oscal

package
v0.15.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 17, 2025 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	LULA_NAMESPACE = "https://docs.lula.dev/oscal/ns"
	LULA_KEYWORD   = "lula"
)
View Source 
const (
	OSCAL_COMPONENT            = "component"
	OSCAL_ASSESSMENT_RESULTS   = "assessment-results"
	OSCAL_SYSTEM_SECURITY_PLAN = "system-security-plan"
	OSCAL_PROFILE              = "profile"
	OSCAL_CATALOG              = "catalog"
	OSCAL_POAM                 = "poam"
	OSCAL_ASSESSMENT_PLAN      = "assessment-plan"
)
View Source 
const OSCAL_VERSION = "1.1.3"

Variables

This section is empty.

Functions

func AddControl added in v0.13.0 

func AddControl(controlId string, include, exclude []string) bool

AddControl takes the control-id, include and exclude lists and returns a boolean indicating if the control should be included

func BackMatterToMap 

func BackMatterToMap(backMatter oscalTypes.BackMatter) (resourceMap map[string]string)

Returns a map of the uuid - description of the back-matter resources

func CompareControls added in v0.6.0 

func CompareControls(a, b string) bool

CompareControls compares two control titles, handling both XX-##.## formats and regular strings. true sorts a before b; false sorts b before a

func CompareControlsInt added in v0.8.0 

func CompareControlsInt(a, b string) int

CompareControlsInt compares two controls by their title, handling both XX-##.## formats and regular strings. returns -1 if a < b, 0 if a == b, and 1 if a > b TODO: add tests for this function

func ComponentsToMap added in v0.12.0 

func ComponentsToMap(componentDefinition *oscalTypes.ComponentDefinition) map[string]*oscalTypes.DefinedComponent

func ControlImplementationstToRequirementsMap added in v0.4.5 

func ControlImplementationstToRequirementsMap(controlImplementations *[]oscalTypes.ControlImplementationSet) (requirementMap map[string]Requirement)

func ControlToImplementedRequirement added in v0.3.0 

func ControlToImplementedRequirement(control *oscalTypes.Control, targetRemarks []string) (implementedRequirement oscalTypes.ImplementedRequirementControlImplementation, err error)

Consume a control - Identify statements - iterate through parts in order to create a description

func ConvertOSCALToBytes added in v0.9.0 

func ConvertOSCALToBytes(model *oscalTypes.OscalModels, fileExt string) ([]byte, error)

ConvertOSCALToBytes returns a byte slice representation of an OSCAL model

func CreateObservation added in v0.4.0 

func CreateObservation(method string, relevantEvidence *[]oscalTypes.RelevantEvidence, validation *types.LulaValidation, resourcesHref string, descriptionPattern string, descriptionArgs ...any) oscalTypes.Observation

Helper function to create observation

func CreateResult added in v0.4.5 

func CreateResult(findingMap map[string]oscalTypes.Finding, observations []oscalTypes.Observation) (oscalTypes.Result, error)

Creates a result from findings and observations

func CreateSourceControlsMap added in v0.14.0 

func CreateSourceControlsMap(compdef *oscalTypes.ComponentDefinition) map[string]ByComponentsMap

CreateSourceControlsMap maps the source/framework -> control-id -> []by-component

func EvaluateResults added in v0.4.0 

func EvaluateResults(thresholdResult *oscalTypes.Result, newResult *oscalTypes.Result) (bool, map[string]result.ResultComparisonMap, error)

func FetchOSCALModel added in v0.14.0 

func FetchOSCALModel(uri, rootDir string) (*oscalTypes.OscalModels, string, error)

FetchOSCALModel takes a URI and returns an oscalTypes.OscalModels object and the type of the model

func FilterControlImplementations added in v0.4.5 

func FilterControlImplementations(componentDefinition *oscalTypes.ComponentDefinition) (controlMap map[string][]oscalTypes.ControlImplementationSet)

func FilterResults added in v0.4.5 

func FilterResults(resultMap map[string]*AssessmentResults) map[string]EvalResult

filterResults consumes many assessment-results objects and builds out a map of EvalResults filtered by target this function looks at the target prop as the key in the map

func GetObservationByUuid added in v0.11.0 

func GetObservationByUuid(assessmentResults *oscalTypes.AssessmentResults, observationUuid string) (*oscalTypes.Observation, error)

GetObservationByUuid returns the observation with the given UUID

func GetOscalModel added in v0.4.0 

func GetOscalModel(model *oscalTypes.OscalModels) (modelType string, err error)

func GetProp added in v0.4.5 

func GetProp(name string, namespace string, props *[]oscalTypes.Property) (bool, string)

func InjectIntoOSCALModel added in v0.7.0 

func InjectIntoOSCALModel(target *oscalTypes.OscalModels, values map[string]interface{}, path string) (*oscalTypes.OscalModels, error)

