def test_INP08(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
web = Server("Web Server")
process1.validatesInput = False
process1.sanitizesInput = False
lambda1.validatesInput = False
lambda1.sanitizesInput = False
web.validatesInput = False
web.sanitizesInput = False
threat = threats["INP08"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(lambda1))
self.assertTrue(threat.apply(web))
def test_CR01(self):
user = Actor("User")
web = Server("Web Server")
web.protocol = 'HTTP'
web.usesVPN = False
web.usesSessionTokens = True
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = 'HTTP'
user_to_web.usesVPN = False
user_to_web.usesSessionTokens = True
ThreatObj = Threat(
next(item for item in threats_json if item["SID"] == "CR01"))
self.assertTrue(ThreatObj.apply(web))
self.assertTrue(ThreatObj.apply(user_to_web))
def test_AC01(self):
web = Server("Web Server")
process1 = Process("Process1")
db = Datastore("DB")
web.hasAccessControl = False
web.authorizesSource = True
process1.hasAccessControl = False
process1.authorizesSource = False
db.hasAccessControl = False
db.authorizesSource = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC01"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(web))
self.assertTrue(ThreatObj.apply(db))
def test_DO02(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
web = Server("Web Server")
db = Datastore("DB")
process1.handlesResourceConsumption = False
lambda1.handlesResourceConsumption = False
web.handlesResourceConsumption = False
db.handlesResourceConsumption = False
threat = threats["DO02"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(lambda1))
self.assertTrue(threat.apply(web))
self.assertTrue(threat.apply(db))
def test_INP08(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
web = Server("Web Server")
process1.validatesInput = False
process1.sanitizesInput = False
lambda1.validatesInput = False
lambda1.sanitizesInput = False
web.validatesInput = False
web.sanitizesInput = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "INP08"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
self.assertTrue(ThreatObj.apply(web))
def test_DO02(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
web = Server("Web Server")
db = Datastore("DB")
process1.handlesResourceConsumption = False
lambda1.handlesResourceConsumption = False
web.handlesResourceConsumption = False
db.handlesResourceConsumption = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "DO02"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
self.assertTrue(ThreatObj.apply(web))
self.assertTrue(ThreatObj.apply(db))
def test_AC01(self):
web = Server("Web Server")
process1 = Process("Process1")
db = Datastore("DB")
web.hasAccessControl = False
web.authorizesSource = True
process1.hasAccessControl = False
process1.authorizesSource = False
db.hasAccessControl = False
db.authorizesSource = False
threat = threats["AC01"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(web))
self.assertTrue(threat.apply(db))
def test_CR02(self):
user = Actor("User")
web = Server("Web Server")
web.protocol = "HTTP"
web.controls.sanitizesInput = False
web.controls.validatesInput = False
web.usesSessionTokens = True
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = "HTTP"
user_to_web.controls.sanitizesInput = False
user_to_web.controls.validatesInput = False
user_to_web.usesSessionTokens = True
threat = threats["CR02"]
self.assertTrue(threat.apply(web))
self.assertTrue(threat.apply(user_to_web))
def test_multilevel_dfd(self):
random.seed(0)
dir_path = os.path.dirname(os.path.realpath(__file__))
install_path = os.path.dirname(os.path.realpath(pytm.__file__))
with open(os.path.join(dir_path, "dfd_level0.txt")) as x:
level_0 = x.read().strip().replace("INSTALL_PATH", os.path.dirname(install_path))
with open(os.path.join(dir_path, "dfd_level1.txt")) as x:
level_1 = x.read().strip().replace("INSTALL_PATH", os.path.dirname(install_path))
TM.reset()
tm = TM("my test tm", description="aaa")
tm.isOrdered = False
internet = Boundary("Internet")
server_db = Boundary("Server/DB")
user = Actor("User", inBoundary=internet, levels=0)
web = Server("Web Server")
db = Datastore("SQL Database", inBoundary=server_db)
Dataflow(user, web, "User enters comments (*)", note="bbb")
Dataflow(web, db, "Insert query with comments", note="ccc")
Dataflow(db, web, "Retrieve comments")
Dataflow(web, user, "Show comments (*)")
self.assertTrue(tm.check())
