FILE: C:\Program Files\SentinelOne\Sentinel Agent 24.2.3.471\DeviceControlDecider.js
--
"use strict";
var __extends = (this && this.__extends) || (function () {
var extendStatics = function (d, b) {
extendStatics = Object.setPrototypeOf ||
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
return extendStatics(d, b);
};
return function (d, b) {
extendStatics(d, b);
function __() { this.constructor = d; }
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
};
})();
var wildcardCompareFunc = null;
function setWildcardCompareFunc(func) {
wildcardCompareFunc = func;
}
// Normalizes user input
function normalizeUserInput(userInput) {
return userInput.trim().toUpperCase();
}
// Wildcard compare, but case insensitive and trimmed
function wildcardCompareUserInput(pattern, name) {
if (name === undefined) {
return false;
}
if (wildcardCompareFunc) {
return wildcardCompareFunc(normalizeUserInput(pattern), normalizeUserInput(name));
}
return wildcardCompare(normalizeUserInput(pattern), normalizeUserInput(name));
}
var DeviceInterfaceType;
(function (DeviceInterfaceType) {
DeviceInterfaceType[DeviceInterfaceType["USB"] = 0] = "USB";
DeviceInterfaceType[DeviceInterfaceType["Bluetooth"] = 1] = "Bluetooth";
DeviceInterfaceType[DeviceInterfaceType["BluetoothLowEnergy"] = 2] = "BluetoothLowEnergy";
})(DeviceInterfaceType || (DeviceInterfaceType = {}));
var Device = /** @class */ (function () {
function Device(interfaceType, deviceClass, vendorId, productId, serialId) {
this.interfaceType = interfaceType;
this.deviceClass = deviceClass;
this.vendorId = vendorId;
this.productId = productId;
this.serialId = serialId;
this.interfaceType = interfaceType;
this.deviceClass = deviceClass;
this.vendorId = vendorId;
this.productId = productId;
this.serialId = serialId;
}
Device.prototype.doesRuleMatchDevice = function (rule) {
if (rule.interface !== DeviceInterfaceType[this.interfaceType]) {
return false;
}
if (rule.hasOwnProperty("deviceClass")) {
if (rule.deviceClass !== this.deviceClass) {
return false;
}
}
if (rule.hasOwnProperty("vendorId")) {
if (rule.vendorId !== this.vendorId) {
return false;
}
}
if (rule.hasOwnProperty("productId")) {
if (rule.productId !== this.productId) {
return false;
}
}
if (rule.hasOwnProperty("serialId")) {
if (this.serialId === undefined) {
return false;
}
if (normalizeUserInput(rule.serialId) !== normalizeUserInput(this.serialId)) {
return false;
}
}
return true;
};
return Device;
}());
var UsbDevice = /** @class */ (function (_super) {
__extends(UsbDevice, _super);
function UsbDevice(deviceClass, vendorId, productId, serialId) {
var _this = _super.call(this, DeviceInterfaceType.USB, deviceClass, vendorId, productId, serialId) || this;
_this.deviceClass = deviceClass;
_this.vendorId = vendorId;
_this.productId = productId;
_this.serialId = serialId;
return _this;
}
return UsbDevice;
}(Device));
// Common between Bluetooth and Bluetooth LE
var BluetoothCommon = /** @class */ (function (_super) {
__extends(BluetoothCommon, _super);
function BluetoothCommon(interfaceType, deviceClass, vendorId, productId, serialId) {
var _this = _super.call(this, interfaceType, deviceClass, vendorId, productId, serialId) || this;
_this.interfaceType = interfaceType;
_this.deviceClass = deviceClass;
_this.vendorId = vendorId;
_this.productId = productId;
_this.serialId = serialId;
return _this;
}
BluetoothCommon.prototype.doesRuleMatchDevice = function (rule) {
// A rename in the field forces a check for both bluetoothAddress and serialId
if (rule.hasOwnProperty("bluetoothAddress")) {
if (normalizeUserInput(rule.bluetoothAddress) !== normalizeUserInput(this.serialId)) {
return false;
}
}
return _super.prototype.doesRuleMatchDevice.call(this, rule);
};
return BluetoothCommon;
}(Device));
var BluetoothDevice = /** @class */ (function (_super) {
__extends(BluetoothDevice, _super);
function BluetoothDevice(deviceClass, minorClass, vendorId, productId, serialId, lmpVersion) {
var _this = _super.call(this, DeviceInterfaceType.Bluetooth, deviceClass, vendorId, productId, serialId) || this;
_this.deviceClass = deviceClass;
_this.minorClass = minorClass;
_this.vendorId = vendorId;
_this.productId = productId;
_this.serialId = serialId;
_this.lmpVersion = lmpVersion;
_this.minorClass = minorClass;
_this.lmpVersion = lmpVersion;
return _this;
}
BluetoothDevice.prototype.doesRuleMatchDevice = function (rule) {
var _this = this;
if (rule.hasOwnProperty("minorClasses")) {
if (!rule.minorClasses.some(function (elem) { return elem === _this.minorClass; })) {
return false;
}
}
if (rule.hasOwnProperty("lmpVersion")) {
if (rule.action === "block") {
if (rule.lmpVersion < this.lmpVersion) {