InjectIntoOSCALModel takes a model target and a map[string]interface{} of values to inject into the model

func MakeAssessmentResultsDeterministic added in v0.4.4 

func MakeAssessmentResultsDeterministic(assessment *oscalTypes.AssessmentResults)

func MakeComponentDeterminstic added in v0.4.4 

func MakeComponentDeterminstic(component *oscalTypes.ComponentDefinition)

func MergeAssessmentResults added in v0.3.0 

func MergeAssessmentResults(original *oscalTypes.AssessmentResults, latest *oscalTypes.AssessmentResults) (*oscalTypes.AssessmentResults, error)

func MergeComponentDefinitions added in v0.3.0 

func MergeComponentDefinitions(original *oscalTypes.ComponentDefinition, latest *oscalTypes.ComponentDefinition) (*oscalTypes.ComponentDefinition, error)

This function should perform a merge of two component-definitions where maintaining the original component-definition is the primary concern.

func MergeOscalModels added in v0.3.0 

func MergeOscalModels(existingModel *oscalTypes.OscalModels, newModel *oscalTypes.OscalModels, modelType string) (*oscalTypes.OscalModels, error)

func MergeProfileModels added in v0.10.0 

func MergeProfileModels(original *oscalTypes.Profile, latest *oscalTypes.Profile) (*oscalTypes.Profile, error)

func MergeSystemSecurityPlanModels added in v0.12.0 

func MergeSystemSecurityPlanModels(original *oscalTypes.SystemSecurityPlan, latest *oscalTypes.SystemSecurityPlan) (*oscalTypes.SystemSecurityPlan, error)

MergeSystemSecurityPlanModels merges two SystemSecurityPlan models Requires that the source of the models are the same

func MergeVariadicComponentDefinition added in v0.14.0 

func MergeVariadicComponentDefinition(compDefs ...*oscalTypes.ComponentDefinition) (mergedCompDef *oscalTypes.ComponentDefinition, err error)

MergeVariadicComponentDefinition merges multiple variadic component definitions into a single component definition

func NewCatalog added in v0.3.0 

func NewCatalog(data []byte) (catalog *oscalTypes.Catalog, err error)

NewCatalog creates a new catalog object from the given data.

func NewOscalModel added in v0.3.0 

func NewOscalModel(data []byte) (*oscalTypes.OscalModels, error)

func OverwriteOscalModel added in v0.8.0 

func OverwriteOscalModel(filePath string, model *oscalTypes.OscalModels) error

OverwriteOscalModel takes a path and writes content to a file - does not check for existing content supports both json and yaml

func RemapSourceToUUID added in v0.14.0 

func RemapSourceToUUID[V any](inMap map[string]V) map[string]V

RemapSourceToUUID takes a map[string]any and remaps any source keys (profiles and catalogs) to their UUID NOTE: Doesn't support backmatter resources as source keys, only network resolvable links

func ResolveCatalogControls added in v0.13.0 

func ResolveCatalogControls(catalog *oscalTypes.Catalog, include, exclude []string) (map[string]oscalTypes.Control, error)

ResolveCatalogControls resolves all controls in the provided catalog

func ResolveProfileControls added in v0.13.0 

func ResolveProfileControls(profile *oscalTypes.Profile, profilePath, rootDir string, include, exclude []string) (map[string]ControlMap, error)

ResolveProfileControls resolves all controls in the profile by checking any imported profiles or catalogs Returns a map[string]ControlMap where the key is the UUID of the source that dictates the controls (profile or catalog) NOTE: Profiles that contain Hrefs as references to internal identifiers (e.g., "#<UUID>") cannot currently be resolved

func UpdateProps added in v0.4.0 

func UpdateProps(name string, namespace string, value string, props *[]oscalTypes.Property)

UpdateProps updates a property in a slice of properties or adds if not exists

func ValidOSCALModelAtPath added in v0.9.0 

func ValidOSCALModelAtPath(path string) (bool, error)

ValidOSCALModelAtPath takes a path and returns a bool indicating if the model exists/is valid bool = T/F that oscal model exists, error = if not nil OSCAL model is invalid

func WriteOscalModel added in v0.3.0 

func WriteOscalModel(filePath string, model *oscalTypes.OscalModels) error

WriteOscalModel takes a path and writes content to a file while performing checks for existing content supports both json and yaml

func WriteOscalModelNew added in v0.10.0 

func WriteOscalModelNew(filePath string, model OSCALModel) error

This will replace WriteOscalModel() if/when all models are implemented

Types

type AssessmentResults added in v0.15.0 

type AssessmentResults struct {
	Model *oscalTypes.AssessmentResults
}

func GenerateAssessmentResults 

func GenerateAssessmentResults(results []oscalTypes.Result) (*AssessmentResults, error)

func NewAssessmentResults 

func NewAssessmentResults() *AssessmentResults

func (*AssessmentResults) GetCompleteModel added in v0.15.0 

func (a *AssessmentResults) GetCompleteModel() *oscalTypes.OscalModels

func (*AssessmentResults) GetType added in v0.15.0 

func (*AssessmentResults) GetType() string

func (*AssessmentResults) HandleExisting added in v0.15.0 

func (a *AssessmentResults) HandleExisting(path string) error

func (*AssessmentResults) MakeDeterministic added in v0.15.0 

func (a *AssessmentResults) MakeDeterministic() error

func (*AssessmentResults) NewModel added in v0.15.0 

func (a *AssessmentResults) NewModel(data []byte) error

type ByComponentsMap added in v0.14.0 

type ByComponentsMap map[string][]oscalTypes.ByComponent

type ComponentDefinition added in v0.15.0 

type ComponentDefinition struct {
	Model *oscalTypes.ComponentDefinition
}

func ComponentFromCatalog added in v0.3.0 

func ComponentFromCatalog(command string, source string, catalog *oscalTypes.Catalog, componentTitle string, targetControls []string, targetRemarks []string, framework string) (*ComponentDefinition, error)

