vaas

module
v0.0.0-...-cdbac81 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 28, 2024 License: MIT

README

vaas-golang-ci Vulnerability Check Go Reference Go Report Card

Go VaaS Client

This is a Golang package that provides a client for the G DATA VaaS API.

Verdict-as-a-Service (VaaS) is a service that provides a platform for scanning files for malware and other threats. It allows easy integration into your application. With a few lines of code, you can start scanning files for malware.

Table of Contents

What does the SDK do?

It gives you as a developer functions to talk to G DATA VaaS. It wraps away the complexity of the API into basic functions.

Connect(ctx context.Context, auth authenticator.Authenticator) (termChan <-chan error, err error)

Connect opens a websocket connection to the VAAS Server, which is kept open until the context.Context expires. The termChan indicates when a connection was closed. In the case of an unexpected close, an error is written to the channel.

ForSha256(ctx context.Context, sha256 string) (messages.VaasVerdict, error)

Retrieves the verdict for the given SHA256 hash from the G DATA VaaS API. ctx is the context for request cancellation, and sha256 is the SHA256 hash of the file. If the request fails, an error will be returned. Otherwise, a messages.VaasVerdict object containing the verdict will be returned.

ForFile(ctx context.Context, filePath string) (messages.VaasVerdict, error)

Retrieves the verdict for the given file at the specified filePath from the G DATA VaaS API. ctx is the context for request cancellation. If the file cannot be opened, an error will be returned. Otherwise, a messages.VaasVerdict object containing the verdict will be returned.

ForFileInMemory(ctx context.Context, fileData io.Reader) (messages.VaasVerdict, error)

Retrieves the verdict for file data provided as an io.Reader to the G DATA VaaS API. ctx is the context for request cancellation. If the request fails, an error will be returned. Otherwise, a messages.VaasVerdict object containing the verdict will be returned.

ForUrl(ctx context.Context, url string) (messages.VaasVerdict, error)

Retrieves the verdict for the given file URL from the G DATA VaaS API. ctx is the context for request cancellation. If the request fails, an error will be returned. Otherwise, a messages.VaasVerdict object containing the verdict will be returned.

How to use

Installation
go get github.com/GDATASoftwareAG/vaas/golang/vaas
Import
import (
      "github.com/GDATASoftwareAG/vaas/golang/vaas/pkg/authenticator"
      "github.com/GDATASoftwareAG/vaas/golang/vaas/pkg/vaas"
)
Authentication

VaaS offers two authentication methods:

Client Credentials Grant

This is suitable for cases where you have a client_idand client_secret. Here's how to use it:

authenticator := authenticator.New("client_id", "client_secret", "token_endpoint")

or

authenticator := authenticator.NewWithDefaultTokenEndpoint("client_id", "client_secret")
Resource Owner Password Grant

This method is used when you have a username and password. Here's how to use it:

authenticator := authenticator.NewWithResourceOwnerPassword("client_id", "username", "password", "token_endpoint")

If you do not have a specific Client ID, please use "vaas-customer" as the client_id.

Request a verdict

Authentication & Initialization:

// Create a new authenticator with the provided Client ID and Client Secret
auth := authenticator.NewWithDefaultTokenEndpoint(clientID, clientSecret)

// Create a new VaaS client with default options
vaasClient := vaas.NewWithDefaultEndpoint(options.VaasOptions{
      UseHashLookup: true,
      UseCache:      false,
      EnableLogs:    false,
})

// Create a context with a cancellation function
ctx, webSocketCancel := context.WithCancel(context.Background())

// Establish a WebSocket connection to the VaaS server
termChan, err := vaasClient.Connect(ctx, auth)
if err != nil {
      log.Fatalf("failed to connect to VaaS %s", err.Error())
}

// Create a context with a timeout for the analysis
analysisCtx, analysisCancel := context.WithTimeout(context.Background(), 20*time.Second)
defer analysisCancel()

Verdict Request for SHA256:

// Request a verdict for a specific SHA256 hash (replace "sha256-hash" with the actual SHA256 hash)
result, err := vaasClient.ForFile(analysisCtx, "sha256-hash")
if err != nil {
    log.Fatalf("Failed to get verdict: %v", err)
}
fmt.Println(result.Verdict)

Verdict Request for a file:

// Request a verdict for a specific file (replace "path-to-your-file" with the actual file path)
result, err := vaasClient.ForFile(analysisCtx, "path-to-your-file")
if err != nil {
    log.Fatalf("Failed to get verdict: %v", err)
}
fmt.Printf("Verdict: %s\n", result.Verdict)

Verdict Request for file data provided as an io.Reader:

fileData := bytes.NewReader([]byte("file contents"))
result, err := vaasClient.ForFileInMemory(analysisCtx, fileData)
if err != nil {
    log.Fatalf("Failed to get verdict: %v", err)
}
fmt.Printf("Verdict: %s\n", result.Verdict)

Verdict Request for a file URL:

result, err := vaasClient.ForUrl(analysisCtx, "https://example.com/examplefile")
if err != nil {
    log.Fatalf("Failed to get verdict: %v", err)
}
fmt.Printf("Verdict: %s\n", result.Verdict)

I'm interested in VaaS

You need credentials to use the service in your application. If you are interested in using VaaS, please contact us.

Developing with Visual Studio Code

Every single SDKs also includes Devcontainer. If you use the Visual Studio Code Dev Containers extension, you can run the code in a full-featured development environment.

Directories

Path Synopsis
cmd
git-scan
examples
file-verdict-request
package main implements a simple example of how to request a verdict for a file from a VaaS (Verdict as a Service) server using Go.
 package main implements a simple example of how to request a verdict for a file from a VaaS (Verdict as a Service) server using Go.
vaasctl
internal
hash
Package hash provides utility functions for hashing data using the SHA-256 algorithm.
 Package hash provides utility functions for hashing data using the SHA-256 algorithm.
pkg
authenticator
Package authenticator provides a set of implementations for obtaining authentication tokens for G DATA CyberDefense's Verdict as a Service (VaaS) using different grant types.
 Package authenticator provides a set of implementations for obtaining authentication tokens for G DATA CyberDefense's Verdict as a Service (VaaS) using different grant types.
messages
Package messages provides structures for handling communication messages between the client and the VaaS server.
 Package messages provides structures for handling communication messages between the client and the VaaS server.
options
Package options provides structures and functions for configuring options related to the VaaS client.
 Package options provides structures and functions for configuring options related to the VaaS client.
vaas
Package vaas provides a client for interacting with G DATA CyberDefense's VaaS Service for sending analysis requests to the Vaas server for various types of data, such as URLs, SHA256 hashes, and files.
 Package vaas provides a client for interacting with G DATA CyberDefense's VaaS Service for sending analysis requests to the Vaas server for various types of data, such as URLs, SHA256 hashes, and files.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.