SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 18:15:42 +01:00
Code Issues Releases Activity Actions

Add reporters for missing requirements and their respective report functions

Browse source
This commit is contained in:
JanHoefelmeyer 2023-05-15 13:49:27 +02:00
parent bd7831d7c3
commit aeff511895
1 changed files with 70 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

70
cmd/csaf_checker/reporters.go
View file

@ -22,6 +22,8 @@ type (
validReporter struct{ baseReporter } validReporter struct{ baseReporter }
filenameReporter struct{ baseReporter } filenameReporter struct{ baseReporter }
tlsReporter struct{ baseReporter } tlsReporter struct{ baseReporter }
tlpWhiteReporter struct{ baseReporter }
tlpAmberRedReporter struct{ baseReporter }
redirectsReporter struct{ baseReporter } redirectsReporter struct{ baseReporter }
providerMetadataReport struct{ baseReporter } providerMetadataReport struct{ baseReporter }
securityReporter struct{ baseReporter } securityReporter struct{ baseReporter }
@ -31,9 +33,15 @@ type (
indexReporter struct{ baseReporter } indexReporter struct{ baseReporter }
changesReporter struct{ baseReporter } changesReporter struct{ baseReporter }
directoryListingsReporter struct{ baseReporter } directoryListingsReporter struct{ baseReporter }
rolieFeedReporter struct{ baseReporter }
rolieServiceReporter struct{ baseReporter }
rolieCategoryReporter struct{ baseReporter }
integrityReporter struct{ baseReporter } integrityReporter struct{ baseReporter }
signaturesReporter struct{ baseReporter } signaturesReporter struct{ baseReporter }
publicPGPKeyReporter struct{ baseReporter } publicPGPKeyReporter struct{ baseReporter }
listReporter struct{ baseReporter }
hasTwoReporter struct{ baseReporter }
mirrorReporter struct{ baseReporter }
) )
func (bc *baseReporter) requirement(domain *Domain) *Requirement { func (bc *baseReporter) requirement(domain *Domain) *Requirement {
@ -115,6 +123,21 @@ func (r *tlsReporter) report(p *processor, domain *Domain) {
req.message(ErrorType, urls...) req.message(ErrorType, urls...)
} }
// report tests if a document labeled TLP:WHITE
// is freely accessible and sets the "message" field value
// of the "Requirement" struct as a result of that.
func (r *tlpWhiteReporter) report(p *processor, domain *Domain) {
// TODO
}
// report tests if a document labeled TLP:AMBER
// or TLP:RED is access protected
// and sets the "message" field value
// of the "Requirement" struct as a result of that.
func (r *tlpAmberRedReporter) report(p *processor, domain *Domain) {
// TODO
}
// report tests if redirects are used and sets the "message" field value // report tests if redirects are used and sets the "message" field value
// of the "Requirement" struct as a result of that. // of the "Requirement" struct as a result of that.
func (r *redirectsReporter) report(p *processor, domain *Domain) { func (r *redirectsReporter) report(p *processor, domain *Domain) {
@ -269,6 +292,31 @@ func (r *directoryListingsReporter) report(p *processor, domain *Domain) {
req.Messages = p.badDirListings req.Messages = p.badDirListings
} }
// report checks whether there is only a single ROLIE feed for a
// given TLP level and whether any of the TLP levels
// TLP:WHITE, TLP:GREEN or unlabeled exists and sets the "message" field value
// of the "Requirement" struct as a result of that.
func (r *rolieFeedReporter) report(p *processor, domain *Domain) {
// TODO
}
// report tests whether a ROLIE service document is used and if so,
// whether it is a [RFC8322] conform JSON file that lists the
// ROLIE feed documents and sets the "message" field value
// of the "Requirement" struct as a result of that.
func (r *rolieServiceReporter) report(p *processor, domain *Domain) {
// TODO
}
// report tests whether a ROLIE category document is used and if so,
// whether it is a [RFC8322] conform JSON file and is used to dissect
// documents by certain criteria
// and sets the "message" field value
// of the "Requirement" struct as a result of that.
func (r *rolieCategoryReporter) report(p *processor, domain *Domain) {
// TODO
}
func (r *integrityReporter) report(p *processor, domain *Domain) { func (r *integrityReporter) report(p *processor, domain *Domain) {
req := r.requirement(domain) req := r.requirement(domain)
if !p.badIntegrities.used() { if !p.badIntegrities.used() {
@ -306,3 +354,25 @@ func (r *publicPGPKeyReporter) report(p *processor, domain *Domain) {
p.keys.CountEntities())) p.keys.CountEntities()))
} }
} }
// report tests whether a CSAF aggregator JSON schema conform
// aggregator.json exists without being adjacent to a
// provider-metadata.json
func (r *listReporter) report(p *processor, domain *Domain) {
// TODO
}
// report tests whether the aggregator.json lists at least
// two disjoint issuing parties. TODO: reevaluate phrasing (Req 7.1.22)
func (r *hasTwoReporter) report(p *processor, domain *Domain) {
// TODO
}
// report tests whether the CSAF documents of each issuing mirrored party
// is in a different folder, which are adjacent to the aggregator.json and
// if the folder name is retrieved from the name of the issuing authority.
// It also tests whether each folder has a provider-metadata.json for their
// party and provides ROLIE feed documents.
func (r *mirrorReporter) report(p *processor, domain *Domain) {
// TODO
}