* @param advanced detailness of output
* @return factor of analysis
* @throws AmbigousException
*/
int check(ASTArcComponent node, SecComponentEntry entry, boolean advanced) throws AmbigousException;
......
......@@ -19,9 +19,12 @@ import secarc.ets.entries.ConfigurationEntry;
public interface ISecAnalysisConfigurationChecker {
/**
* Checks analysis of configuration
*
* @param node
* @param entry
* @param node ast node to check
* @param entry entry of ast node
* @param advanced detailness of output
* @return factor of analysis
*/
int check(ASTSecArcConfiguration node, ConfigurationEntry entry, boolean advanced);
......
......@@ -22,18 +22,26 @@ import interfaces2.resolvers.AmbigousException;
public interface ISecAnalysisConnectorChecker {
/**
* Checks analysis of connector
*
* @param node
* @param entry
* @param node ast node to check
* @param entry entry of ast node
* @param advanced detailness of output
* @param graph architecture graph with connectors as edge
* @return factor of analysis
* @throws AmbigousException
*/
int check(ASTArcConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
/**
* Checks analysis of simple connector
*
* @param node ast node to be checked
* @param entry entry related connector entry to be checked
* @throws AmbigousException
* @param node ast node to check
* @param entry entry of ast node
* @param advanced detailness of output
* @param graph architecture graph with connectors as edge
* @return factor of analysis
* @throws AmbigousException
*/
int check(ASTArcSimpleConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
......
......@@ -21,12 +21,15 @@ import secarc.ets.graph.ArchitectureGraph;
public interface ISecAnalysisFilterChecker {
/**
* Checks analysis of filter
*
* @param node
* @param entry
* @param graph
* @param node ast node to check
* @param entry entry of ast node
* @param advanced detailness of output
* @param graph architecture graph with connectors as edge
* @return factor of analysis
* @throws AmbigousException
*/
int check(ASTSecArcFilter node, FilterEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;;
int check(ASTSecArcFilter node, FilterEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
}
......@@ -21,10 +21,14 @@ import secarc.ets.graph.ArchitectureGraph;
public interface ISecAnalysisIdentityChecker {
/**
* Checks analysis of identity links
*
* @param node
* @param entry
* @param graph
* @param node ast node to check
* @param entry entry of ast node
* @param graphConnectorEdges graph with connectors as edges
* @param graphIdentityEdges graph with identity links as edges
* @param advanced detailness of output
* @return factor of analysis
* @throws AmbigousException
*/
int check(ASTSecArcIdentity node, IdentityEntry entry, ArchitectureGraph graphConnectorEdges, ArchitectureGraph graphIdentityEdges, boolean advanced) throws AmbigousException;
......
......@@ -19,8 +19,11 @@ import mc.umlp.arcd._ast.ASTMCCompilationUnit;
public interface ISecAnalysisParameterChecker {
/**
* Checks analysis for parameter
*
* @param parameter
* @param parameter Referenced component
* @param node ASTNode to check
* @throws AmbigousException
*/
void check(ASTMCCompilationUnit node, String parameter) throws AmbigousException;
......
......@@ -21,10 +21,13 @@ import mc.umlp.arcd._ast.ASTArcPort;
public interface ISecAnalysisPortChecker {
/**
* analysis of port
*
* @param node
* @param entry
* @param graph
* @param node ast node to check
* @param entry entry of ast node
* @param graph graph with connectors as edges
* @param advanced detailness of output
* @return factor of analysis
* @throws AmbigousException
*/
int check(ASTArcPort node, SecPortEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
......
......@@ -21,10 +21,11 @@ import secarc.ets.graph.ArchitectureGraph;
public interface ISecAnalysisRoleChecker {
/**
* Analysis of roles
*
* @param node
* @param entry
* @param graph
* @param node ast node to check
* @param entry entry of ast node
* @param graph graph with connectors as edges
* @throws AmbigousException
*/
int check(ASTSecArcRole node, RoleEntry entry, ArchitectureGraph graph, boolean advanced) throws AmbigousException;
......
