diff --git a/tcsfw/android_manifest_scan.py b/tcsfw/android_manifest_scan.py index 675fc08..2132414 100644 --- a/tcsfw/android_manifest_scan.py +++ b/tcsfw/android_manifest_scan.py @@ -22,7 +22,7 @@ def __init__(self, system: IoTSystem): def filter_component(self, component: NodeComponent) -> bool: return isinstance(component, Software) - def process_stream(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, + def process_component(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): software = cast(Software, component) diff --git a/tcsfw/censys_scan.py b/tcsfw/censys_scan.py index 9f758c0..ca17986 100644 --- a/tcsfw/censys_scan.py +++ b/tcsfw/censys_scan.py @@ -26,7 +26,8 @@ def __init__(self, system: IoTSystem): def filter_node(self, node: NetworkNode) -> bool: return isinstance(node, Host) - def process_stream(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, source: EvidenceSource): + def process_endpoint(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, + source: EvidenceSource): raw = json.load(stream) evidence = Evidence(source) diff --git a/tcsfw/har_scan.py b/tcsfw/har_scan.py index 00ff7c2..46f1f02 100644 --- a/tcsfw/har_scan.py +++ b/tcsfw/har_scan.py @@ -22,10 +22,10 @@ def __init__(self, system: IoTSystem): super().__init__("har", ".json", system) self.tool.name = "HAR" - def filter_component(self, node: NetworkNode) -> bool: + def filter_node(self, node: NetworkNode) -> bool: return isinstance(node, Host) - def process_stream(self, node: NetworkNode, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): + def process_node(self, node: NetworkNode, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): host = cast(Host, node) component = Cookies.cookies_for(host) diff --git a/tcsfw/releases.py b/tcsfw/releases.py index 277b181..4b8a6ec 100644 --- a/tcsfw/releases.py +++ b/tcsfw/releases.py @@ -24,7 +24,7 @@ def filter_component(self, component: NetworkNode) -> bool: """Filter checked entities""" return isinstance(component, Software) - def process_stream(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, + def process_component(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): software = cast(Software, component) diff --git a/tcsfw/spdx_reader.py b/tcsfw/spdx_reader.py index b3cf9d0..d70e3f4 100644 --- a/tcsfw/spdx_reader.py +++ b/tcsfw/spdx_reader.py @@ -23,7 +23,7 @@ def __init__(self, system: IoTSystem): def filter_component(self, component: NodeComponent) -> bool: return isinstance(component, Software) - def process_stream(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, + def process_component(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): software = cast(Software, component) diff --git a/tcsfw/ssh_audit_scan.py b/tcsfw/ssh_audit_scan.py index 4b70576..90b2b7e 100644 --- a/tcsfw/ssh_audit_scan.py +++ b/tcsfw/ssh_audit_scan.py @@ -25,7 +25,7 @@ def filter_node(self, node: NetworkNode) -> bool: return False return node.protocol == Protocol.SSH - def process_stream(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, + def process_endpoint(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, source: EvidenceSource): """Scan network node""" raw = json.load(stream) diff --git a/tcsfw/testsslsh_scan.py b/tcsfw/testsslsh_scan.py index 0299f45..0438af4 100644 --- a/tcsfw/testsslsh_scan.py +++ b/tcsfw/testsslsh_scan.py @@ -23,7 +23,7 @@ def __init__(self, system: IoTSystem): def filter_node(self, node: NetworkNode) -> bool: return isinstance(node, Service) - def process_stream(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, + def process_endpoint(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, source: EvidenceSource): raw = json.load(stream) evi = Evidence(source) diff --git a/tcsfw/tools.py b/tcsfw/tools.py index af5ee74..d0b9b87 100644 --- a/tcsfw/tools.py +++ b/tcsfw/tools.py @@ -63,12 +63,21 @@ def __init__(self, tool_label: str, data_file_suffix: str, system: IoTSystem): self.file_name_map: Dict[str, Addressable] = {} self.create_file_name_map() + def filter_node(self, _node: NetworkNode) -> bool: + """Filter checked endpoints by the corresponding node""" + return True + + def process_endpoint(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, + source: EvidenceSource): + """Process result file for specific endpoint""" + raise NotImplementedError() + def