aboutsummaryrefslogtreecommitdiff
path: root/internal/cvss/v30vector.go
blob: 5ef1ae87ab9ad156b04178d2ca007a316ce3db45 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

package cvss

import (
  // "encoding/json"
  "regexp"
  "strings"
)

// CVSS v3.0 prefix
var v30Prefix = "CVSS:3.0/"

// CVSS 3.0 vector.
type v30Vector []v3Metric

// Convert vector to string
func (v v30Vector) String() string {
  // convert to slice of metrics
  metrics := []v3Metric(v)

  // build vector
  r := make([]string, len(metrics))
  for i, m := range(metrics) {
    r[i] = m.String()
  }

  // build and return string
  return v30Prefix + strings.Join(r, "/")
}

// Return CVSS version.
func (v30Vector) Version() Version {
  return V30
}

// Return metrics in this vector.
func (v v30Vector) Metrics() []Metric {
  // build result
  r := make([]Metric, len(v))
  for i, m := range(v) {
    r[i] = m
  }

  // return result
  return r
}

// Create CVSS 3.0 vector from string.
func newV30Vector(s string) (v30Vector, error) {
  // strip version prefix, split into metric strings
  strs := strings.Split(s[len(v30Prefix):], "/")
  r := make([]v3Metric, len(strs))

  // build results
  for i, ms := range(strs) {
    // get metric from string
    m, err := getV3Metric(V30, ms)
    if err != nil {
      return nil, err
    }

    r[i] = m
  }

  // return result
  return v30Vector(r), nil
}

// // Unmarshal CVSS 3.0 vector from JSON string.
// func (me *v30Vector) UnmarshalJSON(b []byte) error {
//   // decode string, check for error
//   var s string
//   if err := json.Unmarshal(b, &s); err != nil {
//     return err
//   }
// 
//   // parse vector, check for error
//   r, err := newV30Vector(s)
//   if err != nil {
//     return err
//   }
// 
//   // save result, return success
//   *me = r
//   return nil
// }

var v30VecRe = regexp.MustCompile(
  "\\ACVSS:3\\.0(?:/(?:" + strings.Join([]string {
    "(?:AV:[NALP])",
    "(?:AC:[LH])",
    "(?:PR:[NLH])",
    "(?:UI:[NR])",
    "(?:S:[UC])",
    "(?:C:[HLN])",
    "(?:I:[HLN])",
    "(?:A:[HLN])",
    "(?:E:[XHFPU])",
    "(?:RL:[XUWTO])",
    "(?:RC:[XCRU])",
    "(?:CR:[XHML])",
    "(?:IR:[XHML])",
    "(?:AR:[XHML])",
    "(?:MAV:[XNALP])",
    "(?:MAC:[XLH])",
    "(?:MPR:[XNLH])",
    "(?:MUI:[XNR])",
    "(?:MS:[XUC])",
    "(?:MC:[XNLH])",
    "(?:MI:[XNLH])",
    "(?:MA:[XNLH])",
  }, "|") + "))+\\z",
)

// Is the given string a CVSSv3.1 vector string?
func isV30VectorString(s string) bool {
  return (len(s) > len(v30Prefix)) &&
         (s[:len(v30Prefix)] == v30Prefix) &&
         v30VecRe.MatchString(s)
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 15:19:36 +0000