return false;
}
}
else if (rule.action === "allow") {
if (rule.lmpVersion > this.lmpVersion) {
return false;
}
}
}
return _super.prototype.doesRuleMatchDevice.call(this, rule);
};
return BluetoothDevice;
}(BluetoothCommon));
var BluetoothLECharacteristic = /** @class */ (function () {
function BluetoothLECharacteristic(shortUUID, value) {
this.shortUUID = shortUUID;
this.value = value;
}
return BluetoothLECharacteristic;
}());
var BluetoothLEDevice = /** @class */ (function (_super) {
__extends(BluetoothLEDevice, _super);
function BluetoothLEDevice(deviceClass, vendorId, productId, serialId, deviceName, serviceUUIDs, deviceInformationCharacteristics) {
var _this = _super.call(this, DeviceInterfaceType.BluetoothLowEnergy, deviceClass, vendorId, productId, serialId) || this;
_this.deviceClass = deviceClass;
_this.vendorId = vendorId;
_this.productId = productId;
_this.serialId = serialId;
_this.deviceName = deviceName;
_this.serviceUUIDs = serviceUUIDs;
_this.deviceInformationCharacteristics = deviceInformationCharacteristics;
return _this;
}
BluetoothLEDevice.prototype.longUUID = function (shortUUID) {
// Removing 0x from hex string
return "{0000" + shortUUID.substring(2) + "-0000-1000-8000-00805f9b34fb}";
};
BluetoothLEDevice.prototype.ruleCharacteristics = function (rule) {
var result = [];
if (rule.hasOwnProperty("manufacturerName")) {
result.push(new BluetoothLECharacteristic(0x2A29, rule.manufacturerName));
}
if (rule.hasOwnProperty("deviceInformationServiceInfoKey") &&
rule.hasOwnProperty("deviceInformationServiceInfoValue")) {
result.push(new BluetoothLECharacteristic(parseInt(rule.deviceInformationServiceInfoKey, 0), // let parseInt decide according to prefix
rule.deviceInformationServiceInfoValue));
}
return result;
};
BluetoothLEDevice.prototype.doesRuleMatchDevice = function (rule) {
if (rule.hasOwnProperty("deviceName")) {
if (!wildcardCompareUserInput(rule.deviceName, this.deviceName)) {
return false;
}
}
if (rule.hasOwnProperty("gattService")) {
for (var _i = 0, _a = rule.gattService; _i < _a.length; _i++) {
var ruleServiceUUID = _a[_i];
var serviceFound = false;
for (var _b = 0, _c = this.serviceUUIDs; _b < _c.length; _b++) {
var serviceUUID = _c[_b];
if (normalizeUserInput(serviceUUID) === normalizeUserInput(this.longUUID(ruleServiceUUID))) {
serviceFound = true;
break;
}
}
if (!serviceFound) {
return false;
}
}
}
var ruleCharacteristics = this.ruleCharacteristics(rule);
for (var _d = 0, ruleCharacteristics_1 = ruleCharacteristics; _d < ruleCharacteristics_1.length; _d++) {
var ruleCharacteristic = ruleCharacteristics_1[_d];
var characteristicFound = false;
for (var _e = 0, _f = this.deviceInformationCharacteristics; _e < _f.length; _e++) {
var characteristic = _f[_e];
if (characteristic.shortUUID === ruleCharacteristic.shortUUID) {
if (!wildcardCompareUserInput(ruleCharacteristic.value, characteristic.value)) {
return false;
}
characteristicFound = true;
break;
}
}
if (!characteristicFound) {
return false;
}
}
return _super.prototype.doesRuleMatchDevice.call(this, rule);
};
return BluetoothLEDevice;
}(BluetoothCommon));
var Action;
(function (Action) {
Action[Action["Allow"] = 0] = "Allow";
Action[Action["Block"] = 1] = "Block";
})(Action || (Action = {}));
var AccessPermission;
(function (AccessPermission) {
AccessPermission[AccessPermission["None"] = 0] = "None";
AccessPermission[AccessPermission["ReadOnly"] = 1] = "ReadOnly";
AccessPermission[AccessPermission["ReadWrite"] = 2] = "ReadWrite";
})(AccessPermission || (AccessPermission = {}));
var Decision = /** @class */ (function () {
function Decision() {
}
return Decision;
}());
var permissions = {
"read-only": AccessPermission.ReadOnly,
"read-write": AccessPermission.ReadWrite
};
function decideForDeviceByRules(rules, device) {
var accessPermission = AccessPermission.None;
for (var _i = 0, rules_1 = rules; _i < rules_1.length; _i++) {
var rule = rules_1[_i];
if (rule.interface !== DeviceInterfaceType[device.interfaceType]) {
continue;
}
if (!device.doesRuleMatchDevice(rule)) {
continue;
}
if (rule.hasOwnProperty("accessPermission")) {
accessPermission = permissions[rule.accessPermission];
}
// if we got here, than all rule properties (that were present) were matched
if (rule.action === "allow") {
return { action: Action.Allow, ruleId: rule.ruleId, accessPermission: accessPermission };
}
else if (rule.action === "block") {
return { action: Action.Block, ruleId: rule.ruleId, accessPermission: accessPermission };
}
}
// if non of the rules matched, we allow the device and send an unknown ruleId
return { action: Action.Allow, ruleId: "-1", accessPermission: accessPermission };
}
--