mirror of
https://github.com/gocsaf/csaf.git
synced 2025-12-22 18:15:42 +01:00
Use github.com/santhosh-tekuri/jsonschema for JSON schema validation.
This commit is contained in:
Sascha L. Teichmann
parent
a96597206e
commit
3420ceb415
3 changed files with 53 additions and 50 deletions
|
|
@ -1,20 +1,17 @@
|
||||||
package csaf
|
package csaf
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"bytes"
|
||||||
_ "embed"
|
_ "embed"
|
||||||
"encoding/json"
|
|
||||||
"log"
|
|
||||||
"net/url"
|
|
||||||
"sort"
|
"sort"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
"github.com/qri-io/jsonschema"
|
"github.com/santhosh-tekuri/jsonschema/v5"
|
||||||
)
|
)
|
||||||
|
|
||||||
//go:embed schema/csaf_json_schema.json
|
//go:embed schema/csaf_json_schema.json
|
||||||
var schema []byte
|
var csafSchema []byte
|
||||||
|
|
||||||
//go:embed schema/cvss-v2.0.json
|
//go:embed schema/cvss-v2.0.json
|
||||||
var cvss20 []byte
|
var cvss20 []byte
|
||||||
|
|
@ -25,53 +22,62 @@ var cvss30 []byte
|
||||||
//go:embed schema/cvss-v3.1.json
|
//go:embed schema/cvss-v3.1.json
|
||||||
var cvss31 []byte
|
var cvss31 []byte
|
||||||
|
|
||||||
func embedLoader(ctx context.Context, uri *url.URL, schema *jsonschema.Schema) error {
|
var (
|
||||||
|
compileSchemaOnce sync.Once
|
||||||
|
compileError error
|
||||||
|
compiledSchema *jsonschema.Schema
|
||||||
|
)
|
||||||
|
|
||||||
var data []byte
|
func compileSchema() {
|
||||||
switch u := uri.String(); u {
|
c := jsonschema.NewCompiler()
|
||||||
case "https://www.first.org/cvss/cvss-v2.0.json":
|
|
||||||
data = cvss20
|
for _, s := range []struct {
|
||||||
case "https://www.first.org/cvss/cvss-v3.0.json":
|
url string
|
||||||
data = cvss30
|
data []byte
|
||||||
case "https://www.first.org/cvss/cvss-v3.1.json":
|
}{
|
||||||
data = cvss31
|
{"https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", csafSchema},
|
||||||
default:
|
{"https://www.first.org/cvss/cvss-v2.0.json", cvss20},
|
||||||
log.Printf("escaped schema loader: %s\n", u)
|
{"https://www.first.org/cvss/cvss-v3.0.json", cvss30},
|
||||||
return jsonschema.HTTPSchemaLoader(ctx, uri, schema)
|
{"https://www.first.org/cvss/cvss-v3.1.json", cvss31},
|
||||||
|
} {
|
||||||
|
if compileError = c.AddResource(s.url, bytes.NewReader(s.data)); compileError != nil {
|
||||||
|
return
|
||||||
}
|
}
|
||||||
if schema == nil {
|
|
||||||
schema = &jsonschema.Schema{}
|
|
||||||
}
|
|
||||||
return json.Unmarshal(data, schema)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var registerEmbedLoaderOnce sync.Once
|
compiledSchema, compileError = c.Compile(
|
||||||
|
"https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json")
|
||||||
func registerEmbedLoader() {
|
|
||||||
// Hook into schema loading.
|
|
||||||
slr := jsonschema.GetSchemaLoaderRegistry()
|
|
||||||
slr.Register("https", embedLoader)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateCSAF validates the document data against the JSON schema
|
// ValidateCSAF validates the document data against the JSON schema
|
||||||
// of CSAF.
|
// of CSAF.