......@@ -20,10 +20,12 @@ import secarc.ets.entries.TrustlevelRelationEntry;
public interface ISecAnalysisTrustlevelRelationChecker {
/**
* Analysis of trustlevel
*
* @param node
* @param entry
* @param graph
* @param node ast node to check
* @param entry entry of ast node
* @param advanced detailness of output
* @return factor of analysis
* @throws AmbigousException
*/
int check(ASTSecArcTrustlevelRelation node, TrustlevelRelationEntry entry, boolean advanced) throws AmbigousException;
......
......@@ -11,7 +11,7 @@ import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.entries.SecComponentEntry;
/**
* L01: Lists all third party components with configuration and version
* L06: Lists all third party components with configuration and version
*
* <br>
* <br>
......
......@@ -68,15 +68,15 @@ public class EncryptedPathContinuesUnencrypted extends Analysis implements
//Unencrypted path starts
boolean unencryptedEnds = false;
//output allowed
boolean outputAllowed = false;
//output needed
boolean outputNeeded = false;
//Current element
STEntry element = null;
int count = 0;
//Build Message
//Build Message
StringBuilder sbuilder = new StringBuilder("The port " + entry.getName() + " is the end of an encrypted path. The path continues unencrypted: ");
//Run over paths
......@@ -97,16 +97,16 @@ public class EncryptedPathContinuesUnencrypted extends Analysis implements
sbuilder.append(" -> ");
}
sbuilder.append(element);
outputAllowed = true;
outputNeeded = true;
count++;
} else if(element instanceof ConnectorEntry && ((SecConnectorEntry) element).isEncrypted()) {
//Continues encrypted
//Continues encrypted -> the rest is not needed because the analysis for the port will manage this
unencryptedEnds = true;
}
}
if(outputAllowed) {
if(outputNeeded) {
addReport(sbuilder.toString(), node.get_SourcePositionStart());
return factor;
}
......
......@@ -102,8 +102,7 @@ public class EncryptedPathWithUnencryptedPart extends Analysis
}
//New path starts
if((element instanceof PortEntry && element.equals(entry)) ||
!iterator.hasNext()) {
if(element.equals(entry) || !iterator.hasNext()) {
//Check if info is needed
if(!path.isEmpty()) {
//Check for mixed path
......
......@@ -62,7 +62,7 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
@Override
public int check(ASTArcConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced)
throws AmbigousException {
return innerCheck(node, entry, node.getMainParent());
return innerCheck(node, entry, node.getMainParent(), advanced);
}
/*
......@@ -72,7 +72,7 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
@Override
public int check(ASTArcSimpleConnector node, SecConnectorEntry entry, ArchitectureGraph graph, boolean advanced)
throws AmbigousException {
return innerCheck(node, entry, node.getMainParent());
return innerCheck(node, entry, node.getMainParent(), advanced);
}
/**
......@@ -81,7 +81,7 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
* @param entry
* @throws AmbigousException
*/
protected int innerCheck(ASTNode node, SecConnectorEntry entry, ASTArcComponent nodeParent) throws AmbigousException {
protected int innerCheck(ASTNode node, SecConnectorEntry entry, ASTArcComponent nodeParent, boolean advanced) throws AmbigousException {
if(entry.isEncrypted()) {
return 0;
}
......@@ -132,6 +132,7 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
parentTrustlevel = CoCoHelper.getTrustlevelAsString(parentComp);
parentTrustlevelCompare = CoCoHelper.getTrustlevelAsInteger(parentComp);
} else {
//Derive trustlevel
parentTrustlevel = CoCoHelper.getTrustlevelAsString(getDerivedTrustlevel(nodeParent));
parentTrustlevelCompare = CoCoHelper.getTrustlevelAsInteger(getDerivedTrustlevel(nodeParent));
}
......@@ -154,10 +155,16 @@ public class UnencryptedConnectorThroughLowTurstlevel extends DerivedTrustlevel
targetTrustlevelCompare = parentTrustlevelCompare;
}
String standardOutput = "The unencrypted connector " + entry + " is embedded in a component with a low trustlevel: " + parentTrustlevel + ".";
//The trustlevel of the supercomponent is low if it is lower than the trustlevel of the source or target
if(parentTrustlevelCompare < sourceTrustlevelCompare || parentTrustlevelCompare < targetTrustlevelCompare) {
addReport("The unencrypted connector " + entry + " is embedded in a component with a low trustlevel: " + parentTrustlevel +
". A trustlevel is defined as low if the trustlevel of the super component is lower than the trustlevel of the source or target component.", node.get_SourcePositionStart());
if(advanced) {
addReport(standardOutput, node.get_SourcePositionStart());
} else {
addReport(standardOutput +
" A trustlevel is defined as low if the trustlevel of the super component is lower than the trustlevel of the source or target component.", node.get_SourcePositionStart());
}
return factor;
}
......
