csaf

package
v0.0.0-...-fd8c754 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 4, 2022 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// TLPLabelUnlabeled is the 'UNLABELED' policy.
	TLPLabelUnlabeled = "UNLABELED"
	// TLPLabelWhite is the 'WHITE' policy.
	TLPLabelWhite = "WHITE"
	// TLPLabelGreen is the 'GREEN' policy.
	TLPLabelGreen = "GREEN"
	// TLPLabelAmber is the 'AMBER' policy.
	TLPLabelAmber = "AMBER"
	// TLPLabelRed is the 'RED' policy.
	TLPLabelRed = "RED"
)

Variables

This section is empty.

Functions

func ExtractProviderURL 

func ExtractProviderURL(r io.Reader, all bool) ([]string, error)

ExtractProviderURL extracts URLs of provider metadata. If all is true all URLs are returned. Otherwise only the first is returned.

func ValidateAggregator 

func ValidateAggregator(doc interface{}) ([]string, error)

ValidateAggregator validates the document doc against the JSON schema of aggregator.

func ValidateCSAF 

func ValidateCSAF(doc interface{}) ([]string, error)

ValidateCSAF validates the document doc against the JSON schema of CSAF.

func ValidateProviderMetadata 

func ValidateProviderMetadata(doc interface{}) ([]string, error)

ValidateProviderMetadata validates the document doc against the JSON schema of provider metadata.

func ValidateROLIE 

func ValidateROLIE(doc interface{}) ([]string, error)

ValidateROLIE validates the ROLIE feed against the JSON schema of ROLIE

Types

type AdvisoryFile 

type AdvisoryFile interface {
	URL() string
	SHA256URL() string
	SHA512URL() string
	SignURL() string
}

AdvisoryFile constructs the urls of a remote file.

type AdvisoryFileProcessor 

type AdvisoryFileProcessor struct {
	// contains filtered or unexported fields
}

AdvisoryFileProcessor implements the extraction of advisory file names from a given provider metadata.

func NewAdvisoryFileProcessor 

func NewAdvisoryFileProcessor(
	client util.Client,
	expr *util.PathEval,
	doc interface{},
	base *url.URL,
) *AdvisoryFileProcessor

NewAdvisoryFileProcessor constructs an filename extractor for a given metadata document.

func (*AdvisoryFileProcessor) Process 

func (afp *AdvisoryFileProcessor) Process(fn func(TLPLabel, []AdvisoryFile) error) error

Process extracts the adivisory filenames and passes them with the corresponding label to fn.

type AdvisorySummary 

type AdvisorySummary struct {
	ID                 string
	Title              string
	Publisher          *Publisher
	InitialReleaseDate time.Time
	CurrentReleaseDate time.Time
	Summary            string
	TLPLabel           string
	Status             string
}

AdvisorySummary is a summary of some essentials of an CSAF advisory.

func NewAdvisorySummary 

func NewAdvisorySummary(
	pe *util.PathEval,
	doc interface{},
) (*AdvisorySummary, error)

NewAdvisorySummary creates a summary from an advisory doc with the help of an expression evaluator expr.

type Aggregator 

type Aggregator struct {
	Aggregator    *AggregatorInfo           `json:"aggregator,omitempty"`         // required
	Version       *AggregatorVersion        `json:"aggregator_version,omitempty"` // required
	CanonicalURL  *AggregatorURL            `json:"canonical_url,omitempty"`      // required
	CSAFProviders []*AggregatorCSAFProvider `json:"csaf_providers,omitempty"`     // required
	LastUpdated   *TimeStamp                `json:"last_updated,omitempty"`       // required
}

Aggregator is the CSAF Aggregator.

func (*Aggregator) Validate 

func (a *Aggregator) Validate() error

Validate validates the current state of the Aggregator.

func (*Aggregator) WriteTo 

func (a *Aggregator) WriteTo(w io.Writer) (int64, error)

WriteTo saves an AggregatorURL to a writer.

type AggregatorCSAFProvider 

type AggregatorCSAFProvider struct {
	Metadata *AggregatorCSAFProviderMetadata `json:"metadata,omitempty"` // required
	Mirrors  []ProviderURL                   `json:"mirrors,omitempty"`  // required
}

AggregatorCSAFProvider reflects one 'csaf_trusted_provider' in an aggregator.