output = tm.dfd(levels={0})
with open(os.path.join(dir_path, "0.txt"), "w") as x:
x.write(output)
self.assertEqual(output, level_0)
TM.reset()
tm = TM("my test tm", description="aaa")
tm.isOrdered = False
internet = Boundary("Internet")
server_db = Boundary("Server/DB")
user = Actor("User", inBoundary=internet, levels=1)
web = Server("Web Server")
db = Datastore("SQL Database", inBoundary=server_db)
Dataflow(user, web, "User enters comments (*)", note="bbb")
Dataflow(web, db, "Insert query with comments", note="ccc")
Dataflow(db, web, "Retrieve comments")
Dataflow(web, user, "Show comments (*)")
self.assertTrue(tm.check())
output = tm.dfd(levels={1})
with open(os.path.join(dir_path, "1.txt"), "w") as x:
x.write(output)
self.maxDiff = None
self.assertEqual(output, level_1)
def test_SC04(self):
web = Server("Web Server")
web.controls.sanitizesInput = False
web.controls.validatesInput = False
web.controls.encodesOutput = False
threat = threats["SC04"]
self.assertTrue(threat.apply(web))
def test_SC03(self):
web = Server("Web Server")
web.controls.validatesInput = False
web.controls.sanitizesInput = False
web.controls.hasAccessControl = False
threat = threats["SC03"]
self.assertTrue(threat.apply(web))
def test_DO03(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.data = "XML"
threat = threats["DO03"]
self.assertTrue(threat.apply(user_to_web))
def test_DO03(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.data = 'XML'
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "DO03"))
self.assertTrue(ThreatObj.apply(user_to_web))
def test_dfd_duplicates_raise(self):
random.seed(0)
TM.reset()
tm = TM("my test tm", description="aaa", onDuplicates=Action.RESTRICT)
internet = Boundary("Internet")
server_db = Boundary("Server/DB")
user = Actor("User", inBoundary=internet)
web = Server("Web Server")
db = Datastore("SQL Database", inBoundary=server_db)
Dataflow(user, web, "User enters comments (*)")
Dataflow(user, web, "User views comments")
Dataflow(web, db, "Insert query with comments")
Dataflow(web, db, "Select query")
Dataflow(db, web, "Retrieve comments")
Dataflow(web, user, "Show comments (*)")
e = re.escape(
"Duplicate Dataflow found between Actor(User) "
"and Server(Web Server): Dataflow(User enters comments (*)) "
"is same as Dataflow(User views comments)"
)
with self.assertRaisesRegex(ValueError, e):
tm.check()
def test_dfd(self):
dir_path = os.path.dirname(os.path.realpath(__file__))
with open(os.path.join(dir_path, 'dfd.dot')) as x:
expected = x.read().strip()
random.seed(0)
TM.reset()
tm = TM("my test tm", description="aaa")
internet = Boundary("Internet")
server_db = Boundary("Server/DB")
user = Actor("User", inBoundary=internet)
web = Server("Web Server")
db = Datastore("SQL Database", inBoundary=server_db)
Dataflow(user, web, "User enters comments (*)")
Dataflow(web, db, "Insert query with comments")
Dataflow(db, web, "Retrieve comments")
Dataflow(web, user, "Show comments (*)")
tm.check()
with captured_output() as (out, err):
tm.dfd()
output = out.getvalue().strip()
self.maxDiff = None
self.assertEqual(output, expected)
def test_seq_unused(self):
random.seed(0)
dir_path = os.path.dirname(os.path.realpath(__file__))
with open(os.path.join(dir_path, "seq_unused.plantuml")) as x:
expected = x.read().strip()
TM.reset()
tm = TM("my test tm", description="aaa", ignoreUnused=True)
internet = Boundary("Internet")
server_db = Boundary("Server/DB")
user = Actor("User", inBoundary=internet)
web = Server("Web Server")
db = Datastore("SQL Database", inBoundary=server_db)
Lambda("Unused Lambda")
Dataflow(user, web, "User enters comments (*)", note="bbb")
Dataflow(web, db, "Insert query with comments", note="ccc")
Dataflow(db, web, "Retrieve comments")
Dataflow(web, user, "Show comments (*)")
self.assertTrue(tm.check())
output = tm.seq()
self.maxDiff = None
self.assertEqual(output, expected)
def test_resolve(self):
random.seed(0)
TM.reset()
tm = TM("my test tm", description="aaa")
internet = Boundary("Internet")
server_db = Boundary("Server/DB")
user = Actor("User", inBoundary=internet, inScope=False)
web = Server("Web Server")
db = Datastore("SQL Database", inBoundary=server_db)
req = Dataflow(user, web, "User enters comments (*)")
query = Dataflow(web, db, "Insert query with comments")
results = Dataflow(db, web, "Retrieve comments")
resp = Dataflow(web, user, "Show comments (*)")
TM._BagOfThreats = [
Threat(SID=klass, target=klass)
