diff options
-rw-r--r-- | internal/cvss/cvss.go | 106 | ||||
-rw-r--r-- | internal/cvss/v3key.go | 113 |
2 files changed, 113 insertions, 106 deletions
diff --git a/internal/cvss/cvss.go b/internal/cvss/cvss.go index 4a1a789..44bcdf6 100644 --- a/internal/cvss/cvss.go +++ b/internal/cvss/cvss.go @@ -5,114 +5,8 @@ import ( "strings" ) -//go:generate stringer -linecomment -type=v3Key //go:generate stringer -linecomment -type=v3Metric -// CVSS v3 metric key -type v3Key byte - -const ( - v3AttackVector v3Key = iota // AV - v3AttackComplexity // AC - v3PrivilegesRequired // PR - v3UserInteraction // UI - v3Scope // S - v3Confidentiality // C - v3Integrity // I - v3Availability // A - v3ExploitCodeMaturity // E - v3RemediationLevel // RL - v3ReportConfidence // RC - v3ConfidentialityRequirement // CR - v3IntegrityRequirement // IR - v3AvailabilityRequirement // AR - v3ModifiedAttackVector // MAV - v3ModifiedAttackComplexity // MAC - v3ModifiedPrivilegesRequired // MPR - v3ModifiedUserInteraction // MUI - v3ModifiedScope // MS - v3ModifiedConfidentiality // MC - v3ModifiedIntegrity // MI - v3ModifiedAvailability // MA - - v3InvalidKey // invalid -) - -// CVSS v3 metric key info lut -var v3Keys = map[v3Key]struct { - Name string - Category Category -} { - v3AttackVector: { "Attack Vector", Base }, - v3AttackComplexity: { "Attack Complexity", Base }, - v3PrivilegesRequired: { "Privileges Required", Base }, - v3UserInteraction: { "User Interaction", Base }, - v3Scope: { "Scope", Base }, - v3Confidentiality: { "Confidentiality", Base }, - v3Integrity: { "Integrity", Base }, - v3Availability: { "Availability", Base }, - v3ExploitCodeMaturity: { "Exploit Code Maturity", Temporal }, - v3RemediationLevel: { "Remediation Level", Temporal }, - v3ReportConfidence: { "Report Confidence", Temporal }, - v3ConfidentialityRequirement: { "Confidentiality Requirement", Environmental }, - v3IntegrityRequirement: { "Integrity Requirement", Environmental }, - v3AvailabilityRequirement: { "Availability Requirement", Environmental }, - v3ModifiedAttackVector: { "Modified Attack Vector", Environmental }, - v3ModifiedAttackComplexity: { "Modified Attack Complexity", Environmental }, - v3ModifiedPrivilegesRequired: { "Modified Privileges Required", Environmental }, - v3ModifiedUserInteraction: { "Modified User Interaction", Environmental }, - v3ModifiedScope: { "Modified Scope", Environmental }, - v3ModifiedConfidentiality: { "Modified Confidentiality", Environmental }, - v3ModifiedIntegrity: { "Modified Integrity", Environmental }, - v3ModifiedAvailability: { "Modified Availability", Environmental }, -} - -// metric key IDs lut -var v3KeyIds = map[string]v3Key { - "AV": v3AttackVector, - "AC": v3AttackComplexity, - "PR": v3PrivilegesRequired, - "UI": v3UserInteraction, - "S": v3Scope, - "C": v3Confidentiality, - "I": v3Integrity, - "A": v3Availability, - "E": v3ExploitCodeMaturity, - "RL": v3RemediationLevel, - "RC": v3ReportConfidence, - "CR": v3ConfidentialityRequirement, - "IR": v3IntegrityRequirement, - "AR": v3AvailabilityRequirement, - "MAV": v3ModifiedAttackVector, - "MAC": v3ModifiedAttackComplexity, - "MPR": v3ModifiedPrivilegesRequired, - "MUI": v3ModifiedUserInteraction, - "MS": v3ModifiedScope, - "MC": v3ModifiedConfidentiality, - "MI": v3ModifiedIntegrity, - "MA": v3ModifiedAvailability, -} - -// // Get metric key from string. -// func getV3KeyFromString(s string) (v3Key, error) { -// k, ok := v3KeyIds[s] -// if ok { -// return k, nil -// } else { -// return v3InvalidKey, newBadKey(V30, s) -// } -// } - -// Get metric key name. -func (k v3Key) Name() string { - return v3Keys[k].Name -} - -// Get metric key category. -func (k v3Key) Category() Category { - return v3Keys[k].Category -} - // metric value type v3Metric byte diff --git a/internal/cvss/v3key.go b/internal/cvss/v3key.go new file mode 100644 index 0000000..035620b --- /dev/null +++ b/internal/cvss/v3key.go @@ -0,0 +1,113 @@ +package cvss + +import ( + "strings" +) + +//go:generate stringer -linecomment -type=v3Key +//go:generate stringer -linecomment -type=v3Metric + +// CVSS v3 metric key +type v3Key byte + +const ( + v3AttackVector v3Key = iota // AV + v3AttackComplexity // AC + v3PrivilegesRequired // PR + v3UserInteraction // UI + v3Scope // S + v3Confidentiality // C + v3Integrity // I + v3Availability // A + v3ExploitCodeMaturity // E + v3RemediationLevel // RL + v3ReportConfidence // RC + v3ConfidentialityRequirement // CR + v3IntegrityRequirement // IR + v3AvailabilityRequirement // AR + v3ModifiedAttackVector // MAV + v3ModifiedAttackComplexity // MAC + v3ModifiedPrivilegesRequired // MPR + v3ModifiedUserInteraction // MUI + v3ModifiedScope // MS + v3ModifiedConfidentiality // MC + v3ModifiedIntegrity // MI + v3ModifiedAvailability // MA + + v3InvalidKey // invalid +) + +// CVSS v3 metric key info lut +var v3Keys = map[v3Key]struct { + Name string + Category Category +} { + v3AttackVector: { "Attack Vector", Base }, + v3AttackComplexity: { "Attack Complexity", Base }, + v3PrivilegesRequired: { "Privileges Required", Base }, + v3UserInteraction: { "User Interaction", Base }, + v3Scope: { "Scope", Base }, + v3Confidentiality: { "Confidentiality", Base }, + v3Integrity: { "Integrity", Base }, + v3Availability: { "Availability", Base }, + v3ExploitCodeMaturity: { "Exploit Code Maturity", Temporal }, + v3RemediationLevel: { "Remediation Level", Temporal }, + v3ReportConfidence: { "Report Confidence", Temporal }, + v3ConfidentialityRequirement: { "Confidentiality Requirement", Environmental }, + v3IntegrityRequirement: { "Integrity Requirement", Environmental }, + v3AvailabilityRequirement: { "Availability Requirement", Environmental }, + v3ModifiedAttackVector: { "Modified Attack Vector", Environmental }, + v3ModifiedAttackComplexity: { "Modified Attack Complexity", Environmental }, + v3ModifiedPrivilegesRequired: { "Modified Privileges Required", Environmental }, + v3ModifiedUserInteraction: { "Modified User Interaction", Environmental }, + v3ModifiedScope: { "Modified Scope", Environmental }, + v3ModifiedConfidentiality: { "Modified Confidentiality", Environmental }, + v3ModifiedIntegrity: { "Modified Integrity", Environmental }, + v3ModifiedAvailability: { "Modified Availability", Environmental }, +} + +// metric key IDs lut +var v3KeyIds = map[string]v3Key { + "AV": v3AttackVector, + "AC": v3AttackComplexity, + "PR": v3PrivilegesRequired, + "UI": v3UserInteraction, + "S": v3Scope, + "C": v3Confidentiality, + "I": v3Integrity, + "A": v3Availability, + "E": v3ExploitCodeMaturity, + "RL": v3RemediationLevel, + "RC": v3ReportConfidence, + "CR": v3ConfidentialityRequirement, + "IR": v3IntegrityRequirement, + "AR": v3AvailabilityRequirement, + "MAV": v3ModifiedAttackVector, + "MAC": v3ModifiedAttackComplexity, + "MPR": v3ModifiedPrivilegesRequired, + "MUI": v3ModifiedUserInteraction, + "MS": v3ModifiedScope, + "MC": v3ModifiedConfidentiality, + "MI": v3ModifiedIntegrity, + "MA": v3ModifiedAvailability, +} + +// // Get metric key from string. +// func getV3KeyFromString(s string) (v3Key, error) { +// k, ok := v3KeyIds[s] +// if ok { +// return k, nil +// } else { +// return v3InvalidKey, newBadKey(V30, s) +// } +// } + +// Get metric key name. +func (k v3Key) Name() string { + return v3Keys[k].Name +} + +// Get metric key category. +func (k v3Key) Category() Category { + return v3Keys[k].Category +} |