func (*AggregatorCSAFProvider) Validate 

func (acp *AggregatorCSAFProvider) Validate() error

Validate validates the current state of the AggregatorCSAFProvider.

type AggregatorCSAFProviderMetadata 

type AggregatorCSAFProviderMetadata struct {
	LastUpdated *TimeStamp    `json:"last_updated,omitempty"` // required
	Publisher   *Publisher    `json:"publisher,omitempty"`    // required
	Role        *MetadataRole `json:"role,omitempty"`
	URL         *ProviderURL  `json:"url,omitempty"` // required
}

AggregatorCSAFProviderMetadata reflects 'csaf_providers.metadata' in an aggregator.

func (*AggregatorCSAFProviderMetadata) Validate 

func (acpm *AggregatorCSAFProviderMetadata) Validate() error

Validate validates the current state of the AggregatorCSAFProviderMetadata.

type AggregatorCategory 

type AggregatorCategory string

AggregatorCategory is the category of the aggregator. 

const (
	// AggregatorAggregator represents the "aggregator" type of aggregators.
	AggregatorAggregator AggregatorCategory = "aggregator"
	// AggregatorLister represents the "listers" type of aggregators.
	AggregatorLister AggregatorCategory = "lister"
)

func (*AggregatorCategory) UnmarshalText 

func (ac *AggregatorCategory) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

func (*AggregatorCategory) Validate 

func (ac *AggregatorCategory) Validate() error

Validate validates the current state of the AggregatorCategory.

type AggregatorInfo 

type AggregatorInfo struct {
	Category         *AggregatorCategory `json:"category,omitempty" toml:"category"` // required
	Name             string              `json:"name" toml:"name"`                   // required
	ContactDetails   string              `json:"contact_details,omitempty" toml:"contact_details"`
	IssuingAuthority string              `json:"issuing_authority,omitempty" toml:"issuing_authority"`
	Namespace        string              `json:"namespace" toml:"namespace"` // required
}

AggregatorInfo reflects the 'aggregator' object in the aggregator.

func (*AggregatorInfo) Validate 

func (ai *AggregatorInfo) Validate() error

Validate validates the current state of the AggregatorInfo.

type AggregatorURL 

type AggregatorURL string

AggregatorURL is the URL of the aggregator document.

func (*AggregatorURL) UnmarshalText 

func (au *AggregatorURL) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

func (*AggregatorURL) Validate 

func (au *AggregatorURL) Validate() error

Validate validates the current state of the AggregatorURL.

type AggregatorVersion 

type AggregatorVersion string

AggregatorVersion is the version of the aggregator. 

const (
	// AggregatorVersion20 is version 2.0 of the aggregator.
	AggregatorVersion20 AggregatorVersion = "2.0"
)

func (*AggregatorVersion) UnmarshalText 

func (av *AggregatorVersion) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

func (*AggregatorVersion) Validate 

func (av *AggregatorVersion) Validate() error

Validate validates the current state of the AggregatorVersion.

type Category 

type Category string

Category is the category of the CSAF feed. 

const (
	// CSAFCategoryCoordinator is the "coordinator" category.
	CSAFCategoryCoordinator Category = "coordinator"
	// CSAFCategoryDiscoverer is the "discoverer" category.
	CSAFCategoryDiscoverer Category = "discoverer"
	// CSAFCategoryOther is the "other" category.
	CSAFCategoryOther Category = "other"
	// CSAFCategoryTranslator is the "translator" category.
	CSAFCategoryTranslator Category = "translator"
	// CSAFCategoryUser is the "user" category.
	CSAFCategoryUser Category = "user"
	// CSAFCategoryVendor is the "vendor" category.
	CSAFCategoryVendor Category = "vendor"
)

func (*Category) UnmarshalText 

func (cc *Category) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

type Content 

type Content struct {
	Type string `json:"type"`
	Src  string `json:"src"`
}

Content for ROLIE.

type Distribution 

type Distribution struct {
	DirectoryURL string `json:"directory_url,omitempty"`
	Rolie        *ROLIE `json:"rolie,omitempty"`
}

Distribution is a distribution of a CSAF feed.

func (*Distribution) Validate 

func (d *Distribution) Validate() error

Validate checks if the distribution is valid. Returns an error if the validation fails otherwise nil.