for klass in ["Actor", "Server", "Datastore", "Dataflow"]
]
tm.resolve()
self.maxDiff = None
self.assertListEqual([f.id for f in tm.findings], [
'Server', 'Datastore', 'Dataflow', 'Dataflow', 'Dataflow',
'Dataflow'
])
self.assertListEqual([f.id for f in user.findings], [])
self.assertListEqual([f.id for f in web.findings], ["Server"])
self.assertListEqual([f.id for f in db.findings], ["Datastore"])
self.assertListEqual([f.id for f in req.findings], ["Dataflow"])
self.assertListEqual([f.id for f in query.findings], ["Dataflow"])
self.assertListEqual([f.id for f in results.findings], ["Dataflow"])
self.assertListEqual([f.id for f in resp.findings], ["Dataflow"])
def test_report(self):
random.seed(0)
dir_path = os.path.dirname(os.path.realpath(__file__))
with open(os.path.join(dir_path, "output.md")) as x:
expected = x.read().strip()
TM.reset()
tm = TM("my test tm",
description="aaa",
threatsFile="pytm/threatlib/threats.json")
tm.isOrdered = True
internet = Boundary("Internet")
server_db = Boundary("Server/DB")
user = Actor("User", inBoundary=internet)
web = Server("Web Server")
func = Lambda("Lambda func")
worker = Process("Task queue worker")
db = Datastore("SQL Database", inBoundary=server_db)
Dataflow(user,
web,
"User enters comments (*)",
note="bbb",
data="auth cookie")
Dataflow(web, db, "Insert query with comments", note="ccc")
Dataflow(web, func, "Call func")
Dataflow(db, web, "Retrieve comments")
Dataflow(web, user, "Show comments (*)")
Dataflow(worker, db, "Query for tasks")
self.assertTrue(tm.check())
output = tm.report("docs/template.md")
self.maxDiff = None
self.assertEqual(output.strip(), expected.strip())
def test_AC04(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.data = 'XML'
user_to_web.authorizesSource = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC04"))
self.assertTrue(ThreatObj.apply(user_to_web))
def test_DR01(self):
web = Server("Web Server")
db = Datastore("Database")
insert = Dataflow(web, db, "Insert query")
insert.data = Data("ssn", isPII=True, isStored=True)
insert.isEncrypted = False
threat = threats["DR01"]
self.assertTrue(threat.apply(insert))
def test_CR08(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = "HTTP"
user_to_web.usesLatestTLSversion = False
threat = threats["CR08"]
self.assertTrue(threat.apply(user_to_web))
def test_CR07(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = "HTTP"
user_to_web.data = "XML"
threat = threats["CR07"]
self.assertTrue(threat.apply(user_to_web))
def test_DE01(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = 'HTTP'
user_to_web.isEncrypted = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "DE01"))
self.assertTrue(ThreatObj.apply(user_to_web))
def test_AC04(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.data = "XML"
user_to_web.authorizesSource = False
threat = threats["AC04"]
self.assertTrue(threat.apply(user_to_web))
def test_DO04(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.data = "XML"
user_to_web.handlesResources = False
threat = threats["DO04"]
self.assertTrue(threat.apply(user_to_web))
def test_DE01(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = "HTTP"
user_to_web.isEncrypted = False
threat = threats["DE01"]
self.assertTrue(threat.apply(user_to_web))
def test_AC05(self):
process1 = Process("Process1")
web = Server("Web Server")
process1.authenticatesDestination = False
proc_to_web = Dataflow(process1, web, "Process calls a web API")
proc_to_web.protocol = "HTTPS"
proc_to_web.isEncrypted = True
threat = threats["AC05"]
self.assertTrue(threat.apply(proc_to_web))
def test_AC04(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
xml = Data(name="user to web data", description="textual", format="XML")
user_to_web.data = xml
user_to_web.authorizesSource = False
threat = threats["AC04"]
self.assertTrue(threat.apply(user_to_web))
def test_DO03(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = "HTTP"
xml = Data(name="user to web data", description="textual", format="XML")
user_to_web.data = xml
threat = threats["DO03"]
self.assertTrue(threat.apply(user_to_web))
def test_CR08(self):
user = Actor("User")
web = Server("Web Server")
user_to_web = Dataflow(user, web, "User enters comments (*)")
user_to_web.protocol = 'HTTP'
user_to_web.usesLatestTLSversion = False
ThreatObj = Threat(
next(item for item in threats_json if item["SID"] == "CR08"))
self.assertTrue(ThreatObj.apply(user_to_web))
