Esempio n. 1
0
    def load_threat_library_data_from_path(self, paths, parent):
        for config_path in paths:
            abs_path = data.abs_path(parent, config_path.path)
            if abs_path == data.cwd():
                continue  # Skip current directory as this was handled earlier
            if abs_path in self.loaded_library_paths:
                logger.debug(
                    "Skipping library path {} as we've processed it before".
                    format(abs_path))
                continue  # Skip as we've seen this path before
            self.loaded_library_paths[abs_path] = True  # We've seen it now
            if data.is_threatspec_path(abs_path):
                logger.debug(
                    "Found threatspec.yaml, loading library from {}".format(
                        abs_path))
                self.load_threat_library(abs_path)
                self.load_control_library(abs_path)
                self.load_component_library(abs_path)

                new_config_file = data.abs_path(abs_path, "threatspec.yaml")
                new_config = config.Config()

                logger.debug("Validating {}".format(new_config_file))
                (valid, error) = data.validate_yaml_file(
                    new_config_file, os.path.join("data",
                                                  "config_schema.json"))
                if not valid:
                    logger.error(
                        "Couldn't validate the configation file {}: {}".format(
                            "threatspec.yaml", error))
                    sys.exit(0)

                new_config.load(data.read_yaml(new_config_file))
                self.load_threat_library_data_from_path(
                    new_config.paths, abs_path)
Esempio n. 2
0
    def parse_source(self, paths, parent):
        for config_path in paths:
            abs_path = data.abs_path(parent, config_path.path)

            if data.blacklisted_path(abs_path):
                logger.debug(
                    "Skipping path {} as it is blacklisted".format(abs_path))
                continue

            logger.debug("Processing source path {}".format(abs_path))
            if abs_path in self.loaded_source_paths:
                logger.debug(
                    "Skipping source path {} as it has already been processed".
                    format(abs_path))
                continue

            self.loaded_source_paths[abs_path] = True  # We've seen it now
            if data.is_threatspec_path(abs_path):
                logger.debug(
                    "Found threatspec.yaml, loading source configuration from {}"
                    .format(abs_path))
                new_config = config.Config()

                new_config_file = data.abs_path(abs_path, "threatspec.yaml")
                (valid, error) = data.validate_yaml_file(
                    new_config_file, os.path.join("data",
                                                  "config_schema.json"))
                if not valid:
                    logger.error(
                        "Couldn't validate the configation file {}: {}".format(
                            abs_path, error))
                    sys.exit(1)

                new_config.load(data.read_yaml(new_config_file))
                self.parse_source(new_config.paths, abs_path)

            for path in data.recurse_path(abs_path):
                if data.path_ignored(path, config_path.ignore):
                    logger.debug("Skipping ignored file path: {}".format(path))
                    continue
                logger.debug("Parsing source files in path {}".format(path))
                if os.path.isfile(path):
                    self.parser = self.get_parser_for_path(path, config_path)
                    if self.parser:
                        self.parser.parse_file(path)
Esempio n. 3
0
    def __init__(self):
        self.threat_library = threatmodel.ThreatLibrary()
        self.control_library = threatmodel.ControlLibrary()
        self.component_library = threatmodel.ComponentLibrary()

        self.threatmodel = threatmodel.ThreatModel()
        self.threatmodel.threat_library = self.threat_library
        self.threatmodel.control_library = self.control_library
        self.threatmodel.component_library = self.component_library

        self.threatmodel.run_id = uuid.uuid4().hex
        logger.debug("Setting run id to {}".format(self.threatmodel.run_id))

        self.config = config.Config()
        self.parser = None
        self.reporter = None

        self.loaded_source_paths = {}
        self.loaded_library_paths = {}