From 06aa3383ef8770404a6bbf6d995d6b11f954c62b Mon Sep 17 00:00:00 2001 From: Violet Hansen Date: Fri, 13 Dec 2024 12:32:01 +0200 Subject: [PATCH] improved resiliency improved resiliency --- .../Main files/C#/GUI/BitLocker/Variables.cs | 9 ++-- .../Main files/C#/GUI/BitLocker/View.cs | 2 +- .../Main files/C#/GUI/Main/GUI.cs | 2 +- .../Others/ConfirmSystemComplianceMethods.cs | 34 +-------------- .../Main files/C#/Others/HashtableChecker.cs | 4 +- .../Main files/C#/Others/JsonToHashtable.cs | 41 +++++++++++++------ 6 files changed, 37 insertions(+), 55 deletions(-) diff --git a/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/Variables.cs b/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/Variables.cs index 0fe09d264..1270e2b0d 100644 --- a/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/Variables.cs +++ b/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/Variables.cs @@ -1,8 +1,8 @@ using System.Collections.Generic; using System.IO; +using System.Linq; using System.Windows; using System.Windows.Controls; -using System.Linq; using static HardenWindowsSecurity.BitLocker; namespace HardenWindowsSecurity @@ -105,11 +105,8 @@ public static void CreateBitLockerVolumeViewModel(bool ExportToFile) // Using the Application dispatcher to update UI elements GUIMain.app.Dispatcher.Invoke(() => { - if (viewModelList.Count > 0) - { - // Place them in the DataGrid - RecoveryKeysDataGrid!.ItemsSource = viewModelList; - } + // Place them in the DataGrid + RecoveryKeysDataGrid!.ItemsSource = viewModelList; }); diff --git a/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/View.cs b/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/View.cs index e5cd03824..6a95ba1ea 100644 --- a/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/View.cs +++ b/Harden-Windows-Security Module/Main files/C#/GUI/BitLocker/View.cs @@ -418,7 +418,7 @@ await Task.Run(() => ToastNotification.Show(ToastNotification.Type.EndOfBitLocker, null, null, null, "Operation System Drive"); } - }); // End of Async Thread + }); // End of Async Thread } finally diff --git a/Harden-Windows-Security Module/Main files/C#/GUI/Main/GUI.cs b/Harden-Windows-Security Module/Main files/C#/GUI/Main/GUI.cs index 62b2552eb..6ec138d95 100644 --- a/Harden-Windows-Security Module/Main files/C#/GUI/Main/GUI.cs +++ b/Harden-Windows-Security Module/Main files/C#/GUI/Main/GUI.cs @@ -2,6 +2,7 @@ using System; using System.Collections.Generic; using System.ComponentModel; +using System.Diagnostics; using System.IO; using System.Runtime.CompilerServices; using System.Windows; @@ -11,7 +12,6 @@ using System.Windows.Media; using System.Windows.Media.Imaging; using System.Windows.Threading; -using System.Diagnostics; #nullable disable diff --git a/Harden-Windows-Security Module/Main files/C#/Others/ConfirmSystemComplianceMethods.cs b/Harden-Windows-Security Module/Main files/C#/Others/ConfirmSystemComplianceMethods.cs index 6beaebf7c..2db034850 100644 --- a/Harden-Windows-Security Module/Main files/C#/Others/ConfirmSystemComplianceMethods.cs +++ b/Harden-Windows-Security Module/Main files/C#/Others/ConfirmSystemComplianceMethods.cs @@ -217,11 +217,7 @@ private static Task VerifyWindowsUpdateConfigurations() ComplianceCategories CatName = ComplianceCategories.WindowsUpdateConfigurations; // Get the control from MDM CIM - Hashtable mdmPolicy = GlobalVars.MDM_Policy_Result01_Update02 - ?? throw new InvalidOperationException("MDM_Policy_Result01_Update02 is null"); - - HashTableCheckerResult MDM_Policy_Result01_Update02_AllowAutoWindowsUpdateDownloadOverMeteredNetwork = - HashTableChecker.CheckValue(mdmPolicy, "AllowAutoWindowsUpdateDownloadOverMeteredNetwork", "1"); + HashTableCheckerResult MDM_Policy_Result01_Update02_AllowAutoWindowsUpdateDownloadOverMeteredNetwork = HashTableChecker.CheckValue(GlobalVars.MDM_Policy_Result01_Update02, "AllowAutoWindowsUpdateDownloadOverMeteredNetwork", "1"); nestedObjectArray.Add(new IndividualResult { @@ -543,9 +539,6 @@ private static Task VerifyBitLockerSettings() IEnumerable KeyProtectors = volumeInfo.KeyProtector! .Select(kp => kp.KeyProtectorType); - // Display the key protectors - // Logger.LogMessage(string.Join(", ", KeyProtectors)); - // Check if TPM+PIN and recovery password are being used - Normal Security level if (KeyProtectors.Contains(BitLocker.KeyProtectorType.TpmPin) && KeyProtectors.Contains(BitLocker.KeyProtectorType.RecoveryPassword)) { @@ -737,11 +730,6 @@ private static Task VerifyMiscellaneousConfigurations() // Get the control from MDM CIM - if (GlobalVars.MDM_Policy_Result01_System02 is null) - { - // Handle the case where the global variable is null - throw new InvalidOperationException("MDM_Policy_Result01_System02 is null."); - } HashTableCheckerResult MDM_Policy_Result01_System02_AllowLocation = HashTableChecker.CheckValue(GlobalVars.MDM_Policy_Result01_System02, "AllowLocation", "0"); nestedObjectArray.Add(new IndividualResult @@ -1170,11 +1158,6 @@ private static Task VerifyWindowsFirewall() // Get the control from MDM CIM - if (GlobalVars.MDM_Firewall_PublicProfile02 is null) - { - // Handle the case where the global variable is null - throw new