Module: Contrast::Utils::HashDigestExtend
- Included in:
- HashDigest
- Defined in:
- lib/contrast/utils/hash_digest_extend.rb
Overview
We use this class to provide hashes for our Request and Finding objects based upon our definitions of uniqueness. While the uniqueness of the request object is something internal to the Ruby agent, the uniqueness of the Finding hash is defined by a specification shared across all agent teams. The spec can be found here: bitbucket.org/contrastsecurity/assess-specifications/src/master/vulnerability/preflight.md
Instance Method Summary collapse
-
#generate_class_scanning_hash(finding) ⇒ Object
Generates the hash checksum for class scanning.
-
#generate_config_hash(finding) ⇒ Object
Generates the hash checksum for configurations.
-
#generate_event_hash(finding, source, request) ⇒ Object
Generates the hash checksum for the event, either dataflow, crypto(crypto-bad-ciphers, crypto-bad-mac) rules or trigger event and returns string representation.
-
#generate_request_hash(request) ⇒ Object
Generates the hash checksum for the request.
Instance Method Details
#generate_class_scanning_hash(finding) ⇒ Object
Generates the hash checksum for class scanning. Converts the rule_id, finding.properties(source, name) to CRC32 checksum and returns string representation.
70 71 72 73 74 75 76 77 78 79 80 81 |
# File 'lib/contrast/utils/hash_digest_extend.rb', line 70 def generate_class_scanning_hash finding hash = new hash.update(finding.rule_id) module_name = finding.properties[Contrast::Utils::HashDigest::CLASS_SOURCE_KEY] hash.update(module_name) # We're not currently collecting this. 30/7/19 HM line_no = finding.properties[Contrast::Utils::HashDigest::CLASS_LINE_NO_KEY] hash.update(line_no) field = finding.properties[Contrast::Utils::HashDigest::CLASS_CONSTANT_NAME_KEY] hash.update(field) hash.finish end |
#generate_config_hash(finding) ⇒ Object
Generates the hash checksum for configurations. Converts the finding rule_id, session_id and configPath and to CRC32 checksum and returns string representation to be appended to Contrast::Api::Dtm::Finding
55 56 57 58 59 60 61 62 63 |
# File 'lib/contrast/utils/hash_digest_extend.rb', line 55 def generate_config_hash finding hash = new hash.update(finding.rule_id) path = finding.properties[Contrast::Utils::HashDigest::CONFIG_PATH_KEY] hash.update(path) method = finding.properties[Contrast::Utils::HashDigest::CONFIG_SESSION_ID_KEY] hash.update(method) hash.finish end |
#generate_event_hash(finding, source, request) ⇒ Object
Generates the hash checksum for the event, either dataflow, crypto(crypto-bad-ciphers, crypto-bad-mac) rules or trigger event and returns string representation.
41 42 43 44 45 46 47 48 |
# File 'lib/contrast/utils/hash_digest_extend.rb', line 41 def generate_event_hash finding, source, request return generate_dataflow_hash(finding, request) if finding.events.length.to_i > 1 id = finding.rule_id return generate_crypto_hash(finding, source, request) if Contrast::Utils::HashDigest::CRYPTO_RULES.include?(id) generate_trigger_hash(finding, request) end |
#generate_request_hash(request) ⇒ Object
Generates the hash checksum for the request. Converts the request method, uri, param names and content length to CRC checksum and returns string representation
21 22 23 24 25 26 27 28 29 30 31 |
# File 'lib/contrast/utils/hash_digest_extend.rb', line 21 def generate_request_hash request hash = new hash.update(request.request_method) hash.update(request.normalized_uri) request.parameters.each_key do |name| hash.update(name) end cl = request.headers[Contrast::Utils::HashDigest::CONTENT_LENGTH_HEADER] hash.update_on_content_length(cl) if cl hash.finish end |