Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updation of k2RequestIdentifier naming to NR/CSEC naming #215

Open
wants to merge 10 commits into
base: develop
Choose a base branch
from
2 changes: 1 addition & 1 deletion gradle.properties
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# The agent version.
agentVersion=1.2.2
jsonVersion=1.2.0
jsonVersion=2.0.0
# Updated exposed NR APM API version.
nrAPIVersion=8.4.0

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
import com.newrelic.api.agent.security.schema.HttpRequest;
import com.newrelic.api.agent.security.schema.HttpResponse;
import com.newrelic.api.agent.security.schema.JDBCVendor;
import com.newrelic.api.agent.security.schema.K2RequestIdentifier;
import com.newrelic.api.agent.security.schema.CSECRequestIdentifier;
import com.newrelic.api.agent.security.schema.R2DBCVendor;
import com.newrelic.api.agent.security.schema.SecurityMetaData;
import com.newrelic.api.agent.security.schema.helper.Log4JStrSubstitutor;
Expand Down Expand Up @@ -103,9 +103,9 @@ public void setRequestReaderHash(int hashCode) {

@Override
public void setK2FuzzRequestId(String value) {
K2RequestIdentifier k2RequestIdentifierInstance = new K2RequestIdentifier();
k2RequestIdentifierInstance.setRaw(value);
NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(k2RequestIdentifierInstance);
CSECRequestIdentifier CSECRequestIdentifierInstance = new CSECRequestIdentifier();
CSECRequestIdentifierInstance.setRaw(value);
NewRelicSecurity.getAgent().getSecurityMetaData().setFuzzRequestIdentifier(CSECRequestIdentifierInstance);
}

@Override
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -708,15 +708,15 @@ private JavaAgentEventBean setGenericProperties(AbstractOperation objectBean, Ja
}

private JavaAgentEventBean prepareEvent(HttpRequest httpRequestBean, AgentMetaData metaData,
VulnerabilityCaseType vulnerabilityCaseType, K2RequestIdentifier k2RequestIdentifier) {
VulnerabilityCaseType vulnerabilityCaseType, CSECRequestIdentifier CSECRequestIdentifier) {
JavaAgentEventBean eventBean = new JavaAgentEventBean();
eventBean.setHttpRequest(httpRequestBean);
eventBean.setMetaData(metaData);
eventBean.getMetaData().setAppServerInfo(AppServerInfoHelper.getAppServerInfo());
eventBean.setCaseType(vulnerabilityCaseType.getCaseType());
eventBean.setIsAPIBlocked(metaData.isApiBlocked());
eventBean.setStacktrace(operation.getStackTrace());
eventBean.setIsIASTRequest(k2RequestIdentifier.getK2Request());
eventBean.setIsIASTRequest(CSECRequestIdentifier.getCSECRequest());
if (AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getEnabled() && AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getIastScan().getEnabled()) {
eventBean.setIsIASTEnable(true);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ public EventAbortPolicy() {
public void rejectedExecution(Runnable r, ThreadPoolExecutor e) {
if (r instanceof CustomFutureTask<?> && ((CustomFutureTask<?>) r).getTask() instanceof Dispatcher) {
Dispatcher dispatcher = (Dispatcher) ((CustomFutureTask<?>) r).getTask();
if(dispatcher.getSecurityMetaData()!= null && dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){
if(dispatcher.getSecurityMetaData()!= null && dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getCSECRequest()){
String fuzzRequestId = dispatcher.getSecurityMetaData().getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class);
if (dispatcher.getSecurityMetaData().getRequest().getIsGrpc()) {
GrpcClientRequestReplayHelper.getInstance().getRejectedIds().add(fuzzRequestId);
Expand All @@ -85,7 +85,7 @@ public void rejectedExecution(Runnable r, ThreadPoolExecutor e) {
}