......@@ -123,8 +123,7 @@ public class EncryptedPathEndInLowTrustlevel extends DerivedTrustlevel implement
}
//New path starts
if((element instanceof PortEntry
&& ((PortEntry) element).getName().equals(entry.getName())) || !iterator.hasNext()) {
if(element.equals(entry) || !iterator.hasNext()) {
//Check if info is needed
if(!path.isEmpty()) {
//Check just encrypted
......
......@@ -85,7 +85,7 @@ public class TaintTracking extends Analysis implements ISecAnalysisConnectorChec
STEntry element = null;
StringBuilder sBuilder = new StringBuilder("Taint tracking: The trustlevel becomes lower with this transition " + entry + ". Before the input is used, it must be filtered. The following pass is used: " + entry);
StringBuilder sBuilder = new StringBuilder("Taint tracking: The trustlevel becomes higher with this transition " + entry + ". Before the input is used, it must be filtered. The following pass is used: " + entry);
//Already used
iterator.next();
......@@ -94,11 +94,11 @@ public class TaintTracking extends Analysis implements ISecAnalysisConnectorChec
element = iterator.next().getArchitectureElement();
if(element.equals(entry)) {
sBuilder.append(", " + entry);
sBuilder.append(", '" + entry);
}
if(element instanceof ConnectorEntry) {
sBuilder.append(" -> " + element);
sBuilder.append("' -> '" + element);
}
if(element instanceof FilterEntry) {
......@@ -107,7 +107,7 @@ public class TaintTracking extends Analysis implements ISecAnalysisConnectorChec
}
sBuilder.append(" The filter is marked with a *.");
sBuilder.append(" The filter is marked with a *. If the filter is missing, the input cannot be used.");
addReport(sBuilder.toString(), node.get_SourcePositionStart());
return factor;
......@@ -115,6 +115,7 @@ public class TaintTracking extends Analysis implements ISecAnalysisConnectorChec
/**
* Checks if the trustlevel becomes higher on the path
*
* @param nodeParent
* @param entry
* @return
......
......@@ -91,6 +91,7 @@ public class IdentityWithEncryption extends ComponentExistence implements ISecA
iterator = new DepthFirstIterator<Vertex<? extends STEntry>, Edge>(graphConnectorEdges.getReversedRawGraph(), portVertex);
//First element is not needed
element = iterator.next().getArchitectureElement();
//Search for encrypted path
......
......@@ -67,8 +67,11 @@ public class DerivedRolesComponent extends Analysis implements
sBuilder.append(", ");
sBuilder.append(role.getName());
}
addReport(sBuilder.toString(), node.get_SourcePositionStart());
if(advanced) {
addReport(sBuilder.toString(), node.get_SourcePositionStart());
} else {
addReport(sBuilder.append(". The roles of the current component and its sub components are considered.").toString(), node.get_SourcePositionStart());
}
return factor;
}
return 0;
......
......@@ -48,7 +48,7 @@ public class DerivedRolesPort extends Analysis implements
ArchitectureGraph graph, boolean advanced) throws AmbigousException {
List<RoleEntry> roles = new ArrayList<RoleEntry>();
SecComponentEntry componentEntry = (SecComponentEntry) resolver.resolve(node.getMainParent().getName(), ComponentEntry.KIND, getNameSpaceFor(node.getMainParent()));
SecComponentEntry componentEntry = (SecComponentEntry) resolver.resolve(node.getMainParent().getName(), ComponentEntry.KIND, getNameSpaceFor(node));
//Add all roles of the component
roles.addAll(componentEntry.getRoles());
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment