From 589547fa946ef1d2d4f188db3dd92eeacc9b4054 Mon Sep 17 00:00:00 2001 From: "Sascha L. Teichmann" Date: Tue, 14 Jun 2022 09:50:36 +0200 Subject: [PATCH] Improve writing ROLIE feed documents * Add signature and two time has as link rel attributes to each rolie entry for provider and aggregator. Thus following CSAF 2.0 csd02. resolve #74 --- cmd/csaf_aggregator/indices.go | 10 ++++++---- cmd/csaf_aggregator/mirror.go | 2 +- cmd/csaf_checker/processor.go | 2 +- cmd/csaf_provider/actions.go | 10 ++++++---- csaf/rolie.go | 6 ++++-- 5 files changed, 18 insertions(+), 12 deletions(-) diff --git a/cmd/csaf_aggregator/indices.go b/cmd/csaf_aggregator/indices.go index 100b649..b7f4e2b 100644 --- a/cmd/csaf_aggregator/indices.go +++ b/cmd/csaf_aggregator/indices.go @@ -166,10 +166,12 @@ func (w *worker) writeROLIE(label string, summaries []summary) error { Titel: s.summary.Title, Published: csaf.TimeStamp(s.summary.InitialReleaseDate), Updated: csaf.TimeStamp(s.summary.CurrentReleaseDate), - Link: []csaf.Link{{ - Rel: "self", - HRef: csafURL, - }}, + Link: []csaf.Link{ + {Rel: "self", HRef: csafURL}, + {Rel: "hash", HRef: csafURL + ".sha256"}, + {Rel: "hash", HRef: csafURL + ".sha512"}, + {Rel: "signature", HRef: csafURL + ".asc"}, + }, Format: format, Content: csaf.Content{ Type: "application/json", diff --git a/cmd/csaf_aggregator/mirror.go b/cmd/csaf_aggregator/mirror.go index d051173..bc29e64 100644 --- a/cmd/csaf_aggregator/mirror.go +++ b/cmd/csaf_aggregator/mirror.go @@ -88,7 +88,7 @@ func (w *worker) handleROLIE( log.Printf("Loading ROLIE feed failed: %v.", err) continue } - files := resolveURLs(rfeed.Files(), feedBaseURL) + files := resolveURLs(rfeed.Files("self"), feedBaseURL) if err := process(feed.TLPLabel, files); err != nil { return err } diff --git a/cmd/csaf_checker/processor.go b/cmd/csaf_checker/processor.go index b4e972f..98cf5f7 100644 --- a/cmd/csaf_checker/processor.go +++ b/cmd/csaf_checker/processor.go @@ -545,7 +545,7 @@ func (p *processor) processROLIEFeed(feed string) error { } // Extract the CSAF files from feed. - files := rfeed.Files() + files := rfeed.Files("self") if err := p.integrity(files, base, rolieMask, p.badProviderMetadata.add); err != nil && err != errContinue { diff --git a/cmd/csaf_provider/actions.go b/cmd/csaf_provider/actions.go index 3f1cbfd..1ad193c 100644 --- a/cmd/csaf_provider/actions.go +++ b/cmd/csaf_provider/actions.go @@ -255,10 +255,12 @@ func (c *controller) upload(r *http.Request) (interface{}, error) { e.Titel = ex.Title e.Published = csaf.TimeStamp(ex.InitialReleaseDate) e.Updated = csaf.TimeStamp(ex.CurrentReleaseDate) - e.Link = []csaf.Link{{ - Rel: "self", - HRef: csafURL, - }} + e.Link = []csaf.Link{ + {Rel: "self", HRef: csafURL}, + {Rel: "hash", HRef: csafURL + ".sha256"}, + {Rel: "hash", HRef: csafURL + ".sha512"}, + {Rel: "signature", HRef: csafURL + ".asc"}, + } e.Format = csaf.Format{ Schema: "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json", Version: "2.0", diff --git a/csaf/rolie.go b/csaf/rolie.go index b7f1ec7..ac9c4c0 100644 --- a/csaf/rolie.go +++ b/csaf/rolie.go @@ -104,11 +104,13 @@ func (rf *ROLIEFeed) EntryByID(id string) *Entry { } // Files extracts the files from the feed. -func (rf *ROLIEFeed) Files() []string { +func (rf *ROLIEFeed) Files(filter string) []string { var files []string for _, f := range rf.Feed.Entry { for i := range f.Link { - files = append(files, f.Link[i].HRef) + if link := &f.Link[i]; link.Rel == filter { + files = append(files, link.HRef) + } } } return files