oscal

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	LULA_NAMESPACE = "https://docs.lula.dev/oscal/ns"
	LULA_KEYWORD   = "lula"
)
View Source 
const OSCAL_VERSION = "1.1.2"

Variables

This section is empty.

Functions

func AddControl added in v0.13.0 

func AddControl(controlId string, include, exclude []string) bool

AddControl takes the control-id, include and exclude lists and returns a boolean indicating if the control should be included

func BackMatterToMap 

func BackMatterToMap(backMatter oscalTypes.BackMatter) (resourceMap map[string]string)

Returns a map of the uuid - description of the back-matter resources

func CompareControls added in v0.6.0 

func CompareControls(a, b string) bool

CompareControls compares two control titles, handling both XX-##.## formats and regular strings. true sorts a before b; false sorts b before a

func CompareControlsInt added in v0.8.0 

func CompareControlsInt(a, b string) int

CompareControlsInt compares two controls by their title, handling both XX-##.## formats and regular strings. returns -1 if a < b, 0 if a == b, and 1 if a > b TODO: add tests for this function

func ComponentFromCatalog added in v0.3.0 

func ComponentFromCatalog(command string, source string, catalog *oscalTypes.Catalog, componentTitle string, targetControls []string, targetRemarks []string, framework string) (*oscalTypes.ComponentDefinition, error)

Creates a component-definition from a catalog and identified (or all) controls. Allows for specification of what the content of the remarks section should contain.

func ComponentsToMap added in v0.12.0 

func ComponentsToMap(componentDefinition *oscalTypes.ComponentDefinition) map[string]*oscalTypes.DefinedComponent

func ControlImplementationstToRequirementsMap added in v0.4.5 

func ControlImplementationstToRequirementsMap(controlImplementations *[]oscalTypes.ControlImplementationSet) (requirementMap map[string]Requirement)

func ControlToImplementedRequirement added in v0.3.0 

func ControlToImplementedRequirement(control *oscalTypes.Control, targetRemarks []string) (implementedRequirement oscalTypes.ImplementedRequirementControlImplementation, err error)

Consume a control - Identify statements - iterate through parts in order to create a description

func ConvertOSCALToBytes added in v0.9.0 

func ConvertOSCALToBytes(model *oscalTypes.OscalModels, fileExt string) ([]byte, error)

ConvertOSCALToBytes returns a byte slice representation of an OSCAL model

func CreateImplementedRequirementsByFramework added in v0.12.0 

func CreateImplementedRequirementsByFramework(compdef *oscalTypes.ComponentDefinition) map[string]ImplementedRequirementMap

CreateImplementedRequirementsByFramework sorts the implemented requirements for each framework

func CreateObservation added in v0.4.0 

func CreateObservation(method string, relevantEvidence *[]oscalTypes.RelevantEvidence, validation *types.LulaValidation, resourcesHref string, descriptionPattern string, descriptionArgs ...any) oscalTypes.Observation

Helper function to create observation

func CreateResult added in v0.4.5 

func CreateResult(findingMap map[string]oscalTypes.Finding, observations []oscalTypes.Observation) (oscalTypes.Result, error)

Creates a result from findings and observations

func EvaluateResults added in v0.4.0 

func EvaluateResults(thresholdResult *oscalTypes.Result, newResult *oscalTypes.Result) (bool, map[string]result.ResultComparisonMap, error)

func FilterControlImplementations added in v0.4.5 

func FilterControlImplementations(componentDefinition *oscalTypes.ComponentDefinition) (controlMap map[string][]oscalTypes.ControlImplementationSet)

func FilterResults added in v0.4.5 

func FilterResults(resultMap map[string]*oscalTypes.AssessmentResults) map[string]EvalResult

filterResults consumes many assessment-results objects and builds out a map of EvalResults filtered by target this function looks at the target prop as the key in the map

func GenerateAssessmentResults 

func GenerateAssessmentResults(results []oscalTypes.Result) (*oscalTypes.AssessmentResults, error)

func GetObservationByUuid added in v0.11.0 

func GetObservationByUuid(assessmentResults *oscalTypes.AssessmentResults, observationUuid string) (*oscalTypes.Observation, error)