if(dispatcher.getSecurityMetaData() != null) {
if(dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){
if(dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getCSECRequest()){
AgentInfo.getInstance().getJaHealthCheck().getIastEventStats().incrementRejectedCount();
} else {
AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats().incrementRejectedCount();
Expand Down Expand Up @@ -150,7 +150,7 @@ private void incrementCount(Runnable r, String type) {
if (r instanceof CustomFutureTask<?> && ((CustomFutureTask<?>) r).getTask() instanceof Dispatcher) {
Dispatcher dispatcher = (Dispatcher) ((CustomFutureTask<?>) r).getTask();
if(dispatcher.getSecurityMetaData() != null) {
if(dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getK2Request()){
if(dispatcher.getSecurityMetaData().getFuzzRequestIdentifier().getCSECRequest()){
eventStats = AgentInfo.getInstance().getJaHealthCheck().getIastEventStats();
} else {
eventStats = AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats();
Expand Down Expand Up @@ -199,19 +199,19 @@ public void dispatchEvent(AbstractOperation operation, SecurityMetaData security
return;
}

if(!securityMetaData.getFuzzRequestIdentifier().getK2Request() && !AgentUsageMetric.isRASPProcessingActive()){
if(!securityMetaData.getFuzzRequestIdentifier().getCSECRequest() && !AgentUsageMetric.isRASPProcessingActive()){
AgentInfo.getInstance().getJaHealthCheck().getRaspEventStats().incrementRejectedCount();
AgentInfo.getInstance().getJaHealthCheck().incrementEventRejectionCount();
return;
}

if (!operation.isEmpty() && securityMetaData.getFuzzRequestIdentifier().getK2Request()) {
if (!operation.isEmpty() && securityMetaData.getFuzzRequestIdentifier().getCSECRequest()) {
if (StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getApiRecordId(), operation.getApiID()) && StringUtils.equals(securityMetaData.getFuzzRequestIdentifier().getNextStage().getStatus(), IAgentConstants.VULNERABLE)) {
eid.add(operation.getExecutionId());
}
}
// Register in Processed CC map
if (securityMetaData.getFuzzRequestIdentifier().getK2Request()) {
if (securityMetaData.getFuzzRequestIdentifier().getCSECRequest()) {
String parentId = securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class);
if (StringUtils.isNotBlank(parentId)) {
if (securityMetaData.getRequest().getIsGrpc()) {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,15 @@
package com.newrelic.agent.security.intcodeagent.models.javaagent;

import com.newrelic.agent.security.AgentInfo;
import com.newrelic.agent.security.instrumentator.dispatcher.DispatcherPool;
import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter;
import com.newrelic.api.agent.security.schema.operation.FileOperation;
import com.newrelic.api.agent.security.utils.logging.LogLevel;

public class ExitEventBean extends AgentBasicInfo {
private String executionId;
private String caseType;
private String k2RequestIdentifier;
private String csecRequestIdentifier;
private String applicationUUID;

public ExitEventBean() {
Expand Down Expand Up @@ -36,12 +39,12 @@ public void setCaseType(String caseType) {
this.caseType = caseType;
}

public String getK2RequestIdentifier() {
return k2RequestIdentifier;
public String getCsecRequestIdentifier() {
return csecRequestIdentifier;
}

public void setK2RequestIdentifier(String k2RequestIdentifier) {
this.k2RequestIdentifier = k2RequestIdentifier;
public void setCsecRequestIdentifier(String csecRequestIdentifier) {
this.csecRequestIdentifier = csecRequestIdentifier;
}

public String getApplicationUUID() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@
import java.lang.instrument.Instrumentation;
import java.lang.instrument.UnmodifiableClassException;
import java.net.HttpURLConnection;
import java.net.Socket;
import java.net.URL;
import java.time.Instant;
import java.util.ArrayList;
Expand Down Expand Up @@ -267,7 +266,7 @@ public void registerOperation(AbstractOperation operation) {
String executionId = ExecutionIDGenerator.getExecutionId();
operation.setExecutionId(executionId);
operation.setStartTime(Instant.now().toEpochMilli());
if (securityMetaData != null && securityMetaData.getFuzzRequestIdentifier().getK2Request()) {
if (securityMetaData != null && securityMetaData.getFuzzRequestIdentifier().getCSECRequest()) {
logger.log(LogLevel.FINEST, String.format("New Event generation with id %s of type %s", operation.getExecutionId(), operation.getClass().getSimpleName()), Agent.class.getName());
}
if (operation instanceof RXSSOperation) {
Expand Down Expand Up @@ -336,7 +335,7 @@ private boolean checkIfCSECGeneratedEvent(AbstractOperation operation) {
return false;
}

private void logIfIastScanForFirstTime(K2RequestIdentifier fuzzRequestIdentifier, HttpRequest request) {
private void logIfIastScanForFirstTime(CSECRequestIdentifier fuzzRequestIdentifier, HttpRequest request) {

