mal-toolbox 0.0.28__py3-none-any.whl → 0.1.12__py3-none-any.whl

maltoolbox/translators/securicad.py

@@ -7,24 +7,28 @@ import json
 import logging
 import xml.etree.ElementTree as ET
 
-from maltoolbox.model import model
-from maltoolbox.language import specification
+from typing import Optional
+
+from ..model import AttackerAttachment, Model
+from ..language import LanguageGraph, LanguageClassesFactory
 
 logger = logging.getLogger(__name__)
 
-def load_model_from_scad_archive(scad_archive: str,
-    lang_spec,
-    lang_classes_factory) -> model.Model:
+def load_model_from_scad_archive(
+        scad_archive: str,
+        lang_graph: LanguageGraph,
+        lang_classes_factory: LanguageClassesFactory
+    ) -> Optional[Model]:
     """
     Reads a '.sCAD' archive generated by securiCAD representing an instance
     model and loads the information into a maltoobox.model.Model object.
 
     Arguments:
     scad_archive            - the path to a '.sCAD' archive
-    lang_spec               - a dictionary containing the MAL language
-                              specification
+    lang_graph              - a language graph representing the MAL
+                              language specification
     lang_classes_factory    - a language classes factory that contains
-                              the same classes defined by the
+                              the classes defined by the
                               language specification
 
     Return:
@@ -36,24 +40,34 @@ def load_model_from_scad_archive(scad_archive: str,
         scad_model = archive.read(model_file)
         root = ET.fromstring(scad_model)
 
-    instance_model = model.Model(scad_archive,
-        lang_spec,
+    instance_model = Model(scad_archive,
         lang_classes_factory)
 
     for child in root.iter('objects'):
-        logger.debug(f'Loading asset from \"{scad_archive}\":\n' \
-            + json.dumps(child.attrib, indent = 2))
+
+        if logger.isEnabledFor(logging.DEBUG):
+            # Avoid running json.dumps when not in debug
+            logger.debug(
+                'Loading asset from "%s": \n%s',
+                scad_archive, json.dumps(child.attrib, indent=2)
+            )
+
         if child.attrib['metaConcept'] == 'Attacker':
-            attacker_id = int(child.attrib['id'])
-            attacker = model.Attacker()
-            attacker.entry_points = []
-            instance_model.add_attacker(attacker, attacker_id = attacker_id)
+            attacker_obj_id = int(child.attrib['id'])
+            attacker_at = AttackerAttachment()
+            attacker_at.entry_points = []
+            instance_model.add_attacker(
+                attacker_at,
+                attacker_id = attacker_obj_id
+            )
             continue
 
         if not hasattr(lang_classes_factory.ns,
             child.attrib['metaConcept']):
-            logger.error(f'Failed to find {child.attrib["metaConcept"]} '
-                'asset in language specification!')
+            logger.error(
+                'Failed to find %s asset in language specification!',
+                child.attrib["metaConcept"]
+            )
             return None
         asset = getattr(lang_classes_factory.ns,
             child.attrib['metaConcept'])(name = child.attrib['name'])
@@ -62,7 +76,6 @@ def load_model_from_scad_archive(scad_archive: str,
             defense_name = subchild.attrib['metaConcept']
             defense_name = defense_name[0].lower() + defense_name[1:]
             for distrib in subchild.iter('evidenceDistribution'):
-                distrib_type = distrib.attrib['type']
                 for d in distrib.iter('parameters'):
                     if 'value' in d.attrib:
                         dist_value = d.attrib['value']
@@ -70,13 +83,12 @@ def load_model_from_scad_archive(scad_archive: str,
         instance_model.add_asset(asset, asset_id)
 
     for child in root.iter('associations'):
-        logger.debug(f'Load association '
-            f'(\"{child.attrib["sourceObject"]}\",'
-            f'\"{child.attrib["targetObject"]}\",'
-            f'\"{child.attrib["targetProperty"]}\",'
-            f'\"{child.attrib["sourceProperty"]}\") '
-            f'from \"{scad_archive}\"')
-
+        logger.debug(
+            'Load association ("%s", "%s", "%s", "%s") from %s',
+            child.attrib["sourceObject"], child.attrib["targetObject"],
+            child.attrib["targetProperty"], child.attrib["sourceProperty"],
+            scad_archive
+        )
         # Note: This is not a bug in the code. The fields and assets are
         # listed incorrectly in the securiCAD format where the source asset
         # matches the target field and vice versa.
@@ -92,16 +104,20 @@ def load_model_from_scad_archive(scad_archive: str,
             target_id = right_id
             target_prop = child.attrib['sourceProperty']
 
