From 8153976a266d4ec42c9d3bb670c3bccd2de96d41 Mon Sep 17 00:00:00 2001 From: Paul Duncan Date: Mon, 31 Jan 2022 14:12:05 -0500 Subject: add internal/cvss/v2key.go --- internal/cvss/v2key.go | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 internal/cvss/v2key.go (limited to 'internal/cvss/v2key.go') diff --git a/internal/cvss/v2key.go b/internal/cvss/v2key.go new file mode 100644 index 0000000..ae976be --- /dev/null +++ b/internal/cvss/v2key.go @@ -0,0 +1,85 @@ +// CVSS vector parser. +package cvss + +//go:generate stringer -linecomment -type=v2Key + +// CVSS 2.0 metric key. +type v2Key byte + +const ( + v2AccessVector v2Key = iota // AV + v2AccessComplexity // AC + v2Authentication // Au + v2ConfidentialityImpact // C + v2IntegrityImpact // I + v2AvailabilityImpact // A + v2Exploitability // E + v2RemediationLevel // RL + v2ReportConfidence // RC + v2CollateralDamagePotential // CDP + v2TargetDistribution // TD + v2ConfidentialityRequirement // CR + v2IntegrityRequirement // IR + v2AvailabilityRequirement // AR + + v2InvalidKey // invalid +) + +// CVSS V2 metric key info lut +var v2Keys = map[v2Key]struct { + Name string + Category Category +} { + v2AccessVector: { "Access Vector", Base }, + v2AccessComplexity: { "Access Complexity", Base }, + v2Authentication: { "Authentication", Base }, + v2ConfidentialityImpact: { "Confidentiality Impact", Base }, + v2IntegrityImpact: { "Integrity Impact", Base }, + v2AvailabilityImpact: { "Availability Impact", Base }, + v2Exploitability: { "Exploitability", Temporal }, + v2RemediationLevel: { "Remediation Level", Temporal }, + v2ReportConfidence: { "Report Confidence", Temporal }, + v2CollateralDamagePotential: { "Collateral Damage Potential", Environmental }, + v2TargetDistribution: { "Target Distribution", Environmental }, + v2ConfidentialityRequirement: { "Confidentiality Requirement", Environmental }, + v2IntegrityRequirement: { "Integrity Requirement", Environmental }, + v2AvailabilityRequirement: { "Availability Requirement", Environmental }, +} + +// v2 metric key IDs lut +var v2KeyIds = map[string]v2Key { + "AV": v2AccessVector, + "AC": v2AccessComplexity, + "Au": v2Authentication, + "C": v2ConfidentialityImpact, + "I": v2IntegrityImpact, + "A": v2AvailabilityImpact, + "E": v2Exploitability, + "RL": v2RemediationLevel, + "RC": v2ReportConfidence, + "CDP": v2CollateralDamagePotential, + "TD": v2TargetDistribution, + "CR": v2ConfidentialityRequirement, + "IR": v2IntegrityRequirement, + "AR": v2AvailabilityRequirement, +} + +// Get metric key from string. +func getV2KeyFromString(s string) (v2Key, error) { + k, ok := v2KeyIds[s] + if ok { + return k, nil + } else { + return v2InvalidKey, fmt.Errorf("invalid metric key: %s", s) + } +} + +// Get metric key name. +func (k v2Key) Name() string { + return v2Keys[k].Name +} + +// Get metric key category. +func (k v2Key) Category() Category { + return v2Keys[k].Category +} -- cgit v1.2.3