Skip to content

Commit

Permalink
Merge pull request #97 from center-for-threat-informed-defense/af174-…
Browse files Browse the repository at this point in the history 
…artifact

AF-174: Artifact
  • Loading branch information
@mikecarenzo
mikecarenzo committed Aug 29, 2023
2 parents b0be7f4 + 16302d4 commit 00c7869
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 2 deletions.
14 changes: 13 additions & 1 deletion src/attack_flow_builder/src/assets/builder.config.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -612,7 +612,19 @@ const config: AppConfiguration = {
}
}
},
encryption_algorithm : { type: PropertyType.String },
encryption_algorithm : {
type: PropertyType.Enum,
options: {
type: PropertyType.List,
form: { type: PropertyType.String },
value: [
["AES-256-GCM", "AES-256-GCM"],
["ChaCha20-Poly1305", "ChaCha20-Poly1305"],
["mime-type-indicated", "Mime Type Indicated"],
]
},
value: null
},
decryption_key : { type: PropertyType.String },
},
anchor_template: "@__builtin__anchor",
Expand Down
42 changes: 41 additions & 1 deletion src/attack_flow_builder/src/assets/builder.config.validator.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,18 +155,57 @@ class AttackFlowValidator extends DiagramValidator {
// Validate links
switch(node.template.id) {
case "artifact": {
const payloadBin = node.props.value.get("payload_bin");
const url = node.props.value.get("url");
const hashes = node.props.value.get("hashes");
const mimeType = node.props.value.get("mime_type");
const decryptionKey = node.props.value.get("decryption_key");
const encryptionAlg = node.props.value.get("encryption_algorithm")

const payloadRegex = /^([a-z0-9+/]{4})*([a-z0-9+/]{4}|[a-z0-9+/]{3}=|[a-z0-9+/]{2}==)$/i;
const MIME_Regex = /^(application|audio|font|image|message|model|multipart|text|video)\/[a-zA-Z0-9.+_-]+/;

// Check regex
if(payloadBin?.isDefined()) {
if(!payloadRegex.test(payloadBin.toString())) {
this.addError(id, "Invalid Payload Bin.");
}
}
if(mimeType?.isDefined()) {
if(!MIME_Regex.test(mimeType.toString())) {
this.addError(id, "Invalid MIME Type.");
}
}

// Validate Payload Bin, URL, and Hashes
if(payloadBin?.isDefined() && url?.isDefined()) {
this.addError(id, "Artifact must have either have a Payload Bin or URL, not both.");
}
if(url?.isDefined() && !hashes?.isDefined()) {
this.addError(id, "Artifact URL must also have a Hash.");
}

// Check hashes
if(hashes?.isDefined()) {
this.validateHash(id, hashes as ListProperty);
}

// Validate encryption and decryption algorithms
if(encryptionAlg?.isDefined()) {
if(encryptionAlg.toRawValue()?.toString() == "mime-type-indicated" && !mimeType?.isDefined()) {
this.addError(id, "For Encryption Algorithm to be 'Mime Type Indicated', the field 'Mime Type' cannot be empty.");
}
} else if(decryptionKey?.isDefined()) {
this.addError(id, "An Artifact with a Decryption Key must also have an Encryption Algorithm.");
}
break;
}
case "email_address": // Additional validation for email addresses
if (!AttackFlowValidator.Emailregex.test(String(node.props.value.get("value")))) {
this.addError(id, "Invalid email address.")
}
break;
case "file":
case "file": {
const hashes = node.props.value.get("hashes");
const name = node.props.value.get("name");
if(!hashes?.isDefined() && !name?.isDefined()) {
Expand All @@ -176,6 +215,7 @@ class AttackFlowValidator extends DiagramValidator {
this.validateHash(id, hashes as ListProperty);
}
break;
}
case "grouping":
if(node.next.length === 0) {
this.addError(id, "A Grouping must point to at least one object.");
Expand Down

0 comments on commit 00c7869

Please sign in to comment.