GetObservationByUuid returns the observation with the given UUID

func GetOscalModel added in v0.4.0 

func GetOscalModel(model *oscalTypes.OscalModels) (modelType string, err error)

func GetProp added in v0.4.5 

func GetProp(name string, namespace string, props *[]oscalTypes.Property) (bool, string)

func InjectIntoOSCALModel added in v0.7.0 

func InjectIntoOSCALModel(target *oscalTypes.OscalModels, values map[string]interface{}, path string) (*oscalTypes.OscalModels, error)

InjectIntoOSCALModel takes a model target and a map[string]interface{} of values to inject into the model

func MakeAssessmentResultsDeterministic added in v0.4.4 

func MakeAssessmentResultsDeterministic(assessment *oscalTypes.AssessmentResults)

func MakeComponentDeterminstic added in v0.4.4 

func MakeComponentDeterminstic(component *oscalTypes.ComponentDefinition)

func MergeAssessmentResults added in v0.3.0 

func MergeAssessmentResults(original *oscalTypes.AssessmentResults, latest *oscalTypes.AssessmentResults) (*oscalTypes.AssessmentResults, error)

func MergeComponentDefinitions added in v0.3.0 

func MergeComponentDefinitions(original *oscalTypes.ComponentDefinition, latest *oscalTypes.ComponentDefinition) (*oscalTypes.ComponentDefinition, error)

This function should perform a merge of two component-definitions where maintaining the original component-definition is the primary concern.

func MergeOscalModels added in v0.3.0 

func MergeOscalModels(existingModel *oscalTypes.OscalModels, newModel *oscalTypes.OscalModels, modelType string) (*oscalTypes.OscalModels, error)

func MergeProfileModels added in v0.10.0 

func MergeProfileModels(original *oscalTypes.Profile, latest *oscalTypes.Profile) (*oscalTypes.Profile, error)

func MergeSystemSecurityPlanModels added in v0.12.0 

func MergeSystemSecurityPlanModels(original *oscalTypes.SystemSecurityPlan, latest *oscalTypes.SystemSecurityPlan) (*oscalTypes.SystemSecurityPlan, error)

MergeSystemSecurityPlanModels merges two SystemSecurityPlan models Requires that the source of the models are the same

func NewAssessmentResults 

func NewAssessmentResults(data []byte) (*oscalTypes.AssessmentResults, error)

NewAssessmentResults creates a new assessment results object from the given data.

func NewCatalog added in v0.3.0 

func NewCatalog(data []byte) (catalog *oscalTypes.Catalog, err error)

NewCatalog creates a new catalog object from the given data.

func NewOscalComponentDefinition 

func NewOscalComponentDefinition(data []byte) (componentDefinition *oscalTypes.ComponentDefinition, err error)

NewOscalComponentDefinition consumes a byte array and returns a new single OscalComponentDefinitionModel object Standard use is to read a file from the filesystem and pass the []byte to this function

func NewOscalModel added in v0.3.0 

func NewOscalModel(data []byte) (*oscalTypes.OscalModels, error)

func OverwriteOscalModel added in v0.8.0 

func OverwriteOscalModel(filePath string, model *oscalTypes.OscalModels) error

OverwriteOscalModel takes a path and writes content to a file - does not check for existing content supports both json and yaml

func ResolveCatalogControls added in v0.13.0 

func ResolveCatalogControls(catalog *oscalTypes.Catalog, include, exclude []string) (map[string]oscalTypes.Control, error)

ResolveCatalogControls resolves all controls in the provided catalog

func ResolveProfileControls added in v0.13.0 

func ResolveProfileControls(profile *oscalTypes.Profile, profilePath, rootDir string, include, exclude []string) (map[string]ControlMap, error)

ResolveProfileControls resolves all controls in the profile by checking any imported profiles or catalogs Returns a map[string]ControlMap where the key is the UUID of the source that dictates the controls (profile or catalog) NOTE: Profiles that contain Hrefs as references to internal identifiers (e.g., "#<UUID>") cannot currently be resolved

func UpdateProps added in v0.4.0 

func UpdateProps(name string, namespace string, value string, props *[]oscalTypes.Property)

UpdateProps updates a property in a slice of properties or adds if not exists

func ValidOSCALModelAtPath added in v0.9.0 

func ValidOSCALModelAtPath(path string) (bool, error)