-        if attacker_id:
+        if attacker_id is not None:
             attacker = instance_model.get_attacker_by_id(attacker_id)
             if not attacker:
-                logger.error(f'Failed to find attacker with id {attacker_id} '
-                    'in model!')
+                logger.error(
+                    'Failed to find attacker with id %s in model!',
+                    attacker_id
+                )
                 return None
             target_asset = instance_model.get_asset_by_id(target_id)
             if not target_asset:
-                logger.error(f'Failed to find asset with id {target_id} '
-                    'in model!')
+                logger.error(
+                    'Failed to find asset with id %s in model!',
+                    target_id
+                )
                 return None
             attacker.entry_points.append((target_asset,
                 [target_prop.split('.')[0]]))
@@ -109,13 +125,15 @@ def load_model_from_scad_archive(scad_archive: str,
 
         left_asset = instance_model.get_asset_by_id(left_id)
         if not left_asset:
-            logger.error(f'Failed to find asset with id {left_id} '
-                'in model!')
+            logger.error(
+                'Failed to find asset with id %s in model!', left_id
+            )
             return None
         right_asset = instance_model.get_asset_by_id(right_id)
         if not right_asset:
-            logger.error(f'Failed to find asset with id {right_id} '
-                'in model!')
+            logger.error(
+                'Failed to find asset with id %s in model!', right_id
+            )
             return None
 
         # Note: This is not a bug in the code. The fields and assets are
@@ -123,27 +141,33 @@ def load_model_from_scad_archive(scad_archive: str,
         # matches the target field and vice versa.
         left_field = child.attrib['sourceProperty']
         right_field = child.attrib['targetProperty']
-        assoc_name = specification.get_association_by_fields_and_assets(
-            lang_spec,
+        lang_graph_assoc = lang_graph.get_association_by_fields_and_assets(
             left_field,
             right_field,
-            left_asset.metaconcept,
-            right_asset.metaconcept)
-        logger.debug(f'Found \"{assoc_name}\" association.')
-
-        if not assoc_name:
-            logger.error(f'Failed to find '
-                f'(\"{left_asset.metaconcept}\",'
-                f'\"{right_asset.metaconcept}\",'
-                f'\"{left_field}\",'
-                f'\"{right_field}\") '
-                'association in language specification!')
+            left_asset.type,
+            right_asset.type)
+
+        if not lang_graph_assoc:
+            raise LookupError(
+                'Failed to find ("%s", "%s", "%s", "%s")'
+                'association in lang specification.' %
+                (left_asset.type, right_asset.type,
+                left_field, right_field)
+            )
             return None
 
-        if not hasattr(lang_classes_factory.ns,
-            assoc_name):
-            logger.error(f'Failed to find {assoc_name} '
-                'association in language specification!')
+        logger.debug('Found "%s" association.', lang_graph_assoc.name)
+        assoc_name = lang_classes_factory.get_association_by_signature(
+            lang_graph_assoc.name,
+            left_asset.type,
+            right_asset.type
+        )
+
+        if assoc_name is None:
+            logger.error(
+                'Failed to find association with name \"%s\" in model!',
+                lang_graph_assoc.name
+            )
             return None
 
         assoc = getattr(lang_classes_factory.ns, assoc_name)()