InvalidOperationException("MDM_Firewall_PublicProfile02 is null."); - } HashTableCheckerResult MDM_Firewall_PublicProfile02_EnableFirewall = HashTableChecker.CheckValue(GlobalVars.MDM_Firewall_PublicProfile02, "EnableFirewall", "true"); nestedObjectArray.Add(new IndividualResult @@ -1245,11 +1228,6 @@ private static Task VerifyWindowsFirewall() // Get the control from MDM CIM - if (GlobalVars.MDM_Firewall_PrivateProfile02 is null) - { - // Handle the case where the global variable is null - throw new InvalidOperationException("MDM_Firewall_PrivateProfile02 is null."); - } HashTableCheckerResult MDM_Firewall_PrivateProfile02_EnableFirewall = HashTableChecker.CheckValue(GlobalVars.MDM_Firewall_PrivateProfile02, "EnableFirewall", "true"); nestedObjectArray.Add(new IndividualResult @@ -1320,11 +1298,6 @@ private static Task VerifyWindowsFirewall() // Get the control from MDM CIM - if (GlobalVars.MDM_Firewall_DomainProfile02 is null) - { - // Handle the case where the global variable is null - throw new InvalidOperationException("MDM_Firewall_DomainProfile02 is null."); - } HashTableCheckerResult MDM_Firewall_DomainProfile02_EnableFirewall = HashTableChecker.CheckValue(GlobalVars.MDM_Firewall_DomainProfile02, "EnableFirewall", "true"); nestedObjectArray.Add(new IndividualResult @@ -2351,11 +2324,6 @@ private static Task VerifyMicrosoftDefender() // Get the control from MDM CIM - if (GlobalVars.MDM_Policy_Result01_System02 is null) - { - // Handle the case where the global variable is null - throw new InvalidOperationException("MDM_Policy_Result01_System02 is null."); - } HashTableCheckerResult MDM_Policy_Result01_System02_AllowTelemetry = HashTableChecker.CheckValue(GlobalVars.MDM_Policy_Result01_System02, "AllowTelemetry", "3"); nestedObjectArray.Add(new IndividualResult diff --git a/Harden-Windows-Security Module/Main files/C#/Others/HashtableChecker.cs b/Harden-Windows-Security Module/Main files/C#/Others/HashtableChecker.cs index 36cb00ed0..efe8e8a40 100644 --- a/Harden-Windows-Security Module/Main files/C#/Others/HashtableChecker.cs +++ b/Harden-Windows-Security Module/Main files/C#/Others/HashtableChecker.cs @@ -22,13 +22,13 @@ internal static class HashTableChecker /// The key to be used against the HashTable in order to get the value /// Our desired value which will be compared against the value found in the HashTable after finding it based on the key we supply /// - internal static HashTableCheckerResult CheckValue(Hashtable hashTable, string key, T compareValue) + internal static HashTableCheckerResult CheckValue(Hashtable? hashTable, string key, T compareValue) { // Initialize the result object HashTableCheckerResult result = new(); // Check if the HashTable contains the specified key - if (hashTable.ContainsKey(key)) + if (hashTable is not null && hashTable.ContainsKey(key)) { // Retrieve the value associated with the key var value = hashTable[key]; diff --git a/Harden-Windows-Security Module/Main files/C#/Others/JsonToHashtable.cs b/Harden-Windows-Security Module/Main files/C#/Others/JsonToHashtable.cs index 42957ac43..744ee3f40 100644 --- a/Harden-Windows-Security Module/Main files/C#/Others/JsonToHashtable.cs +++ b/Harden-Windows-Security Module/Main files/C#/Others/JsonToHashtable.cs @@ -8,23 +8,40 @@ internal static class JsonToHashTable { // Using HashTable since they don't throw error for non-existing keys // This method acts like ConvertFrom-Json -AsHashTable in PowerShell - internal static Hashtable ProcessJsonFile(string filePath) + internal static Hashtable? ProcessJsonFile(string filePath) { - // Check if the file exists at the specified path - if (!File.Exists(filePath)) + + try { - // Throw an exception if the file does not exist - throw new FileNotFoundException($"The specified file at '{filePath}' does not exist."); - } - // Read the JSON file content as a string - string jsonContent = File.ReadAllText(filePath); + // Check if the file exists at the specified path + if (!File.Exists(filePath)) + { + // Throw an exception if the file does not exist + throw new FileNotFoundException($"The specified file at '{filePath}' does not exist."); + } - // Parse the JSON content into a JsonDocument - JsonDocument jsonDocument = JsonDocument.Parse(jsonContent); + // Read the JSON file content as a string + string jsonContent = File.ReadAllText(filePath); + + if (string.IsNullOrWhiteSpace(jsonContent)) + { + Logger.LogMessage($"The contents of '{filePath}' is empty.", LogTypeIntel.Error); + } - // Convert the root element of the JsonDocument to a HashTable and return it - return ConvertJsonElementToHashTable(jsonDocument.RootElement); + // Parse the JSON content into a JsonDocument + JsonDocument jsonDocument = JsonDocument.Parse(jsonContent); + + // Convert the root element of the JsonDocument to a HashTable and return it + return ConvertJsonElementToHashTable(jsonDocument.RootElement); + + } + + catch + { + Logger.LogMessage($"Could not process the JSON file '{filePath}'. Compliance checks that rely on it will not show correct values.", LogTypeIntel.Error); + return null; + } } // Private method to convert a JsonElement representing a JSON object into a HashTable