type Entry 

type Entry struct {
	ID        string    `json:"id"`
	Titel     string    `json:"title"`
	Link      []Link    `json:"link"`
	Published TimeStamp `json:"published"`
	Updated   TimeStamp `json:"updated"`
	Summary   *Summary  `json:"summary,omitempty"`
	Content   Content   `json:"content"`
	Format    Format    `json:"format"`
}

Entry for ROLIE.

type Feed 

type Feed struct {
	Summary  string    `json:"summary"`
	TLPLabel *TLPLabel `json:"tlp_label"` // required
	URL      *JSONURL  `json:"url"`       // required
}

Feed is CSAF feed.

func (*Feed) Validate 

func (f *Feed) Validate() error

Validate checks if the feed is valid. Returns an error if the validation fails otherwise nil.

type FeedData 

type FeedData struct {
	ID       string          `json:"id"`
	Title    string          `json:"title"`
	Link     []Link          `json:"link,omitempty"`
	Category []ROLIECategory `json:"category,omitempty"`
	Updated  TimeStamp       `json:"updated"`
	Entry    []*Entry        `json:"entry,omitempty"`
}

FeedData is the content of the ROLIE feed.

type Fingerprint 

type Fingerprint string

Fingerprint is the fingerprint of a OpenPGP key used to sign the CSAF documents.

func (*Fingerprint) UnmarshalText 

func (fp *Fingerprint) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

type Format 

type Format struct {
	Schema  string `json:"schema"`
	Version string `json:"version"`
}

Format for ROLIE.

type HashedAdvisoryFile 

type HashedAdvisoryFile [4]string

HashedAdvisoryFile is a more involed version of checkFile. Here each component can be given explicitly. If a component is not given it is constructed by extending the first component.

func (HashedAdvisoryFile) SHA256URL 

func (haf HashedAdvisoryFile) SHA256URL() string

SHA256URL returns the URL of SHA256 hash file of this advisory.

func (HashedAdvisoryFile) SHA512URL 

func (haf HashedAdvisoryFile) SHA512URL() string

SHA512URL returns the URL of SHA512 hash file of this advisory.

func (HashedAdvisoryFile) SignURL 

func (haf HashedAdvisoryFile) SignURL() string

SignURL returns the URL of signature file of this advisory.

func (HashedAdvisoryFile) URL 

func (haf HashedAdvisoryFile) URL() string

URL returns the URL of this advisory.

type JSONURL 

type JSONURL string

JSONURL is an URL to JSON document.

func (*JSONURL) UnmarshalText 

func (ju *JSONURL) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface. 

type Link struct {
	Rel  string `json:"rel"`
	HRef string `json:"href"`
}

Link for ROLIE.

type LoadedProviderMetadata 

type LoadedProviderMetadata struct {
	// URL is location where the document was found.
	URL string
	// Document is the de-serialized JSON document.
	Document interface{}
	// Hash is a SHA256 sum over the document.
	Hash []byte
	// Messages are the error message happened while loading.
	Messages []string
}

LoadedProviderMetadata represents a loaded provider metadata.

func LoadProviderMetadataForDomain 

func LoadProviderMetadataForDomain(
	client util.Client,
	domain string,
	logging func(format string, args ...interface{}),
) *LoadedProviderMetadata

LoadProviderMetadataForDomain loads a provider metadata for a given domain. Returns nil if no provider metadata was found. The logging can be use to track the errors happening while loading.

func LoadProviderMetadataFromURL 

func LoadProviderMetadataFromURL(client util.Client, url string) *LoadedProviderMetadata

LoadProviderMetadataFromURL loads a provider metadata from a given URL. Returns nil if the document was not found.

func LoadProviderMetadatasFromSecurity 

func LoadProviderMetadatasFromSecurity(client util.Client, path string) []*LoadedProviderMetadata

LoadProviderMetadatasFromSecurity loads a secturity.txt, extracts and the CSAF urls from the document. Returns nil if no url was successfully found.

type MetadataRole 

type MetadataRole string

MetadataRole is the role of the feed. 

const (
	// MetadataRolePublisher is the "csaf_publisher" role.
	MetadataRolePublisher MetadataRole = "csaf_publisher"
	// MetadataRoleProvider is the "csaf_provider" role.
	MetadataRoleProvider MetadataRole = "csaf_provider"
	// MetadataRoleTrustedProvider is the "csaf_trusted_provider" role.
	MetadataRoleTrustedProvider MetadataRole = "csaf_trusted_provider"
)

func (*MetadataRole) UnmarshalText 

func (mdr *MetadataRole) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

type MetadataVersion 

type MetadataVersion string

MetadataVersion is the metadata version of the feed. 

