def generateXmlFromXlsxFile(excelFilePath, productProperties, componentDefinitions, supportedStandards, rules, error): sc = SecurityContent(logger) sc.importExcel(excelFilePath) xmlFile = str(productProperties['Library Ref']['Values']).replace(" ","-") + '.xml' xmlFileName = Path.cwd() / "outFiles" / "outputLibs" / xmlFile xsdFileName = Path.cwd() / "inputFiles" / "XSD_Schema" / "library.xsd" rootObj = createProject(sc, productProperties, componentDefinitions, supportedStandards, rules) exportLib2XML(xmlFileName, rootObj) if(productProperties['Do Lib validations']['Values'] =='Yes'): print("-> Lib validations: ON") print("-- (1/2) Schema validation --") xmlValidationCheck(str(xmlFileName), str(xsdFileName)) print("-- (2/2) Mitigation validation --") libMitigationTest(str(xmlFileName), []) else: print("-> Lib validations: OFF") if(productProperties['Show stats']['Values'] =='Yes'): print("-> Library Statistics: ON") columns=['Library Name', 'Risk Pattern', '# Use Cases', '# Threats', '# Weaknesses', '# Countermeasures'] readInfoFromXml(xmlFileName, columns) else: print("-> Library Statistics: OFF") return xmlFileName, error
def generateXmlFromRulesXlsxFile(excelFilePath, productProperties, componentDefinitions, supportedStandards, rules): sc = SecurityContent(logger) sc.setEmptySecurityContent() xmlFile = str(productProperties['Library Ref']['Values']).replace(" ","-") + '.xml' xmlFileName = Path.cwd() / "outFiles" / "outputLibs" / xmlFile xsdFileName = Path.cwd() / "inputFiles" / "XSD_Schema" / "library.xsd" rootObj = createProject(sc, productProperties, componentDefinitions, supportedStandards, rules) exportLib2XML(xmlFileName, rootObj) if(productProperties['Do Lib validations']['Values'] =='Yes'): print("-> Lib validations: ON") print("-- Schema validation --") xmlValidationCheck(str(xmlFileName), str(xsdFileName)) else: print("-> Lib validations: OFF") return xmlFileName
def searchControls(library_path, supportedStandard_name, standard_file_path): rootObj = sl.parse(str(library_path), silence=True) supportedStandards = rootObj.get_supportedStandards() components = rootObj.get_components().get_component() supportedStandardCreated = False dfm = pd.read_csv(str(standard_file_path), sep="|") dfm.columns = [ 'Standard ASVS', "Ref ASVS", "Supported Standard Name", "Supported Standard Ref", "Standard Ref" ] for index, row in dfm.iterrows(): asvs_supportedStandardRef = row.get("Standard ASVS") asvs_ref = str(row.get("Ref ASVS")) supportedStandard_name = row.get("Supported Standard Name") supportedStandardRef = row.get("Supported Standard Ref") standardRef = row.get("Standard Ref") for component in components: controls = component.get_controls().get_control() for control in controls: standards = control.get_standards() for standard in standards.get_standard(): if standard.get_supportedStandardRef( ) == asvs_supportedStandardRef: if standard.get_ref() == asvs_ref: alreadyExist = False for stard in standards.get_standard(): if stard.get_supportedStandardRef( ) == supportedStandardRef and stard.get_ref( ) == standardRef: alreadyExist = True #construir standard y aƱadirlo if alreadyExist == False: standards.add_standard( createStandard(supportedStandardRef, standardRef)) supportedStandardCreated = True supportedStandardFound = False for supportedStandard in supportedStandards.get_supportedStandard(): if supportedStandard.get_ref() == supportedStandardRef: supportedStandardFound = True if supportedStandardFound == False and supportedStandardCreated == True: supportedStandards.add_supportedStandard( sl.supportedStandardType.factory(ref=supportedStandardRef, name=supportedStandard_name)) rootObj.set_revision(int(rootObj.get_revision()) + 1) output_path = Path.cwd() / "outFiles" / "libraries" / library_path.name exportLib2XML(str(output_path), rootObj) text = "SuportedStandard was added for the library and saved in the new created file '%s'\n" % output_path else: if supportedStandardCreated == True: rootObj.set_revision(int(rootObj.get_revision()) + 1) output_path = Path.cwd( ) / "outFiles" / "libraries" / library_path.name exportLib2XML(str(output_path), rootObj) text = "SuportedStandard was updated for the library and saved in the new created file '%s'\n" % output_path else: text = "SuportedStandard was not necessary to create for the library '%s'\n" % library_path.name print(text) return text