process_file(self, data: BytesIO, file_name: str, interface: EventInterface, source: EvidenceSource): key = self.file_name_map.get(file_name) if key: self.logger.info("processing (%s) %s", source.label, file_name) source.target = str(key) - self.process_stream(key, data, interface, source) + self.process_endpoint(key, data, interface, source) return True return False @@ -98,14 +107,6 @@ def map_addressable(self, entity: Addressable): if a_file_name not in self.file_name_map: self.file_name_map[a_file_name] = a - def filter_node(self, _node: NetworkNode) -> bool: - """Filter checked entities""" - return True - - def process_stream(self, endpoint: AnyAddress, stream: BytesIO, interface: EventInterface, source: EvidenceSource): - """Process file from stream""" - raise NotImplementedError() - class NodeCheckTool(CheckTool): """Network node check tool""" @@ -115,11 +116,19 @@ def __init__(self, tool_label: str, data_file_suffix: str, system: IoTSystem): self.file_name_map: Dict[str, NetworkNode] = {} self.create_file_name_map() + def filter_node(self, _node: NetworkNode) -> bool: + """Filter checked nodes""" + return True + + def process_node(self, node: NetworkNode, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): + """Process file for specific network node""" + raise NotImplementedError() + def process_file(self, data: BytesIO, file_name: str, interface: EventInterface, source: EvidenceSource): key = self.file_name_map.get(file_name) if key: self.logger.info("processing (%s) %s", source.label, file_name) - self.process_stream(key, data, interface, source) + self.process_node(key, data, interface, source) return True return False @@ -129,22 +138,13 @@ def create_file_name_map(self): def check_component(node: NetworkNode): for c in node.children: - if not tool.filter_component(c): + if not tool.filter_node(c): continue self.file_name_map[tool.get_file_by_name(c.name)] = c check_component(c) check_component(self.system) - def process_stream(self, node: NetworkNode, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): - """Check entity with data""" - raise NotImplementedError() - - def filter_component(self, _node: NetworkNode) -> bool: - """Filter checked entities""" - return True - - class ComponentCheckTool(CheckTool): """Software check tool""" def __init__(self, tool_label: str, data_file_suffix: str, system: IoTSystem): @@ -153,12 +153,21 @@ def __init__(self, tool_label: str, data_file_suffix: str, system: IoTSystem): self.file_name_map: Dict[str, NodeComponent] = {} self._create_file_name_map() + def filter_component(self, _component: NodeComponent) -> bool: + """Filter checked components""" + return True + + def process_component(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, + source: EvidenceSource): + """Process file for specific component""" + raise NotImplementedError() + def process_file(self, data: BytesIO, file_name: str, interface: EventInterface, source: EvidenceSource): key = self.file_name_map.get(file_name) if key: self.logger.info("processing (%s) %s", source.label, file_name) source.target = key.long_name() - self.process_stream(key, data, interface, source) + self.process_component(key, data, interface, source) return True return False @@ -175,15 +184,6 @@ def check_component(node: NetworkNode): check_component(c) check_component(self.system) - def filter_component(self, _component: NodeComponent) -> bool: - """Filter checked entities""" - return True - - def process_stream(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, - source: EvidenceSource): - """Check entity with data""" - raise NotImplementedError() - class SimpleFlowTool(BaseFileCheckTool): """Simple flow tool powered by list of flows""" diff --git a/tcsfw/vulnerability_reader.py b/tcsfw/vulnerability_reader.py index 5e9d822..24c2991 100644 --- a/tcsfw/vulnerability_reader.py +++ b/tcsfw/vulnerability_reader.py @@ -23,7 +23,7 @@ def filter_component(self, component: NodeComponent) -> bool: """Filter checked entities""" return isinstance(component, Software) - def process_stream(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, + def process_component(self, component: NodeComponent, data_file: BytesIO, interface: EventInterface, source: EvidenceSource): software = cast(Software, component) evidence = Evidence(source)