From 3ba29f94de3eebc379adc021f40fd5cd0587b57d Mon Sep 17 00:00:00 2001 From: koplas Date: Mon, 16 Sep 2024 14:11:14 +0200 Subject: [PATCH] Add initial directory feed testdata --- .../simple-directory-feed/openpgp/privkey.asc | 15 ++ .../simple-directory-feed/openpgp/pubkey.asc | 13 ++ .../provider-metadata.json | 25 +++ testdata/simple-directory-feed/security.txt | 2 + .../white/avendor-advisory-0004.json | 170 ++++++++++++++++++ .../white/avendor-advisory-0004.json.asc | 7 + .../white/avendor-advisory-0004.json.sha256 | 1 + .../white/avendor-advisory-0004.json.sha512 | 1 + .../simple-directory-feed/white/changes.csv | 1 + .../simple-directory-feed/white/index.html | 6 + .../simple-directory-feed/white/index.txt | 1 + 11 files changed, 242 insertions(+) create mode 100644 testdata/simple-directory-feed/openpgp/privkey.asc create mode 100644 testdata/simple-directory-feed/openpgp/pubkey.asc create mode 100644 testdata/simple-directory-feed/provider-metadata.json create mode 100644 testdata/simple-directory-feed/security.txt create mode 100644 testdata/simple-directory-feed/white/avendor-advisory-0004.json create mode 100644 testdata/simple-directory-feed/white/avendor-advisory-0004.json.asc create mode 100644 testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha256 create mode 100644 testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha512 create mode 100644 testdata/simple-directory-feed/white/changes.csv create mode 100644 testdata/simple-directory-feed/white/index.html create mode 100644 testdata/simple-directory-feed/white/index.txt diff --git a/testdata/simple-directory-feed/openpgp/privkey.asc b/testdata/simple-directory-feed/openpgp/privkey.asc new file mode 100644 index 0000000..816f309 --- /dev/null +++ b/testdata/simple-directory-feed/openpgp/privkey.asc @@ -0,0 +1,15 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lFgEZtsQNxYJKwYBBAHaRw8BAQdASr3y4zW+4XGqUlvRJ7stRCUHv8HB4ZoMoTtU +KLgnHr4AAQD5G5xy/yTN5b+lvV5Ahrbz1qOZ/wmKTieGOH9GZb6JwhHwtBRzZWN1 +cml0eUBleGFtcGxlLmNvbYiZBBMWCgBBFiEEqJFMovEROcammgAY+zzZsV3mFZYF +AmbbEDcCGwMFCQWjmoAFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQ+zzZ +sV3mFZZskQEAg5Dttqm6TA7MtLxz7VSlklx95LQr9d5jm4jcOaqlGT0A/1mAAlUq +SDySFGI6DFQLcaZaUd9Yl+1b0Icr0tUiOaQHnF0EZtsQNxIKKwYBBAGXVQEFAQEH +QOTHP4FkopIGJMWXTYsaeQ1Dugd+yNYWB357vRYq6QsiAwEIBwAA/0RIazq1s8Oe +23jvNaZGb/adDYnRrkCMXXTBKsuA6WOAEhKIeAQYFgoAIBYhBKiRTKLxETnGppoA +GPs82bFd5hWWBQJm2xA3AhsMAAoJEPs82bFd5hWWDKABAOl+NoM6FBhKAvckUXDR +MLZ4k778N4Vy9VHbectjRKj1AQCO3JOmON+U6/mjohXrc2bwzKzt2yGiLP2HMxDx +uzMXBQ== +=4XHC +-----END PGP PRIVATE KEY BLOCK----- diff --git a/testdata/simple-directory-feed/openpgp/pubkey.asc b/testdata/simple-directory-feed/openpgp/pubkey.asc new file mode 100644 index 0000000..88cb720 --- /dev/null +++ b/testdata/simple-directory-feed/openpgp/pubkey.asc @@ -0,0 +1,13 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEZtsQNxYJKwYBBAHaRw8BAQdASr3y4zW+4XGqUlvRJ7stRCUHv8HB4ZoMoTtU +KLgnHr60FHNlY3VyaXR5QGV4YW1wbGUuY29tiJkEExYKAEEWIQSokUyi8RE5xqaa +ABj7PNmxXeYVlgUCZtsQNwIbAwUJBaOagAULCQgHAgIiAgYVCgkICwIEFgIDAQIe +BwIXgAAKCRD7PNmxXeYVlmyRAQCDkO22qbpMDsy0vHPtVKWSXH3ktCv13mObiNw5 +qqUZPQD/WYACVSpIPJIUYjoMVAtxplpR31iX7VvQhyvS1SI5pAe4OARm2xA3Egor +BgEEAZdVAQUBAQdA5Mc/gWSikgYkxZdNixp5DUO6B37I1hYHfnu9FirpCyIDAQgH +iHgEGBYKACAWIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZtsQNwIbDAAKCRD7PNmx +XeYVlgygAQDpfjaDOhQYSgL3JFFw0TC2eJO+/DeFcvVR23nLY0So9QEAjtyTpjjf +lOv5o6IV63Nm8Mys7dshoiz9hzMQ8bszFwU= +=rhGT +-----END PGP PUBLIC KEY BLOCK----- diff --git a/testdata/simple-directory-feed/provider-metadata.json b/testdata/simple-directory-feed/provider-metadata.json new file mode 100644 index 0000000..9541505 --- /dev/null +++ b/testdata/simple-directory-feed/provider-metadata.json @@ -0,0 +1,25 @@ +{ + "canonical_url": "/provider-metadata.json", + "distributions": [ + { + "directory_url": "/white/" + } + ], + "last_updated": "2020-00-00T00:00:00Z", + "list_on_CSAF_aggregators": true, + "metadata_version": "2.0", + "mirror_on_CSAF_aggregators": true, + "public_openpgp_keys": [ + { + "fingerprint": "A8914CA2F11139C6A69A0018FB3CD9B15DE61596", + "url": "/openpgp/pubkey.asc" + } + ], + "publisher": { + "category": "vendor", + "name": "ACME Inc", + "namespace": "https://example.com", + "contact_details": "mailto:security@example.com" + }, + "role": "csaf_trusted_provider" +} diff --git a/testdata/simple-directory-feed/security.txt b/testdata/simple-directory-feed/security.txt new file mode 100644 index 0000000..0ae943d --- /dev/null +++ b/testdata/simple-directory-feed/security.txt @@ -0,0 +1,2 @@ +CSAF: /provider-metadata.json + diff --git a/testdata/simple-directory-feed/white/avendor-advisory-0004.json b/testdata/simple-directory-feed/white/avendor-advisory-0004.json new file mode 100644 index 0000000..5149f35 --- /dev/null +++ b/testdata/simple-directory-feed/white/avendor-advisory-0004.json @@ -0,0 +1,170 @@ +{ + "document": { + "category": "csaf_vex", + "csaf_version": "2.0", + "distribution": { + "tlp": { + "label": "WHITE", + "url": "https://www.first.org/tlp/v1/" + } + }, + "notes": [ + { + "category": "summary", + "title": "Test document summary", + "text": "Auto generated test CSAF document" + } + ], + "publisher": { + "category": "vendor", + "name": "ACME Inc.", + "namespace": "https://www.example.com" + }, + "title": "Test CSAF document", + "tracking": { + "current_release_date": "2020-00-00T00:00:00Z", + "generator": { + "date": "2020-00-00T00:00:00Z", + "engine": { + "name": "csaf-tool", + "version": "0.3.2" + } + }, + "id": "Avendor-advisory-0004", + "initial_release_date": "2020-00-00T00:00:00Z", + "revision_history": [ + { + "date": "2020-00-00T00:00:00Z", + "number": "1", + "summary": "Initial version" + } + ], + "status": "final", + "version": "1" + } + }, + "product_tree": { + "branches": [ + { + "category": "vendor", + "name": "AVendor", + "branches": [ + { + "category": "product_name", + "name": "product_1", + "branches": [ + { + "category": "product_version", + "name": "1.1", + "product": { + "name": "AVendor product_1 1.1", + "product_id": "CSAFPID_0001" + } + }, + { + "category": "product_version", + "name": "1.2", + "product": { + "name": "AVendor product_1 1.2", + "product_id": "CSAFPID_0002" + } + }, + { + "category": "product_version", + "name": "2.0", + "product": { + "name": "AVendor product_1 2.0", + "product_id": "CSAFPID_0003" + } + } + ] + } + ] + }, + { + "category": "vendor", + "name": "AVendor1", + "branches": [ + { + "category": "product_name", + "name": "product_2", + "branches": [ + { + "category": "product_version", + "name": "1", + "product": { + "name": "AVendor1 product_2 1", + "product_id": "CSAFPID_0004" + } + } + ] + } + ] + }, + { + "category": "vendor", + "name": "AVendor", + "branches": [ + { + "category": "product_name", + "name": "product_3", + "branches": [ + { + "category": "product_version", + "name": "2022H2", + "product": { + "name": "AVendor product_3 2022H2", + "product_id": "CSAFPID_0005" + } + } + ] + } + ] + } + ] + }, + "vulnerabilities": [ + { + "cve": "CVE-2020-1234", + "notes": [ + { + "category": "description", + "title": "CVE description", + "text": "https://nvd.nist.gov/vuln/detail/CVE-2020-1234" + } + ], + "product_status": { + "under_investigation": ["CSAFPID_0001"] + }, + "threats": [ + { + "category": "impact", + "details": "Customers should upgrade to the latest version of the product", + "date": "2020-00-00T00:00:00Z", + "product_ids": ["CSAFPID_0001"] + } + ] + }, + { + "cve": "CVE-2020-9876", + "notes": [ + { + "category": "description", + "title": "CVE description", + "text": "https://nvd.nist.gov/vuln/detail/CVE-2020-9876" + } + ], + "product_status": { + "under_investigation": ["CSAFPID_0001"] + }, + "threats": [ + { + "category": "impact", + "details": "Still under investigation", + "date": "2020-00-00T00:00:00Z", + "product_ids": ["CSAFPID_0001"] + } + ] + } + ] +} diff --git a/testdata/simple-directory-feed/white/avendor-advisory-0004.json.asc b/testdata/simple-directory-feed/white/avendor-advisory-0004.json.asc new file mode 100644 index 0000000..c36be12 --- /dev/null +++ b/testdata/simple-directory-feed/white/avendor-advisory-0004.json.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- + +iHUEABYKAB0WIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZuftaAAKCRD7PNmxXeYV +lh/FAP90NaBzCYu9JpIuqvG8MZegVLpc85P6AeeMPU5W6dRHJwD/eQzrfy0TzAZ2 +q6xmpih4scq9j8frOjoH40w3rAByoQc= +=EhZh +-----END PGP SIGNATURE----- diff --git a/testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha256 b/testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha256 new file mode 100644 index 0000000..7547b85 --- /dev/null +++ b/testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha256 @@ -0,0 +1 @@ +ab1995c322f4b7905b79d78646fd8774900e27ac0b00128e892cd84cee1f17e2 avendor-advisory-0004.json diff --git a/testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha512 b/testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha512 new file mode 100644 index 0000000..b34356e --- /dev/null +++ b/testdata/simple-directory-feed/white/avendor-advisory-0004.json.sha512 @@ -0,0 +1 @@ +8a7dd7d1247f510a59c26bf6f973ff4c3a8d37c5a69fd361aa7cc7cf06a38a8ef096e4f2f09b75269ad2b1cc99179381a63c7c731e5e492a9647ba0452255b37 avendor-advisory-0004.json diff --git a/testdata/simple-directory-feed/white/changes.csv b/testdata/simple-directory-feed/white/changes.csv new file mode 100644 index 0000000..c0b7eb3 --- /dev/null +++ b/testdata/simple-directory-feed/white/changes.csv @@ -0,0 +1 @@ +"avendor-advisory-0004.json","2020-00-00T00:00:00+00:00" diff --git a/testdata/simple-directory-feed/white/index.html b/testdata/simple-directory-feed/white/index.html new file mode 100644 index 0000000..bcfabd9 --- /dev/null +++ b/testdata/simple-directory-feed/white/index.html @@ -0,0 +1,6 @@ + + + + avendor-advisory-0004 + + diff --git a/testdata/simple-directory-feed/white/index.txt b/testdata/simple-directory-feed/white/index.txt new file mode 100644 index 0000000..d19d30f --- /dev/null +++ b/testdata/simple-directory-feed/white/index.txt @@ -0,0 +1 @@ +avendor-advisory-0004.json