String url = StringUtils.EMPTY;
if(request != null && StringUtils.isNotBlank(request.getUrl())) {
Expand Down Expand Up @@ -478,15 +477,15 @@ public void registerExitEvent(AbstractOperation operation) {
if (operation == null) {
return;
}
K2RequestIdentifier k2RequestIdentifier = NewRelicSecurity.getAgent().getSecurityMetaData().getFuzzRequestIdentifier();
CSECRequestIdentifier CSECRequestIdentifier = NewRelicSecurity.getAgent().getSecurityMetaData().getFuzzRequestIdentifier();
HttpRequest request = NewRelicSecurity.getAgent().getSecurityMetaData().getRequest();

// TODO: Generate for only native payloads
if (!request.isEmpty() && !operation.isEmpty() && k2RequestIdentifier.getK2Request()) {
if (StringUtils.equals(k2RequestIdentifier.getApiRecordId(), operation.getApiID())
&& StringUtils.equals(k2RequestIdentifier.getNextStage().getStatus(), IAgentConstants.VULNERABLE)) {
if (!request.isEmpty() && !operation.isEmpty() && CSECRequestIdentifier.getCSECRequest()) {
if (StringUtils.equals(CSECRequestIdentifier.getApiRecordId(), operation.getApiID())
&& StringUtils.equals(CSECRequestIdentifier.getNextStage().getStatus(), IAgentConstants.VULNERABLE)) {
ExitEventBean exitEventBean = new ExitEventBean(operation.getExecutionId(), operation.getCaseType().getCaseType());
exitEventBean.setK2RequestIdentifier(k2RequestIdentifier.getRaw());
exitEventBean.setCsecRequestIdentifier(CSECRequestIdentifier.getRaw());
logger.log(LogLevel.FINER, "Exit event : " + exitEventBean, this.getClass().getName());
DispatcherPool.getInstance().dispatchExitEvent(exitEventBean);
AgentInfo.getInstance().getJaHealthCheck().incrementExitEventSentCount();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@

import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicBoolean;

public class LowSeverityHelper {

Expand Down Expand Up @@ -41,7 +40,7 @@ public static boolean isOwaspHookProcessingNeeded(){
SecurityMetaData securityMetaData = NewRelicSecurity.getAgent().getSecurityMetaData();
if(NewRelicSecurity.isHookProcessingActive() && securityMetaData != null && !securityMetaData.getRequest().isEmpty()) {
String requestURL = securityMetaData.getRequest().getUrl();
return (securityMetaData.getFuzzRequestIdentifier() != null && securityMetaData.getFuzzRequestIdentifier().getK2Request())
return (securityMetaData.getFuzzRequestIdentifier() != null && securityMetaData.getFuzzRequestIdentifier().getCSECRequest())
|| (StringUtils.isNotBlank(requestURL) && !LowSeverityHelper.checkIfLowSeverityEventAlreadyEncountered(requestURL.hashCode(), securityMetaData.getRequest().getMethod()));
}
return false;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

import com.newrelic.api.agent.security.NewRelicSecurity;
import com.newrelic.api.agent.security.schema.APIRecordStatus;
import com.newrelic.api.agent.security.schema.K2RequestIdentifier;
import com.newrelic.api.agent.security.schema.CSECRequestIdentifier;
import com.newrelic.api.agent.security.schema.SecurityMetaData;
import com.newrelic.api.agent.security.schema.StringUtils;
import com.newrelic.api.agent.security.utils.logging.LogLevel;
Expand Down Expand Up @@ -68,37 +68,37 @@ public class ServletHelper {
add("text/calendar");
}};