ValidOSCALModelAtPath takes a path and returns a bool indicating if the model exists/is valid bool = T/F that oscal model exists, error = if not nil OSCAL model is invalid

func WriteOscalModel added in v0.3.0 

func WriteOscalModel(filePath string, model *oscalTypes.OscalModels) error

WriteOscalModel takes a path and writes content to a file while performing checks for existing content supports both json and yaml

func WriteOscalModelNew added in v0.10.0 

func WriteOscalModelNew(filePath string, model OSCALModel) error

This will replace WriteOscalModel() if/when all models are implemented

Types

type ControlMap added in v0.13.0 

type ControlMap map[string]oscalTypes.Control

type EvalResult added in v0.4.5 

type EvalResult struct {
	Threshold *oscalTypes.Result
	Results   []*oscalTypes.Result
	Latest    *oscalTypes.Result
}

type ImplementedRequirementMap added in v0.12.0 

type ImplementedRequirementMap map[string]oscalTypes.ImplementedRequirement

type OSCALModel added in v0.10.0 

type OSCALModel interface {
	GetType() string
	GetCompleteModel() *oscalTypes.OscalModels
	MakeDeterministic() error
	HandleExisting(string) error
	NewModel([]byte) error
}

type Profile added in v0.10.0 

type Profile struct {
	Model *oscalTypes.Profile
}

func GenerateProfile added in v0.10.0 

func GenerateProfile(command string, source string, include []string, exclude []string, all bool) (*Profile, error)

func NewProfile added in v0.10.0 

func NewProfile() *Profile

func (*Profile) GetCompleteModel added in v0.10.0 

func (p *Profile) GetCompleteModel() *oscalTypes.OscalModels

func (*Profile) GetType added in v0.10.0 

func (p *Profile) GetType() string

func (*Profile) HandleExisting added in v0.10.0 

func (p *Profile) HandleExisting(path string) error

func (*Profile) MakeDeterministic added in v0.10.0 

func (p *Profile) MakeDeterministic() error

func (*Profile) NewModel added in v0.10.0 

func (p *Profile) NewModel(data []byte) error

Create a new profile model

type Requirement added in v0.4.0 

type Requirement struct {
	ImplementedRequirement *oscalTypes.ImplementedRequirementControlImplementation
	ControlImplementation  *oscalTypes.ControlImplementationSet
}

type SystemSecurityPlan added in v0.12.0 

type SystemSecurityPlan struct {
	Model *oscalTypes.SystemSecurityPlan
}

func GenerateSystemSecurityPlan added in v0.12.0 

func GenerateSystemSecurityPlan(command string, source string, compdef *oscalTypes.ComponentDefinition) (*SystemSecurityPlan, error)

GenerateSystemSecurityPlan generates an OSCALModel System Security Plan. Command is the command that was used to generate the SSP. Source is the catalog source url that should be extracted from the component definition. Compdef is the partially* composed component definition and all merged component-definitions. TODOs: implement *partially = just imported component-definitions, remapped validation links; implement system-characteristics, parties->users->components, component status, (probably more); support for target instead of source?

func NewSystemSecurityPlan added in v0.12.0 

func NewSystemSecurityPlan() *SystemSecurityPlan

func (*SystemSecurityPlan) GetCompleteModel added in v0.12.0 

func (ssp *SystemSecurityPlan) GetCompleteModel() *oscalTypes.OscalModels

func (*SystemSecurityPlan) GetType added in v0.12.0 

func (ssp *SystemSecurityPlan) GetType() string

func (*SystemSecurityPlan) HandleExisting added in v0.12.0 

func (ssp *SystemSecurityPlan) HandleExisting(path string) error

HandleExisting updates the existing SSP if a file is provided

func (*SystemSecurityPlan) MakeDeterministic added in v0.12.0 

func (ssp *SystemSecurityPlan) MakeDeterministic() error

MakeDeterministic ensures the elements of the SSP are sorted deterministically

func (*SystemSecurityPlan) NewModel added in v0.12.0 

func (ssp *SystemSecurityPlan) NewModel(data []byte) error

NewModel updates the SSP model with the provided data

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.