const MetadataVersion20 MetadataVersion = "2.0"

MetadataVersion20 is the current version of the schema.

func (*MetadataVersion) UnmarshalText 

func (mdv *MetadataVersion) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

type PGPKey 

type PGPKey struct {
	Fingerprint Fingerprint `json:"fingerprint,omitempty"`
	URL         *string     `json:"url"` // required
}

PGPKey is location and the fingerprint of the key used to sign the CSAF documents.

func (*PGPKey) Validate 

func (pk *PGPKey) Validate() error

Validate checks if the PGPKey is valid. Returns an error if the validation fails otherwise nil.

type PlainAdvisoryFile 

type PlainAdvisoryFile string

PlainAdvisoryFile is a simple implementation of checkFile. The hash and signature files are directly constructed by extending the file name.

func (PlainAdvisoryFile) SHA256URL 

func (paf PlainAdvisoryFile) SHA256URL() string

SHA256URL returns the URL of SHA256 hash file of this advisory.

func (PlainAdvisoryFile) SHA512URL 

func (paf PlainAdvisoryFile) SHA512URL() string

SHA512URL returns the URL of SHA512 hash file of this advisory.

func (PlainAdvisoryFile) SignURL 

func (paf PlainAdvisoryFile) SignURL() string

SignURL returns the URL of signature file of this advisory.

func (PlainAdvisoryFile) URL 

func (paf PlainAdvisoryFile) URL() string

URL returns the URL of this advisory.

type ProviderMetadata 

type ProviderMetadata struct {
	CanonicalURL            *ProviderURL     `json:"canonical_url"` // required
	Distributions           []Distribution   `json:"distributions,omitempty"`
	LastUpdated             *TimeStamp       `json:"last_updated"` // required
	ListOnCSAFAggregators   *bool            `json:"list_on_CSAF_aggregators"`
	MetadataVersion         *MetadataVersion `json:"metadata_version"`           // required
	MirrorOnCSAFAggregators *bool            `json:"mirror_on_CSAF_aggregators"` // required
	PGPKeys                 []PGPKey         `json:"public_openpgp_keys,omitempty"`
	Publisher               *Publisher       `json:"publisher,omitempty"` // required
	Role                    *MetadataRole    `json:"role"`                // required
}

ProviderMetadata contains the metadata of the provider.

func LoadProviderMetadata 

func LoadProviderMetadata(r io.Reader) (*ProviderMetadata, error)

LoadProviderMetadata loads a metadata provider from a reader.

func NewProviderMetadata 

func NewProviderMetadata(canonicalURL string) *ProviderMetadata

NewProviderMetadata creates a new provider with the given URL. Valid default values are set and the feed is considered to be updated recently.

func NewProviderMetadataDomain 

func NewProviderMetadataDomain(domain string, tlps []TLPLabel) *ProviderMetadata

NewProviderMetadataDomain creates a new provider with the given URL and tlps feeds.

func NewProviderMetadataPrefix 

func NewProviderMetadataPrefix(prefix string, tlps []TLPLabel) *ProviderMetadata

NewProviderMetadataPrefix creates a new provider with a given prefix and tlps feeds.

func (*ProviderMetadata) Defaults 

func (pmd *ProviderMetadata) Defaults()

Defaults fills the correct default values into the provider metadata.

func (*ProviderMetadata) SetLastUpdated 

func (pmd *ProviderMetadata) SetLastUpdated(t time.Time)

SetLastUpdated updates the last updated timestamp of the feed.

func (*ProviderMetadata) SetPGP 

func (pmd *ProviderMetadata) SetPGP(fingerprint, url string)

SetPGP sets the fingerprint and URL of the OpenPGP key of the feed. If the feed already has a key with given fingerprint the URL updated. If there is no such key it is append to the list of keys.

func (*ProviderMetadata) Validate 

func (pmd *ProviderMetadata) Validate() error

Validate checks if the provider metadata is valid. Returns an error if the validation fails otherwise nil.

func (*ProviderMetadata) WriteTo 

func (pmd *ProviderMetadata) WriteTo(w io.Writer) (int64, error)

