Add initial directory feed testdata

testdata/simple-directory-feed/openpgp/privkey.asc

@@ -0,0 +1,15 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lFgEZtsQNxYJKwYBBAHaRw8BAQdASr3y4zW+4XGqUlvRJ7stRCUHv8HB4ZoMoTtU
+KLgnHr4AAQD5G5xy/yTN5b+lvV5Ahrbz1qOZ/wmKTieGOH9GZb6JwhHwtBRzZWN1
+cml0eUBleGFtcGxlLmNvbYiZBBMWCgBBFiEEqJFMovEROcammgAY+zzZsV3mFZYF
+AmbbEDcCGwMFCQWjmoAFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQ+zzZ
+sV3mFZZskQEAg5Dttqm6TA7MtLxz7VSlklx95LQr9d5jm4jcOaqlGT0A/1mAAlUq
+SDySFGI6DFQLcaZaUd9Yl+1b0Icr0tUiOaQHnF0EZtsQNxIKKwYBBAGXVQEFAQEH
+QOTHP4FkopIGJMWXTYsaeQ1Dugd+yNYWB357vRYq6QsiAwEIBwAA/0RIazq1s8Oe
+23jvNaZGb/adDYnRrkCMXXTBKsuA6WOAEhKIeAQYFgoAIBYhBKiRTKLxETnGppoA
+GPs82bFd5hWWBQJm2xA3AhsMAAoJEPs82bFd5hWWDKABAOl+NoM6FBhKAvckUXDR
+MLZ4k778N4Vy9VHbectjRKj1AQCO3JOmON+U6/mjohXrc2bwzKzt2yGiLP2HMxDx
+uzMXBQ==
+=4XHC
+-----END PGP PRIVATE KEY BLOCK-----

testdata/simple-directory-feed/openpgp/pubkey.asc

@@ -0,0 +1,13 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEZtsQNxYJKwYBBAHaRw8BAQdASr3y4zW+4XGqUlvRJ7stRCUHv8HB4ZoMoTtU
+KLgnHr60FHNlY3VyaXR5QGV4YW1wbGUuY29tiJkEExYKAEEWIQSokUyi8RE5xqaa
+ABj7PNmxXeYVlgUCZtsQNwIbAwUJBaOagAULCQgHAgIiAgYVCgkICwIEFgIDAQIe
+BwIXgAAKCRD7PNmxXeYVlmyRAQCDkO22qbpMDsy0vHPtVKWSXH3ktCv13mObiNw5
+qqUZPQD/WYACVSpIPJIUYjoMVAtxplpR31iX7VvQhyvS1SI5pAe4OARm2xA3Egor
+BgEEAZdVAQUBAQdA5Mc/gWSikgYkxZdNixp5DUO6B37I1hYHfnu9FirpCyIDAQgH
+iHgEGBYKACAWIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZtsQNwIbDAAKCRD7PNmx
+XeYVlgygAQDpfjaDOhQYSgL3JFFw0TC2eJO+/DeFcvVR23nLY0So9QEAjtyTpjjf
+lOv5o6IV63Nm8Mys7dshoiz9hzMQ8bszFwU=
+=rhGT
+-----END PGP PUBLIC KEY BLOCK-----

testdata/simple-directory-feed/provider-metadata.json

@@ -0,0 +1,25 @@
+{
+  "canonical_url": "/provider-metadata.json",
+  "distributions": [
+    {
+      "directory_url": "/white/"
+    }
+  ],
+  "last_updated": "2020-00-00T00:00:00Z",
+  "list_on_CSAF_aggregators": true,
+  "metadata_version": "2.0",
+  "mirror_on_CSAF_aggregators": true,
+  "public_openpgp_keys": [
+    {
+      "fingerprint": "A8914CA2F11139C6A69A0018FB3CD9B15DE61596",
+      "url": "/openpgp/pubkey.asc"
+    }
+  ],
+  "publisher": {
+    "category": "vendor",
+    "name": "ACME Inc",
+    "namespace": "https://example.com",
+    "contact_details": "mailto:security@example.com"
+  },
+  "role": "csaf_trusted_provider"
+}

