aboutsummaryrefslogtreecommitdiff
path: root/internal/cvss/v2key.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/cvss/v2key.go')
-rw-r--r--internal/cvss/v2key.go85
1 files changed, 85 insertions, 0 deletions
diff --git a/internal/cvss/v2key.go b/internal/cvss/v2key.go
new file mode 100644
index 0000000..ae976be
--- /dev/null
+++ b/internal/cvss/v2key.go
@@ -0,0 +1,85 @@
+// CVSS vector parser.
+package cvss
+
+//go:generate stringer -linecomment -type=v2Key
+
+// CVSS 2.0 metric key.
+type v2Key byte
+
+const (
+ v2AccessVector v2Key = iota // AV
+ v2AccessComplexity // AC
+ v2Authentication // Au
+ v2ConfidentialityImpact // C
+ v2IntegrityImpact // I
+ v2AvailabilityImpact // A
+ v2Exploitability // E
+ v2RemediationLevel // RL
+ v2ReportConfidence // RC
+ v2CollateralDamagePotential // CDP
+ v2TargetDistribution // TD
+ v2ConfidentialityRequirement // CR
+ v2IntegrityRequirement // IR
+ v2AvailabilityRequirement // AR
+
+ v2InvalidKey // invalid
+)
+
+// CVSS V2 metric key info lut
+var v2Keys = map[v2Key]struct {
+ Name string
+ Category Category
+} {
+ v2AccessVector: { "Access Vector", Base },
+ v2AccessComplexity: { "Access Complexity", Base },
+ v2Authentication: { "Authentication", Base },
+ v2ConfidentialityImpact: { "Confidentiality Impact", Base },
+ v2IntegrityImpact: { "Integrity Impact", Base },
+ v2AvailabilityImpact: { "Availability Impact", Base },
+ v2Exploitability: { "Exploitability", Temporal },
+ v2RemediationLevel: { "Remediation Level", Temporal },
+ v2ReportConfidence: { "Report Confidence", Temporal },
+ v2CollateralDamagePotential: { "Collateral Damage Potential", Environmental },
+ v2TargetDistribution: { "Target Distribution", Environmental },
+ v2ConfidentialityRequirement: { "Confidentiality Requirement", Environmental },
+ v2IntegrityRequirement: { "Integrity Requirement", Environmental },
+ v2AvailabilityRequirement: { "Availability Requirement", Environmental },
+}
+
+// v2 metric key IDs lut
+var v2KeyIds = map[string]v2Key {
+ "AV": v2AccessVector,
+ "AC": v2AccessComplexity,
+ "Au": v2Authentication,
+ "C": v2ConfidentialityImpact,
+ "I": v2IntegrityImpact,
+ "A": v2AvailabilityImpact,
+ "E": v2Exploitability,
+ "RL": v2RemediationLevel,
+ "RC": v2ReportConfidence,
+ "CDP": v2CollateralDamagePotential,
+ "TD": v2TargetDistribution,
+ "CR": v2ConfidentialityRequirement,
+ "IR": v2IntegrityRequirement,
+ "AR": v2AvailabilityRequirement,
+}
+
+// Get metric key from string.
+func getV2KeyFromString(s string) (v2Key, error) {
+ k, ok := v2KeyIds[s]
+ if ok {
+ return k, nil
+ } else {
+ return v2InvalidKey, fmt.Errorf("invalid metric key: %s", s)
+ }
+}
+
+// Get metric key name.
+func (k v2Key) Name() string {
+ return v2Keys[k].Name
+}
+
+// Get metric key category.
+func (k v2Key) Category() Category {
+ return v2Keys[k].Category
+}