WriteTo saves a metadata provider to a writer.

type ProviderURL 

type ProviderURL string

ProviderURL is the URL of the provider document.

func (*ProviderURL) UnmarshalText 

func (pu *ProviderURL) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

type Publisher 

type Publisher struct {
	Category         *Category `json:"category" toml:"category"`   // required
	Name             *string   `json:"name" toml:"name"`           // required
	Namespace        *string   `json:"namespace" toml:"namespace"` // required
	ContactDetails   string    `json:"contact_details,omitempty" toml:"contact_details"`
	IssuingAuthority string    `json:"issuing_authority,omitempty" toml:"issuing_authority"`
}

Publisher is the publisher of the feed.

func (*Publisher) Equals 

func (p *Publisher) Equals(o *Publisher) bool

Equals checks if the publisher is equal to other componentwise.

func (*Publisher) Validate 

func (p *Publisher) Validate() error

Validate checks if the publisher is valid. Returns an error if the validation fails otherwise nil.

type ROLIE 

type ROLIE struct {
	Categories []JSONURL `json:"categories,omitempty"`
	Feeds      []Feed    `json:"feeds"` // required
	Services   []JSONURL `json:"services,omitempty"`
}

ROLIE is the ROLIE extension of the CSAF feed.

func (*ROLIE) Validate 

func (r *ROLIE) Validate() error

Validate checks if the ROLIE extension is valid. Returns an error if the validation fails otherwise nil.

type ROLIECategory 

type ROLIECategory struct {
	Scheme string `json:"scheme"`
	Term   string `json:"term"`
}

ROLIECategory for ROLIE.

type ROLIEFeed 

type ROLIEFeed struct {
	Feed FeedData `json:"feed"`
}

ROLIEFeed is a ROLIE feed.

func LoadROLIEFeed 

func LoadROLIEFeed(r io.Reader) (*ROLIEFeed, error)

LoadROLIEFeed loads a ROLIE feed from a reader.

func (*ROLIEFeed) Entries 

func (rf *ROLIEFeed) Entries(fn func(*Entry))

Entries visits the entries of this feed.

func (*ROLIEFeed) EntryByID 

func (rf *ROLIEFeed) EntryByID(id string) *Entry

EntryByID looks up an entry by its ID. Returns nil if no such entry was found.

func (*ROLIEFeed) SortEntriesByUpdated 

func (rf *ROLIEFeed) SortEntriesByUpdated()

SortEntriesByUpdated sorts all the entries in the feed by their update times.

func (*ROLIEFeed) WriteTo 

func (rf *ROLIEFeed) WriteTo(w io.Writer) (int64, error)

WriteTo saves a ROLIE feed to a writer.

type RemoteValidator 

type RemoteValidator interface {
	Validate(doc interface{}) (bool, error)
	Close() error
}

RemoteValidator validates an advisory document remotely.

func SynchronizedRemoteValidator 

func SynchronizedRemoteValidator(validator RemoteValidator) RemoteValidator

SynchronizedRemoteValidator returns a serialized variant of the given remote validator.

type RemoteValidatorOptions 

type RemoteValidatorOptions struct {
	URL     string   `json:"url" toml:"url"`
	Presets []string `json:"presets" toml:"presets"`
	Cache   string   `json:"cache" toml:"cache"`
}

RemoteValidatorOptions are the configuation options the remote validation service.

func (*RemoteValidatorOptions) Open 

func (rvo *RemoteValidatorOptions) Open() (RemoteValidator, error)

Open opens a new remoteValidator.

type Summary 

type Summary struct {
	Content string `json:"content"`
}

Summary for ROLIE.

type TLPLabel 

type TLPLabel string

TLPLabel is the traffic light policy of the CSAF.

func (*TLPLabel) UnmarshalText 

func (tl *TLPLabel) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

type TimeStamp 

type TimeStamp time.Time

TimeStamp represents a time stamp in a CSAF feed.

func (TimeStamp) MarshalText 

func (ts TimeStamp) MarshalText() ([]byte, error)

MarshalText implements the encoding.TextMarshaller interface.

func (*TimeStamp) UnmarshalText 

func (ts *TimeStamp) UnmarshalText(data []byte) error

UnmarshalText implements the encoding.TextUnmarshaller interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.