diff options
Diffstat (limited to 'internal/cvss')
| -rw-r--r-- | internal/cvss/cvss.go | 82 | ||||
| -rw-r--r-- | internal/cvss/v2key.go | 85 |
2 files changed, 85 insertions, 82 deletions
diff --git a/internal/cvss/cvss.go b/internal/cvss/cvss.go index e8c62a1..8fc6314 100644 --- a/internal/cvss/cvss.go +++ b/internal/cvss/cvss.go @@ -6,92 +6,10 @@ import ( "strings" ) -//go:generate stringer -linecomment -type=v2Key //go:generate stringer -linecomment -type=v2Metric //go:generate stringer -linecomment -type=v3Key //go:generate stringer -linecomment -type=v3Metric -// CVSS 2.0 metric key. -type v2Key byte - -const ( - v2AccessVector v2Key = iota // AV - v2AccessComplexity // AC - v2Authentication // Au - v2ConfidentialityImpact // C - v2IntegrityImpact // I - v2AvailabilityImpact // A - v2Exploitability // E - v2RemediationLevel // RL - v2ReportConfidence // RC - v2CollateralDamagePotential // CDP - v2TargetDistribution // TD - v2ConfidentialityRequirement // CR - v2IntegrityRequirement // IR - v2AvailabilityRequirement // AR - - v2InvalidKey // invalid -) - -// CVSS V2 metric key info lut -var v2Keys = map[v2Key]struct { - Name string - Category Category -} { - v2AccessVector: { "Access Vector", Base }, - v2AccessComplexity: { "Access Complexity", Base }, - v2Authentication: { "Authentication", Base }, - v2ConfidentialityImpact: { "Confidentiality Impact", Base }, - v2IntegrityImpact: { "Integrity Impact", Base }, - v2AvailabilityImpact: { "Availability Impact", Base }, - v2Exploitability: { "Exploitability", Temporal }, - v2RemediationLevel: { "Remediation Level", Temporal }, - v2ReportConfidence: { "Report Confidence", Temporal }, - v2CollateralDamagePotential: { "Collateral Damage Potential", Environmental }, - v2TargetDistribution: { "Target Distribution", Environmental }, - v2ConfidentialityRequirement: { "Confidentiality Requirement", Environmental }, - v2IntegrityRequirement: { "Integrity Requirement", Environmental }, - v2AvailabilityRequirement: { "Availability Requirement", Environmental }, -} - -// v2 metric key IDs lut -var v2KeyIds = map[string]v2Key { - "AV": v2AccessVector, - "AC": v2AccessComplexity, - "Au": v2Authentication, - "C": v2ConfidentialityImpact, - "I": v2IntegrityImpact, - "A": v2AvailabilityImpact, - "E": v2Exploitability, - "RL": v2RemediationLevel, - "RC": v2ReportConfidence, - "CDP": v2CollateralDamagePotential, - "TD": v2TargetDistribution, - "CR": v2ConfidentialityRequirement, - "IR": v2IntegrityRequirement, - "AR": v2AvailabilityRequirement, -} - -// Get metric key from string. -func getV2KeyFromString(s string) (v2Key, error) { - k, ok := v2KeyIds[s] - if ok { - return k, nil - } else { - return v2InvalidKey, fmt.Errorf("invalid metric key: %s", s) - } -} - -// Get metric key name. -func (k v2Key) Name() string { - return v2Keys[k].Name -} - -// Get metric key category. -func (k v2Key) Category() Category { - return v2Keys[k].Category -} - // CVSS v2 metric value type v2Metric byte diff --git a/internal/cvss/v2key.go b/internal/cvss/v2key.go new file mode 100644 index 0000000..ae976be --- /dev/null +++ b/internal/cvss/v2key.go @@ -0,0 +1,85 @@ +// CVSS vector parser. +package cvss + +//go:generate stringer -linecomment -type=v2Key + +// CVSS 2.0 metric key. +type v2Key byte + +const ( + v2AccessVector v2Key = iota // AV + v2AccessComplexity // AC + v2Authentication // Au + v2ConfidentialityImpact // C + v2IntegrityImpact // I + v2AvailabilityImpact // A + v2Exploitability // E + v2RemediationLevel // RL + v2ReportConfidence // RC + v2CollateralDamagePotential // CDP + v2TargetDistribution // TD + v2ConfidentialityRequirement // CR + v2IntegrityRequirement // IR + v2AvailabilityRequirement // AR + + v2InvalidKey // invalid +) + +// CVSS V2 metric key info lut +var v2Keys = map[v2Key]struct { + Name string + Category Category +} { + v2AccessVector: { "Access Vector", Base }, + v2AccessComplexity: { "Access Complexity", Base }, + v2Authentication: { "Authentication", Base }, + v2ConfidentialityImpact: { "Confidentiality Impact", Base }, + v2IntegrityImpact: { "Integrity Impact", Base }, + v2AvailabilityImpact: { "Availability Impact", Base }, + v2Exploitability: { "Exploitability", Temporal }, + v2RemediationLevel: { "Remediation Level", Temporal }, + v2ReportConfidence: { "Report Confidence", Temporal }, + v2CollateralDamagePotential: { "Collateral Damage Potential", Environmental }, + v2TargetDistribution: { "Target Distribution", Environmental }, + v2ConfidentialityRequirement: { "Confidentiality Requirement", Environmental }, + v2IntegrityRequirement: { "Integrity Requirement", Environmental }, + v2AvailabilityRequirement: { "Availability Requirement", Environmental }, +} + +// v2 metric key IDs lut +var v2KeyIds = map[string]v2Key { + "AV": v2AccessVector, + "AC": v2AccessComplexity, + "Au": v2Authentication, + "C": v2ConfidentialityImpact, + "I": v2IntegrityImpact, + "A": v2AvailabilityImpact, + "E": v2Exploitability, + "RL": v2RemediationLevel, + "RC": v2ReportConfidence, + "CDP": v2CollateralDamagePotential, + "TD": v2TargetDistribution, + "CR": v2ConfidentialityRequirement, + "IR": v2IntegrityRequirement, + "AR": v2AvailabilityRequirement, +} + +// Get metric key from string. +func getV2KeyFromString(s string) (v2Key, error) { + k, ok := v2KeyIds[s] + if ok { + return k, nil + } else { + return v2InvalidKey, fmt.Errorf("invalid metric key: %s", s) + } +} + +// Get metric key name. +func (k v2Key) Name() string { + return v2Keys[k].Name +} + +// Get metric key category. +func (k v2Key) Category() Category { + return v2Keys[k].Category +} |