maltoolbox/translators/updater.py

@@ -0,0 +1,132 @@
+import json
+import logging
+
+import yaml
+
+from ..model import Model, AttackerAttachment
+from ..language import LanguageClassesFactory
+
+logger = logging.getLogger(__name__)
+
+def load_model_from_older_version(
+        filename: str,
+        lang_classes_factory: LanguageClassesFactory,
+        version: str
+    ) -> Model:
+    match (version):
+        case '0.0.39':
+            return load_model_from_version_0_0_39(filename,
+                lang_classes_factory)
+        case _:
+            msg = ('Unknown version "%s" format. Could not '
+            'load model from file "%s"')
+            logger.error(msg % (version, filename))
+            raise ValueError(msg % (version, filename))
+
+def load_model_from_version_0_0_39(
+        filename: str,
+        lang_classes_factory: LanguageClassesFactory
+    ) -> Model:
+    """
+    Load model from file.
+
+    Arguments:
+    filename                - the name of the input file
+    lang_classes_factory    - the language classes factory that defines the
+                              classes needed to build the model
+    """
+
+    def _process_model(model_dict, lang_classes_factory) -> Model:
+        model = Model(model_dict['metadata']['name'], lang_classes_factory)
+
+        # Reconstruct the assets
+        for asset_id, asset_object in model_dict['assets'].items():
+            logger.debug(f"Loading asset:\n{json.dumps(asset_object, indent=2)}")
+
+            # Allow defining an asset via the metaconcept only.
+            asset_object = (
+                asset_object
+                if isinstance(asset_object, dict)
+                else {'metaconcept': asset_object, 'name': f"{asset_object}:{asset_id}"}
+            )
+
+            asset = getattr(model.lang_classes_factory.ns,
+                asset_object['metaconcept'])(name = asset_object['name'])
+
+            for defense in (defenses:=asset_object.get('defenses', [])):
+                setattr(asset, defense, float(defenses[defense]))
+
+            model.add_asset(asset, asset_id = int(asset_id))
+
+        # Reconstruct the associations
+        for assoc_dict in model_dict.get('associations', []):
+            association = getattr(model.lang_classes_factory.ns, assoc_dict.pop('metaconcept'))()
+
+            # compatibility with old format
+            assoc_dict = assoc_dict.get('association', assoc_dict)
+
+            for field, targets in assoc_dict.items():
+                targets = targets if isinstance(targets, list) else [targets]
+                setattr(
+                    association,
+                    field,
+                    [model.get_asset_by_id(int(id)) for id in targets]
+                )
+            model.add_association(association)
+
+        # Reconstruct the attackers
+        if 'attackers' in model_dict:
+            attackers_info = model_dict['attackers']
+            for attacker_id in attackers_info:
+                attacker = AttackerAttachment(
+                    name = attackers_info[attacker_id]['name']
+                )
+                attacker.entry_points = []
+                for asset_id in attackers_info[attacker_id]['entry_points']:
+                    attacker.entry_points.append(
+                        (model.get_asset_by_id(int(asset_id)),
+                        attackers_info[attacker_id]['entry_points']\
+                            [asset_id]['attack_steps']))
+                model.add_attacker(attacker, attacker_id = int(attacker_id))
+        return model
+
+    def load_from_json(
+            filename: str,
+            lang_classes_factory: LanguageClassesFactory
+        ) -> Model:
+        """
+        Load model from a json file.
+
+        Arguments:
+        filename        - the name of the input file
+        """
+        with open(filename, 'r', encoding='utf-8') as model_file:
+            model_dict = json.loads(model_file.read())
+
+        return _process_model(model_dict, lang_classes_factory)
+
+    def load_from_yaml(
+            filename: str,
+            lang_classes_factory: LanguageClassesFactory
+        ) -> Model:
+        """
+        Load model from a yaml file.
+
+        Arguments:
+        filename        - the name of the input file
+        """
+        with open(filename, 'r', encoding='utf-8') as model_file:
+            model_dict = yaml.safe_load(model_file)
+
+        return _process_model(model_dict, lang_classes_factory)
+
+    logger.info(f'Loading model from {filename} file.')
+    if filename.endswith('.yml') or filename.endswith('.yaml'):
+        return load_from_yaml(filename, lang_classes_factory)
+    elif filename.endswith('.json'):
+        return load_from_json(filename, lang_classes_factory)
+    else:
+        msg = 'Unknown file extension for model file to load from.'
+        logger.error(msg)
+        raise ValueError(msg)
+    return None