Creates a component-definition from a catalog and identified (or all) controls. Allows for specification of what the content of the remarks section should contain.

func NewComponentDefinition added in v0.15.0 

func NewComponentDefinition() *ComponentDefinition

func (*ComponentDefinition) GetCompleteModel added in v0.15.0 

func (c *ComponentDefinition) GetCompleteModel() *oscalTypes.OscalModels

Returns the complete OSCAL model with component definition

func (*ComponentDefinition) GetType added in v0.15.0 

func (*ComponentDefinition) GetType() string

Return the type of the component definition

func (*ComponentDefinition) HandleExisting added in v0.15.0 

func (c *ComponentDefinition) HandleExisting(path string) error

HandleExisting updates the existing Component Defintion if a file is provided

func (*ComponentDefinition) MakeDeterministic added in v0.15.0 

func (c *ComponentDefinition) MakeDeterministic() error

MakeDeterministic ensures the relevant elements of the Component Definition are sorted deterministically

func (*ComponentDefinition) NewModel added in v0.15.0 

func (c *ComponentDefinition) NewModel(data []byte) error

Create a new ComponentDefinition from a byte array

type ControlMap added in v0.13.0 

type ControlMap map[string]oscalTypes.Control

type EvalResult added in v0.4.5 

type EvalResult struct {
	Threshold *oscalTypes.Result
	Results   []*oscalTypes.Result
	Latest    *oscalTypes.Result
}

type OSCALModel added in v0.10.0 

type OSCALModel interface {
	GetType() string
	GetCompleteModel() *oscalTypes.OscalModels
	MakeDeterministic() error
	HandleExisting(string) error
	NewModel([]byte) error
}

type Profile added in v0.10.0 

type Profile struct {
	Model *oscalTypes.Profile
}

func GenerateProfile added in v0.10.0 

func GenerateProfile(command string, source string, include []string, exclude []string, all bool) (*Profile, error)

func NewProfile added in v0.10.0 

func NewProfile() *Profile

func (*Profile) GetCompleteModel added in v0.10.0 

func (p *Profile) GetCompleteModel() *oscalTypes.OscalModels

func (*Profile) GetType added in v0.10.0 

func (p *Profile) GetType() string

func (*Profile) HandleExisting added in v0.10.0 

func (p *Profile) HandleExisting(path string) error

func (*Profile) MakeDeterministic added in v0.10.0 

func (p *Profile) MakeDeterministic() error

func (*Profile) NewModel added in v0.10.0 

func (p *Profile) NewModel(data []byte) error

Create a new profile model

type Requirement added in v0.4.0 

type Requirement struct {
	ImplementedRequirement *oscalTypes.ImplementedRequirementControlImplementation
	ControlImplementation  *oscalTypes.ControlImplementationSet
}

type SystemSecurityPlan added in v0.12.0 

type SystemSecurityPlan struct {
	Model *oscalTypes.SystemSecurityPlan
}

func GenerateSystemSecurityPlan added in v0.12.0 

func GenerateSystemSecurityPlan(command, source string, targetRemarks []string, profile *oscalTypes.Profile, compdefs ...*oscalTypes.ComponentDefinition) (*SystemSecurityPlan, error)

GenerateSystemSecurityPlan generates an OSCALModel System Security Plan. Command is the command that was used to generate the SSP. Source is the profile source url that should be used to pull implemented-requirements from the component definition. "Target" not currently supported. Profile is the profile model that should be used to populate the SSP. Compdefs are all component definitions that should be merged into the SSP. This will return an error if the profile does not contain any controls.

func NewSystemSecurityPlan added in v0.12.0 

func NewSystemSecurityPlan() *SystemSecurityPlan

func (*SystemSecurityPlan) GetCompleteModel added in v0.12.0 

func (ssp *SystemSecurityPlan) GetCompleteModel() *oscalTypes.OscalModels

func (*SystemSecurityPlan) GetType added in v0.12.0 

func (ssp *SystemSecurityPlan) GetType() string

func (*SystemSecurityPlan) HandleExisting added in v0.12.0 

func (ssp *SystemSecurityPlan) HandleExisting(path string) error

HandleExisting updates the existing SSP if a file is provided

func (*SystemSecurityPlan) MakeDeterministic added in v0.12.0 

func (ssp *SystemSecurityPlan) MakeDeterministic() error

MakeDeterministic ensures the elements of the SSP are sorted deterministically

func (*SystemSecurityPlan) NewModel added in v0.12.0 

func (ssp *SystemSecurityPlan) NewModel(data []byte) error

NewModel updates the SSP model with the provided data

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.