public static K2RequestIdentifier parseFuzzRequestIdentifierHeader(String requestHeaderVal) {
K2RequestIdentifier k2RequestIdentifierInstance = new K2RequestIdentifier();
public static CSECRequestIdentifier parseFuzzRequestIdentifierHeader(String requestHeaderVal) {
CSECRequestIdentifier CSECRequestIdentifierInstance = new CSECRequestIdentifier();
if (StringUtils.isBlank(requestHeaderVal)) {
k2RequestIdentifierInstance.setRaw(StringUtils.EMPTY);
return k2RequestIdentifierInstance;
CSECRequestIdentifierInstance.setRaw(StringUtils.EMPTY);
return CSECRequestIdentifierInstance;
}
if (StringUtils.isNotBlank(requestHeaderVal)) {
k2RequestIdentifierInstance.setRaw(requestHeaderVal);
CSECRequestIdentifierInstance.setRaw(requestHeaderVal);
if (!(NewRelicSecurity.getAgent().getCurrentPolicy().getVulnerabilityScan().getEnabled()
&& NewRelicSecurity.getAgent().getCurrentPolicy().getVulnerabilityScan().getIastScan().getEnabled())) {
return k2RequestIdentifierInstance;
return CSECRequestIdentifierInstance;
}
String[] data = StringUtils.splitByWholeSeparatorWorker(requestHeaderVal, SEPARATOR_SEMICOLON, -1, false);

if (data.length >= 5) {
k2RequestIdentifierInstance.setApiRecordId(data[0].trim());
k2RequestIdentifierInstance.setRefId(data[1].trim());
k2RequestIdentifierInstance.setRefValue(data[2].trim());
k2RequestIdentifierInstance.setNextStage(APIRecordStatus.valueOf(data[3].trim()));
k2RequestIdentifierInstance.setRecordIndex(Integer.parseInt(data[4].trim()));
k2RequestIdentifierInstance.setK2Request(true);
CSECRequestIdentifierInstance.setApiRecordId(data[0].trim());
CSECRequestIdentifierInstance.setRefId(data[1].trim());
CSECRequestIdentifierInstance.setRefValue(data[2].trim());
CSECRequestIdentifierInstance.setNextStage(APIRecordStatus.valueOf(data[3].trim()));
CSECRequestIdentifierInstance.setRecordIndex(Integer.parseInt(data[4].trim()));
CSECRequestIdentifierInstance.setCSECRequest(true);
if (data.length >= 6 && StringUtils.isNotBlank(data[5])) {
k2RequestIdentifierInstance.setRefKey(data[5].trim());
CSECRequestIdentifierInstance.setRefKey(data[5].trim());
}
if (data.length >= 8) {
String encryptedData = data[6].trim();
String hashVerifier = data[7].trim();
String filesToCreate = NewRelicSecurity.getAgent().decryptAndVerify(encryptedData, hashVerifier);
if(StringUtils.isBlank(filesToCreate)){
NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format("Request Identifier decryption of files failed : %s hash : %s", encryptedData, hashVerifier), ServletHelper.class.getName());
return k2RequestIdentifierInstance;
return CSECRequestIdentifierInstance;
}

String[] allFiles = StringUtils.splitByWholeSeparatorWorker(filesToCreate, StringUtils.COMMA_DELIMETER, -1, false);
Expand All @@ -110,7 +110,7 @@ public static K2RequestIdentifier parseFuzzRequestIdentifierHeader(String reques
}
tmpFile = StringUtils.replace(tmpFile, NR_CSEC_VALIDATOR_HOME_TMP,
NewRelicSecurity.getAgent().getAgentTempDir());
k2RequestIdentifierInstance.getTempFiles().add(tmpFile);
CSECRequestIdentifierInstance.getTempFiles().add(tmpFile);
try {

File fileToCreate = new File(tmpFile);
Expand All @@ -132,7 +132,7 @@ public static K2RequestIdentifier parseFuzzRequestIdentifierHeader(String reques
}
}
}
return k2RequestIdentifierInstance;
return CSECRequestIdentifierInstance;
}

/**
Expand Down
Loading
Loading