testdata/simple-directory-feed/security.txt

@@ -0,0 +1,2 @@
+CSAF: /provider-metadata.json
+

testdata/simple-directory-feed/white/avendor-advisory-0004.json

@@ -0,0 +1,170 @@
+{
+  "document": {
+    "category": "csaf_vex",
+    "csaf_version": "2.0",
+    "distribution": {
+      "tlp": {
+        "label": "WHITE",
+        "url": "https://www.first.org/tlp/v1/"
+      }
+    },
+    "notes": [
+      {
+        "category": "summary",
+        "title": "Test document summary",
+        "text": "Auto generated test CSAF document"
+      }
+    ],
+    "publisher": {
+      "category": "vendor",
+      "name": "ACME Inc.",
+      "namespace": "https://www.example.com"
+    },
+    "title": "Test CSAF document",
+    "tracking": {
+      "current_release_date": "2020-00-00T00:00:00Z",
+      "generator": {
+        "date": "2020-00-00T00:00:00Z",
+        "engine": {
+          "name": "csaf-tool",
+          "version": "0.3.2"
+        }
+      },
+      "id": "Avendor-advisory-0004",
+      "initial_release_date": "2020-00-00T00:00:00Z",
+      "revision_history": [
+        {
+          "date": "2020-00-00T00:00:00Z",
+          "number": "1",
+          "summary": "Initial version"
+        }
+      ],
+      "status": "final",
+      "version": "1"
+    }
+  },
+  "product_tree": {
+    "branches": [
+      {
+        "category": "vendor",
+        "name": "AVendor",
+        "branches": [
+          {
+            "category": "product_name",
+            "name": "product_1",
+            "branches": [
+              {
+                "category": "product_version",
+                "name": "1.1",
+                "product": {
+                  "name": "AVendor product_1 1.1",
+                  "product_id": "CSAFPID_0001"
+                }
+              },
+              {
+                "category": "product_version",
+                "name": "1.2",
+                "product": {
+                  "name": "AVendor product_1 1.2",
+                  "product_id": "CSAFPID_0002"
+                }
+              },
+              {
+                "category": "product_version",
+                "name": "2.0",
+                "product": {
+                  "name": "AVendor product_1 2.0",
+                  "product_id": "CSAFPID_0003"
+                }
+              }
+            ]
+          }
+        ]
+      },
+      {
+        "category": "vendor",
+        "name": "AVendor1",
+        "branches": [
+          {
+            "category": "product_name",
+            "name": "product_2",
+            "branches": [
+              {
+                "category": "product_version",
+                "name": "1",
+                "product": {
+                  "name": "AVendor1 product_2 1",
+                  "product_id": "CSAFPID_0004"
+                }
+              }
+            ]
+          }
+        ]
+      },
+      {
+        "category": "vendor",
+        "name": "AVendor",
+        "branches": [
+          {
+            "category": "product_name",
+            "name": "product_3",
+            "branches": [
+              {
+                "category": "product_version",
+                "name": "2022H2",
+                "product": {
+                  "name": "AVendor product_3 2022H2",
+                  "product_id": "CSAFPID_0005"
+                }
+              }
+            ]
+          }
+        ]
+      }
+    ]
+  },
+  "vulnerabilities": [
+    {
+      "cve": "CVE-2020-1234",
+      "notes": [
+        {
+          "category": "description",
+          "title": "CVE description",
+          "text": "https://nvd.nist.gov/vuln/detail/CVE-2020-1234"
+        }
+      ],
+      "product_status": {
+        "under_investigation": ["CSAFPID_0001"]
+      },
+      "threats": [
+        {
+          "category": "impact",
+          "details": "Customers should upgrade to the latest version of the product",
+          "date": "2020-00-00T00:00:00Z",
+          "product_ids": ["CSAFPID_0001"]
+        }
+      ]
+    },
+    {
+      "cve": "CVE-2020-9876",
+      "notes": [
+        {
+          "category": "description",
+          "title": "CVE description",
+          "text": "https://nvd.nist.gov/vuln/detail/CVE-2020-9876"
+        }
+      ],
+      "product_status": {
+        "under_investigation": ["CSAFPID_0001"]
+      },
+      "threats": [
+        {
+          "category": "impact",
+          "details": "Still under investigation",
+          "date": "2020-00-00T00:00:00Z",
+          "product_ids": ["CSAFPID_0001"]
+        }
+      ]
+    }
+  ]
+}

testdata/simple-directory-feed/white/avendor-advisory-0004.json.asc

@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+
+iHUEABYKAB0WIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZuftaAAKCRD7PNmxXeYV
+lh/FAP90NaBzCYu9JpIuqvG8MZegVLpc85P6AeeMPU5W6dRHJwD/eQzrfy0TzAZ2
+q6xmpih4scq9j8frOjoH40w3rAByoQc=
+=EhZh
+-----END PGP SIGNATURE-----

testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha256

@@ -0,0 +1 @@
+ab1995c322f4b7905b79d78646fd8774900e27ac0b00128e892cd84cee1f17e2  avendor-advisory-0004.json

testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha512

@@ -0,0 +1 @@
+8a7dd7d1247f510a59c26bf6f973ff4c3a8d37c5a69fd361aa7cc7cf06a38a8ef096e4f2f09b75269ad2b1cc99179381a63c7c731e5e492a9647ba0452255b37  avendor-advisory-0004.json

testdata/simple-directory-feed/white/changes.csv

@@ -0,0 +1 @@
+"avendor-advisory-0004.json","2020-00-00T00:00:00+00:00"

testdata/simple-directory-feed/white/index.html

@@ -0,0 +1,6 @@
+<!doctype html>
+<html>
+  <body>
+    <a href="./avendor-advisory-0004.json">avendor-advisory-0004</a>
+  </body>
+</html>

testdata/simple-directory-feed/white/index.txt

@@ -0,0 +1 @@
+avendor-advisory-0004.json