maltoolbox/wrappers.py

@@ -0,0 +1,62 @@
+"""Contains wrappers combining more than one of the maltoolbox submodules"""
+
+import logging
+import sys
+import zipfile
+
+from maltoolbox.model import Model
+from maltoolbox.language import LanguageGraph, LanguageClassesFactory
+from maltoolbox.attackgraph import AttackGraph
+from maltoolbox.attackgraph.analyzers.apriori import (
+    calculate_viability_and_necessity
+)
+from maltoolbox.exceptions import AttackGraphStepExpressionError
+from maltoolbox import log_configs
+
+
+logger = logging.getLogger(__name__)
+
+def create_attack_graph(
+        lang_file: str,
+        model_file: str,
+        attach_attackers=True,
+        calc_viability_and_necessity=True
+    ) -> AttackGraph:
+    """Create and return an attack graph
+
+    Args:
+    lang_file                       - path to language file (.mar or .mal)
+    model_file                      - path to model file (yaml or json)
+    attach_attackers                - whether to run attach_attackers or not
+    calc_viability_and_necessity    - whether run apriori calculations or not
+    """
+    try:
+        lang_graph = LanguageGraph.from_mar_archive(lang_file)
+    except zipfile.BadZipFile:
+        lang_graph = LanguageGraph.from_mal_spec(lang_file)
+
+    if log_configs['langspec_file']:
+        lang_graph.save_to_file(log_configs['langspec_file'])
+
+    lang_classes_factory = LanguageClassesFactory(lang_graph)
+    instance_model = Model.load_from_file(model_file, lang_classes_factory)
+
+    if log_configs['model_file']:
+        instance_model.save_to_file(log_configs['model_file'])
+
+    try:
+        attack_graph = AttackGraph(lang_graph, instance_model)
+    except AttackGraphStepExpressionError:
+        logger.error(
+            'Attack graph generation failed when attempting '
+            'to resolve attack step expression!'
+        )
+        sys.exit(1)
+
+    if attach_attackers:
+        attack_graph.attach_attackers()
+
+    if calc_viability_and_necessity:
+        calculate_viability_and_necessity(attack_graph)
+
+    return attack_graph

mal_toolbox-0.0.28.dist-info/RECORD

@@ -1,26 +0,0 @@
-maltoolbox/__init__.py,sha256=5c6HEsWFGx3tKaQ073bhsmAnYDg5hooo_VJywZIjaIg,2958
-maltoolbox/__main__.py,sha256=_kfJOkJluA3gfq3HAJM0rAK_SvGO-4Jr6wQQGrItiWs,94
-maltoolbox/cl_parser.py,sha256=zpFAhEx-ZVOQlZkXR3MfxMiYR8aPLKDeUbGhlaap2Sk,2550
-maltoolbox/default.conf,sha256=YbGeYq4aR61G43I7RGEGwgNikIGTuKT56uz_j_6t9K4,282
-maltoolbox/main.py,sha256=OvaMFZGM76DFC6KceYvt4qMU13khEVbqJZzf-N20754,3285
-maltoolbox/attackgraph/attacker.py,sha256=6SnV1AfsHzkEPyR5eplE6Sz2WaaSbwLIMqLzFd9rsYE,2008
-maltoolbox/attackgraph/attackgraph.py,sha256=u-wTOiN7MtR5VAUtSIENOIicVHTqLrBcNl7R9e_xVyQ,19867
-maltoolbox/attackgraph/node.py,sha256=mI7LFibJZNOSeE36MKYGu7nxedRQVjiWzJGLSPBks_c,3984
-maltoolbox/attackgraph/query.py,sha256=c_RU5fBChb7K_p9u4E4pT-mn16rm4lVQNTTOLRa9B8Q,3111
-maltoolbox/attackgraph/analyzers/apriori.py,sha256=el7Dv42FAP7RRe2xLhzhrWDiJw9TYjQrVfe8U41MuNM,3182
-maltoolbox/ingestors/neo4j.py,sha256=xvEnbCG4Z0zuPPOeR8AjrNTA_-EtCo4JKy04EQci6Qk,8307
-maltoolbox/language/classes_factory.py,sha256=US3dTlyLWncqb3SJxpzesa0eRf2RTPxUX64gb_vESsE,7018
-maltoolbox/language/languagegraph.py,sha256=0SMB5Qpm-1wfzqIzTfoc_si-kpb8JjCyzkSv6ApNtvI,31892
-maltoolbox/language/specification.py,sha256=Q96NQmnkskxJlMOsKZBVsg2hMqwU2XOb4qPl16PoR9w,9563
-maltoolbox/language/lexer_parser/__main__.py,sha256=aD1WWM82DDGS5tcEVzfeTQtP6MkwSLZA48FxBMO3soQ,970
-maltoolbox/language/lexer_parser/mal_lexer.py,sha256=_dqX1xGnGxEyqnhWjEMKuywfhe3WamCsnt4hNFel3SI,10778
-maltoolbox/language/lexer_parser/mal_parser.py,sha256=0awGDJDy6YxmGizhT17sbB7cgeD2x3UNxzNymNfq99c,91351
-maltoolbox/language/lexer_parser/mal_visitor.py,sha256=UhejWVvN8lKGw1t0rD8Yx7-Qqn9kfemIlHajV3tsXAI,13203
-maltoolbox/model/model.py,sha256=S-y2oV4GuFu3YMLAFVWwz4IsV3BrJxJgksCE7C9qELU,10249
-maltoolbox/translators/securicad.py,sha256=YizxoIsKkp1AZIYudjxvR3c450vY5iGejAULG8YHIyI,6203
-mal_toolbox-0.0.28.dist-info/AUTHORS,sha256=zxLrLe8EY39WtRKlAY4Oorx4Z2_LHV2ApRvDGZgY7xY,127
-mal_toolbox-0.0.28.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
-mal_toolbox-0.0.28.dist-info/METADATA,sha256=Yw-8K1h7vbzjdRLvW_nwBFH-Ha06s4nPSVQB_fcXfCA,4890
-mal_toolbox-0.0.28.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-mal_toolbox-0.0.28.dist-info/top_level.txt,sha256=phqRVLRKGdSUgRY03mcpi2cmbbDo5YGjkV4gkqHFFcM,11
-mal_toolbox-0.0.28.dist-info/RECORD,,

maltoolbox/cl_parser.py

@@ -1,89 +0,0 @@
-"""
-MAL-Toolbox Command Line Parsing Module
-"""
-
-import sys
-import argparse
-import logging
-from typing import Sequence
-
-from maltoolbox import __version__
-
-logger = logging.getLogger(__name__)
-
-def parse_args(args: Sequence[str]) -> argparse.Namespace:
-    """
-    This function parses the arguments which have been passed from the command
-    line. It returns an argparse parser object.
-
-    Arguments:
-    args - the list of arguments passed from the command line in the sys.argv
-           format
-
-    Return:
-    A parser with the provided arguments, which can be used in a simpler format
-    """
-    parser = argparse.ArgumentParser(
-        prog='maltoolbox',
-        description='Generate Attack Graphs from MAL specifications')
-
-    parser.add_argument(
-        '--version',
-        action='version',
-        version=f'%(prog)s {__version__}')
-
-    subparsers = parser.add_subparsers(help='commands', dest='command')
-    subparsers.required = True
-
-    gen_ag_parser = subparsers.add_parser(
-        'gen_ag',
-        help='Generate an attack graph from an instance model from a json ' \
-            'file and language specification from a mar archive.')
-    help_parser = subparsers.add_parser(
-        'help', help='Show help for a particular command')
-
-    gen_ag_parser.add_argument(
-        'model',
-        help='Path to the instance model json file',
-        type=str,
-    )
-
-    gen_ag_parser.add_argument(
-        'language',
-        help='Path to the language specification ".mar" archive',
-        type=str,
-    )
-
-    gen_ag_parser.add_argument(
-        '--neo4j',
-        help='Injest attack graph and instance model into a local Neo4j ' \
-            'instance',
-        action='store_true'
-    )
-
-    help_parser.add_argument(
-        'cmd',
-        help='Name of command to get help for',
-        nargs='?')
-
-    if len(args) == 0:
-        parser.print_help(sys.stderr)
-        logger.error('Received no arugments will print help and exit.')
-        sys.exit(1)
-
-    parsed_args = parser.parse_args()
-    if parsed_args.command == 'help':
-        if not parsed_args.cmd:
-            parser.print_help(sys.stderr)
-        else:
-            try:
-                subparsers.choices[parsed_args.cmd].print_help()
-            except KeyError:
-                logger.error(f'Unknown command name {parsed_args.cmd}')
-                print(f'Unknown command name {parsed_args.cmd}')
-                print(
-                    f'Valid commands are: {", ".join(subparsers.choices.keys())}')
-
-        sys.exit(1)
-
-    return parsed_args