|
||||||
func ValidateCSAF(doc interface{}) ([]string, error) {
|
func ValidateCSAF(doc interface{}) ([]string, error) {
|
||||||
|
|
||||||
registerEmbedLoaderOnce.Do(registerEmbedLoader)
|
compileSchemaOnce.Do(compileSchema)
|
||||||
|
if compileError != nil {
|
||||||
|
return nil, compileError
|
||||||
|
}
|
||||||
|
|
||||||
ctx := context.Background()
|
err := compiledSchema.Validate(doc)
|
||||||
|
if err == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
rs := &jsonschema.Schema{}
|
valErr, ok := err.(*jsonschema.ValidationError)
|
||||||
if err := json.Unmarshal(schema, rs); err != nil {
|
if !ok {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
vs := rs.Validate(ctx, doc)
|
basic := valErr.BasicOutput()
|
||||||
errs := *vs.Errs
|
if basic.Valid {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
errs := basic.Errors
|
||||||
|
|
||||||
sort.Slice(errs, func(i, j int) bool {
|
sort.Slice(errs, func(i, j int) bool {
|
||||||
pi := errs[i].PropertyPath
|
pi := errs[i].InstanceLocation
|
||||||
pj := errs[j].PropertyPath
|
pj := errs[j].InstanceLocation
|
||||||
if strings.HasPrefix(pj, pi) {
|
if strings.HasPrefix(pj, pi) {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
@ -81,12 +87,15 @@ func ValidateCSAF(doc interface{}) ([]string, error) {
|
||||||
if pi != pj {
|
if pi != pj {
|
||||||
return pi < pj
|
return pi < pj
|
||||||
}
|
}
|
||||||
return errs[i].Message < errs[j].Message
|
return errs[i].Error < errs[j].Error
|
||||||
})
|
})
|
||||||
|
|
||||||
res := make([]string, len(errs))
|
res := make([]string, 0, len(errs))
|
||||||
for i, e := range errs {
|
|
||||||
res[i] = e.PropertyPath + ": " + e.Message
|
for i := range errs {
|
||||||
|
if e := &errs[i]; e.InstanceLocation != "" && e.Error != "" {
|
||||||
|
res = append(res, e.InstanceLocation+": "+e.Error)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return res, nil
|
return res, nil
|
||||||
|
|
|
||||||
3
go.mod
3
go.mod
|
|
@ -7,7 +7,7 @@ require (
|
||||||
github.com/PaesslerAG/gval v1.1.2
|
github.com/PaesslerAG/gval v1.1.2
|
||||||
github.com/PaesslerAG/jsonpath v0.1.1
|
github.com/PaesslerAG/jsonpath v0.1.1
|
||||||
github.com/ProtonMail/gopenpgp/v2 v2.3.0
|
github.com/ProtonMail/gopenpgp/v2 v2.3.0
|
||||||
github.com/qri-io/jsonschema v0.2.2-0.20210831022256-780655b2ba0e
|
github.com/santhosh-tekuri/jsonschema/v5 v5.0.0
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
|
|
@ -15,7 +15,6 @@ require (
|
||||||
github.com/ProtonMail/go-mime v0.0.0-20190923161245-9b5a4261663a // indirect
|
github.com/ProtonMail/go-mime v0.0.0-20190923161245-9b5a4261663a // indirect
|
||||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1 // indirect
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1 // indirect
|
||||||
github.com/pkg/errors v0.9.1 // indirect
|
github.com/pkg/errors v0.9.1 // indirect
|
||||||
github.com/qri-io/jsonpointer v0.1.1 // indirect
|
|
||||||
github.com/sirupsen/logrus v1.4.2 // indirect
|
github.com/sirupsen/logrus v1.4.2 // indirect
|
||||||
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 // indirect
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 // indirect
|
||||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 // indirect
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 // indirect
|
||||||
|
|
|
||||||
9
go.sum
9
go.sum
|
|
@ -22,18 +22,13 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/qri-io/jsonpointer v0.1.1 h1:prVZBZLL6TW5vsSB9fFHFAMBLI4b0ri5vribQlTJiBA=
|
github.com/santhosh-tekuri/jsonschema/v5 v5.0.0 h1:TToq11gyfNlrMFZiYujSekIsPd9AmsA2Bj/iv+s4JHE=
|
||||||
github.com/qri-io/jsonpointer v0.1.1/go.mod h1:DnJPaYgiKu56EuDp8TU5wFLdZIcAnb/uH9v37ZaMV64=
|
github.com/santhosh-tekuri/jsonschema/v5 v5.0.0/go.mod h1:FKdcjfQW6rpZSnxxUvEA5H/cDPdvJ/SZJQLWWXWGrZ0=
|
||||||
github.com/qri-io/jsonschema v0.2.2-0.20210831022256-780655b2ba0e h1:gqHzseevuZPr3oOLES1nrPO3exQfeTKUiPcJub5axVs=
|
|
||||||
github.com/qri-io/jsonschema v0.2.2-0.20210831022256-780655b2ba0e/go.mod h1:g7DPkiOsK1xv6T/Ao5scXRkd+yTFygcANPBaaqW+VrI=
|
|
||||||
github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ=
|
|
||||||
github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
|
|
||||||
github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
|
github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
|
||||||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
|
||||||
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
|
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
|
||||||
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue