SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

CSD02 Schema update

Browse source 
- resolves csaf-poc/csaf_distribution#97
- add strict schemas from OASIS repo
This commit is contained in:
tschmidtb51 2022-04-08 18:23:14 +02:00
parent 9bbe3e1eb8
commit 11ed0e8f4d
2 changed files with 1003 additions and 895 deletions
Download patch file Download diff file Expand all files Collapse all files

1519
csaf/schema/csaf_json_schema.json
View file

File diff suppressed because it is too large Load diff

379
csaf/schema/provider_json_schema.json
View file

@ -1,29 +1,205 @@
{ {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json",
"title": "CSAF provider metadata",
"description": "Representation of metadata information of a CSAF provider as a JSON document.",
"type": "object",
"$defs": { "$defs": {
"json_url_t": { "json_url_t": {
"title": "JSON URL type",
"description": "Contains a URL of a JSON file.", "description": "Contains a URL of a JSON file.",
"type": "string",
"format": "uri", "format": "uri",
"pattern": "\\.json$" "pattern": "\\.json$",
"title": "JSON URL type",
"type": "string"
}, },
"provider_url_t": { "provider_url_t": {
"title": "Provider URL type",
"description": "Contains a URL of a provider-metadata.json.", "description": "Contains a URL of a provider-metadata.json.",
"type": "string",
"format": "uri", "format": "uri",
"pattern": "/provider-metadata\\.json$" "pattern": "/provider-metadata\\.json$",
"title": "Provider URL type",
"type": "string"
}, },
"url_t": { "url_t": {
"title": "Generic URL type",
"description": "Contains a URL.", "description": "Contains a URL.",
"type": "string", "format": "uri",
"format": "uri" "title": "Generic URL type",
"type": "string"
}
},
"$id": "https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json",
"$schema": "https://json-schema.org/draft/2020-12/schema",
"additionalProperties": false,
"description": "Representation of metadata information of a CSAF provider as a JSON document.",
"properties": {
"canonical_url": {
"$ref": "#/$defs/provider_url_t",
"description": "Contains the URL for this document.",
"title": "Canonical URL"
},
"distributions": {
"description": "Contains a list of used distribution mechanisms.",
"items": {
"additionalProperties": false,
"description": "Contains the information of a used distribution mechanism.",
"minProperties": 1,
"properties": {
"directory_url": {
"$ref": "#/$defs/url_t",
"description": "Contains the base url for the directory distribution.",
"title": "Directory URL"
},
"rolie": {
"additionalProperties": false,
"description": "Contains all information for ROLIE distribution.",
"properties": {
"categories": {
"description": "Contains a list of URLs which contain ROLIE category documents.",
"items": {
"$ref": "#/$defs/json_url_t",
"description": "Contains a URL of a ROLIE category document.",
"title": "ROLIE category document URL"
},
"minItems": 1,
"title": "List of ROLIE category document URLs",
"type": "array",
"uniqueItems": true
},
"feeds": {
"description": "Contains a list of information about ROLIE feeds.",
"items": {
"additionalProperties": false,
"description": "Contains information about the ROLIE feed.",
"properties": {
"summary": {
"description": "Contains a summary of the feed.",
"examples": [
"All TLP:WHITE advisories of Example Company."
],
"title": "Summary of the feed",
"type": "string"
},
"tlp_label": {
"description": "Provides the TLP label for the feed.",
"enum": [
"UNLABELED",
"WHITE",
"GREEN",
"AMBER",
"RED"
],
"title": "TLP label",
"type": "string"
},
"url": {
"$ref": "#/$defs/json_url_t",
"description": "Contains the URL of the feed.",
"title": "URL of the feed"
}
},
"required": [
"tlp_label",
"url"
],
"title": "ROLIE feed",
"type": "object"
},
"minItems": 1,
"title": "List of ROLIE feeds",
"type": "array",
"uniqueItems": true
},
"services": {
"description": "Contains a list of URLs which contain ROLIE service documents.",
"items": {
"$ref": "#/$defs/json_url_t",
"description": "Contains a URL of a ROLIE service document.",
"title": "ROLIE service document URL"
},
"minItems": 1,
"title": "List of ROLIE service document URLs",
"type": "array",
"uniqueItems": true
}
},
"required": [
"feeds"
],
"title": "ROLIE",
"type": "object"
}
},
"title": "Distribution",
"type": "object"
},
"minItems": 1,
"title": "List of Distribution",
"type": "array",
"uniqueItems": true
},
"last_updated": {
"description": "Holds the date and time when the document was last updated.",
"format": "date-time",
"title": "Last updated",
"type": "string"
},
"list_on_CSAF_aggregators": {
"default": true,
"description": "Decides whether this file should be linked in the list of a CSAF aggregator.",
"title": "List on CSAF aggregators",
"type": "boolean"
},
"metadata_version": {
"description": "Gives the version of the CSAF provider metadata specification which the document was generated for.",
"enum": [
"2.0"
],
"title": "CSAF provider metadata version",
"type": "string"
},
"mirror_on_CSAF_aggregators": {
"default": true,
"description": "Decides whether the CSAF documents can be mirrored and provided by a CSAF aggregator.",
"title": "Mirror on CSAF aggregators",
"type": "boolean"
},
"public_openpgp_keys": {
"description": "Contains a list of OpenPGP keys used to sign CSAF documents.",
"items": {
"additionalProperties": false,
"description": "Contains all information about an OpenPGP key used to sign CSAF documents.",
"properties": {
"fingerprint": {
"description": "Contains the fingerprint of the OpenPGP key.",
"minLength": 40,
"pattern": "^[0-9a-fA-F]{40,}$",
"title": "Fingerprint of the key",
"type": "string"
},
"url": {
"$ref": "#/$defs/url_t",
"description": "Contains the URL where the key can be retrieved.",
"title": "URL of the key"
}
},
"required": [
"url"
],
"title": "PGP keys",
"type": "object"
},
"title": "List of public OpenPGP keys",
"type": "array"
},
"publisher": {
"$ref": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json#/properties/document/properties/publisher",
"description": "Provides information about the publisher of the CSAF documents in this repository.",
"title": "Publisher"
},
"role": {
"default": "csaf_provider",
"description": "Contains the role of the issuing party according to section 7 in the CSAF standard.",
"enum": [
"csaf_publisher",
"csaf_provider",
"csaf_trusted_provider"
],
"title": "Role of the issuing party",
"type": "string"
} }
}, },
"required": [ "required": [
@ -35,177 +211,6 @@
"publisher", "publisher",
"role" "role"
], ],
"properties": { "title": "CSAF provider metadata",
"canonical_url": { "type": "object"
"title": "Canonical URL",
"description": "Contains the URL for this document.",
"$ref": "#/$defs/provider_url_t"
},
"distributions": {
"title": "List of Distribution",
"description": "Contains a list of used distribution mechanisms.",
"type": "array",
"minItems": 1,
"uniqueItems": true,
"items": {
"title": "Distribution",
"description": "Contains the information of a used distribution mechanism.",
"type": "object",
"minProperties": 1,
"properties": {
"directory_url": {
"title": "Directory URL",
"description": "Contains the base url for the directory distribution.",
"$ref": "#/$defs/url_t"
},
"rolie": {
"title": "ROLIE",
"description": "Contains all information for ROLIE distribution.",
"type": "object",
"required": [
"feeds"
],
"properties": {
"categories": {
"title": "List of ROLIE category document URLs",
"description": "Contains a list of URLs which contain ROLIE category documents.",
"type": "array",
"minItems": 1,
"uniqueItems": true,
"items": {
"title": "ROLIE category document URL",
"description": "Contains a URL of a ROLIE category document.",
"$ref": "#/$defs/json_url_t"
}
},
"feeds": {
"title": "List of ROLIE feeds",
"description": "Contains a list of information about ROLIE feeds.",
"type": "array",
"minItems": 1,
"uniqueItems": true,
"items": {
"title": "ROLIE feed",
"description": "Contains information about the ROLIE feed.",
"type": "object",
"required": [
"tlp_label",
"url"
],
"properties": {
"summary": {
"title": "Summary of the feed",
"description": "Contains a summary of the feed.",
"type": "string",
"examples": [
"All TLP:WHITE advisories of Example Company."
]
},
"tlp_label": {
"title": "TLP label",
"description": "Provides the TLP label for the feed.",
"type": "string",
"enum": [
"UNLABELED",
"WHITE",
"GREEN",
"AMBER",
"RED"
]
},
"url": {
"title": "URL of the feed",
"description": "Contains the URL of the feed.",
"$ref": "#/$defs/json_url_t"
}
}
}
},
"services": {
"title": "List of ROLIE service document URLs",
"description": "Contains a list of URLs which contain ROLIE service documents.",
"type": "array",
"minItems": 1,
"uniqueItems": true,
"items": {
"title": "ROLIE service document URL",
"description": "Contains a URL of a ROLIE service document.",
"$ref": "#/$defs/json_url_t"
}
}
}
}
}
}
},
"last_updated": {
"title": "Last updated",
"description": "Holds the date and time when the document was last updated.",
"type": "string",
"format": "date-time"
},
"list_on_CSAF_aggregators": {
"title": "List on CSAF aggregators",
"description": "Decides whether this file should be linked in the list of a CSAF aggregator.",
"type": "boolean",
"default": true
},
"metadata_version": {
"title": "CSAF provider metadata version",
"description": "Gives the version of the CSAF provider metadata specification which the document was generated for.",
"type": "string",
"enum": [
"2.0"
]
},
"mirror_on_CSAF_aggregators": {
"title": "Mirror on CSAF aggregators",
"description": "Decides whether the CSAF documents can be mirrored and provided by a CSAF aggregator.",
"type": "boolean",
"default": true
},
"pgp_keys": {
"title": "List of PGP keys",
"description": "Contains a list of pgp keys used to sign CSAF documents.",
"type": "array",
"items": {
"title": "PGP keys",
"description": "Contains all information about a pgp keys used to sign CSAF documents.",
"type": "object",
"required": [
"url"
],
"properties": {
"fingerprint": {
"title": "Fingerprint of the key",
"description": "Contains the fingerprint of the pgp key.",
"type": "string",
"minLength": 40,
"pattern": "^[0-9a-fA-F]{40,}$"
},
"url": {
"title": "URL of the key",
"description": "Contains the URL where the key can be retrieved.",
"$ref": "#/$defs/url_t"
}
}
}
},
"publisher": {
"title": "Publisher",
"description": "Provides information about the publisher of the CSAF documents in this repository.",
"$ref": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json#/properties/document/properties/publisher"
},
"role": {
"title": "Role of the issuing party",
"description": "Contains the role of the issuing party according to section 7 in the CSAF standard.",
"type": "string",
"default": "csaf_provider",
"enum": [
"csaf_publisher",
"csaf_provider",
"csaf_trusted_provider"
]
}
}
} }