Add remote validator support to downloader.

cmd/csaf_downloader/downloader.go

@@ -39,12 +39,37 @@ type downloader struct {
 	directory string
 	keys      []*crypto.KeyRing
 	eval      *util.PathEval
+	validator csaf.RemoteValidator
 }
 
-func newDownloader(opts *options) *downloader {
+func newDownloader(opts *options) (*downloader, error) {
+
+	var validator csaf.RemoteValidator
+
+	if opts.RemoteValidator != "" {
+		validatorOptions := csaf.RemoteValidatorOptions{
+			URL:     opts.RemoteValidator,
+			Presets: opts.RemoteValidatorPresets,
+			Cache:   opts.RemoteValidatorCache,
+		}
+		var err error
+		if validator, err = validatorOptions.Open(); err != nil {
+			return nil, fmt.Errorf(
+				"preparing remote validator failed: %w", err)
+		}
+	}
+
 	return &downloader{
-		opts: opts,
-		eval: util.NewPathEval(),
+		opts:      opts,
+		eval:      util.NewPathEval(),
+		validator: validator,
+	}, nil
+}
+
+func (d *downloader) close() {
+	if d.validator != nil {
+		d.validator.Close()
+		d.validator = nil
 	}
 }
 
@@ -330,6 +355,19 @@ func (d *downloader) downloadFiles(label csaf.TLPLabel, files []csaf.AdvisoryFil
 			continue
 		}
 
+		// Validate against remote validator
+		if d.validator != nil {
+			ok, err := d.validator.Validate(doc)
+			if err != nil {
+				return fmt.Errorf(
+					"calling remote validator on %q failed: %w",
+					file.URL(), err)
+			}
+			if !ok {
+				log.Printf("Remote validation of %q failed\n", file.URL())
+			}
+		}
+
 		if err := d.eval.Extract(`$.document.tracking.initial_release_date`, dateExtract, false, doc); err != nil {
 			log.Printf("Cannot extract initial_release_date from advisory '%s'\n", file.URL())
 			initialReleaseDate = time.Now()