From ab6087acf1143fa87cbe233e91dac64f0a9ab3f8 Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:22:17 +0100 Subject: [PATCH 1/9] Add basic oval types --- .../com/suse/oval/ovaltypes/AffectedType.java | 63 ++++++ .../src/com/suse/oval/ovaltypes/ArchType.java | 31 +++ .../com/suse/oval/ovaltypes/CheckEnum.java | 74 +++++++ .../oval/ovaltypes/DefinitionClassEnum.java | 56 +++++ .../suse/oval/ovaltypes/DefinitionType.java | 142 +++++++++++++ .../suse/oval/ovaltypes/DefinitionsType.java | 43 ++++ .../suse/oval/ovaltypes/EVRDataTypeEnum.java | 14 ++ .../src/com/suse/oval/ovaltypes/EVRType.java | 41 ++++ .../suse/oval/ovaltypes/ExistenceEnum.java | 74 +++++++ .../com/suse/oval/ovaltypes/FamilyEnum.java | 87 ++++++++ .../suse/oval/ovaltypes/GeneratorType.java | 109 ++++++++++ .../oval/ovaltypes/LogicOperatorType.java | 52 +++++ .../com/suse/oval/ovaltypes/MetadataType.java | 97 +++++++++ .../com/suse/oval/ovaltypes/NotesType.java | 41 ++++ .../suse/oval/ovaltypes/ObjectRefType.java | 42 ++++ .../com/suse/oval/ovaltypes/ObjectType.java | 126 +++++++++++ .../com/suse/oval/ovaltypes/ObjectsType.java | 46 ++++ .../oval/ovaltypes/OperationEnumeration.java | 130 ++++++++++++ .../com/suse/oval/ovaltypes/OvalRootType.java | 100 +++++++++ .../suse/oval/ovaltypes/ReferenceType.java | 75 +++++++ .../com/suse/oval/ovaltypes/StateRefType.java | 42 ++++ .../com/suse/oval/ovaltypes/StateType.java | 146 +++++++++++++ .../com/suse/oval/ovaltypes/StatesType.java | 46 ++++ .../src/com/suse/oval/ovaltypes/TestType.java | 197 ++++++++++++++++++ .../com/suse/oval/ovaltypes/TestsType.java | 46 ++++ .../com/suse/oval/ovaltypes/VersionType.java | 28 +++ 26 files changed, 1948 insertions(+) create mode 100755 java/code/src/com/suse/oval/ovaltypes/AffectedType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/ArchType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/CheckEnum.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/DefinitionClassEnum.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/DefinitionType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/DefinitionsType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/EVRDataTypeEnum.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/EVRType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/ExistenceEnum.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/FamilyEnum.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/GeneratorType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/LogicOperatorType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/MetadataType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/NotesType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/ObjectRefType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/ObjectType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/ObjectsType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/OperationEnumeration.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/OvalRootType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/ReferenceType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/StateRefType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/StateType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/StatesType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/TestType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/TestsType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/VersionType.java diff --git a/java/code/src/com/suse/oval/ovaltypes/AffectedType.java b/java/code/src/com/suse/oval/ovaltypes/AffectedType.java new file mode 100755 index 000000000000..6060dc9a130a --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/AffectedType.java @@ -0,0 +1,63 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; +import java.util.ArrayList; +import java.util.List; + + +/** + * Please note that the AffectedType will change in future versions of OVAL in order to support the Common Platform Enumeration (CPE). + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "AffectedType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class AffectedType { + @XmlElement(name = "platform", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected List platforms; + @XmlElement(name = "product", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected List products; + @XmlAttribute(name = "family", required = true) + protected FamilyEnum family; + + /** + * Gets the value of the list of affected platforms + */ + public List getPlatforms() { + if (platforms == null) { + platforms = new ArrayList<>(); + } + return this.platforms; + } + + /** + * Gets the value of the list of affected products + */ + public List getProducts() { + if (products == null) { + products = new ArrayList<>(); + } + return this.products; + } + + /** + * Gets the value of the family property. + */ + public FamilyEnum getFamily() { + return family; + } + + /** + * Sets the value of the family property. + */ + public void setFamily(FamilyEnum value) { + this.family = value; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/ArchType.java b/java/code/src/com/suse/oval/ovaltypes/ArchType.java new file mode 100755 index 000000000000..03ce0ca0dbae --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/ArchType.java @@ -0,0 +1,31 @@ +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; + +/** + * This is the architecture for which the package was built, like : i386, ppc, sparc, noarch. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class ArchType { + @XmlValue + private String value; + @XmlAttribute(name = "operation", required = true) + private OperationEnumeration operation; + + public String getValue() { + return value; + } + + public void setValue(String value) { + this.value = value; + } + + public OperationEnumeration getOperation() { + return operation; + } + + public void setOperation(OperationEnumeration operation) { + this.operation = operation; + } +} diff --git a/java/code/src/com/suse/oval/ovaltypes/CheckEnum.java b/java/code/src/com/suse/oval/ovaltypes/CheckEnum.java new file mode 100755 index 000000000000..0165895ab540 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/CheckEnum.java @@ -0,0 +1,74 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlEnum; +import javax.xml.bind.annotation.XmlEnumValue; +import javax.xml.bind.annotation.XmlType; + + +@XmlType(name = "CheckEnumeration", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +@XmlEnum +public enum CheckEnum { + + + /** + * A value of 'all' means that a final result of true is given if all the individual results under consideration are true. + * + */ + @XmlEnumValue("all") + ALL("all"), + + /** + * A value of 'at least one' means that a final result of true is given if at least one of the individual results under consideration is true. + * + */ + @XmlEnumValue("at least one") + AT_LEAST_ONE("at least one"), + + /** + * A value of 'none exists' means that a test evaluates to true if no matching object exists that satisfy the data requirements. + * + */ + @XmlEnumValue("none exist") + NONE_EXIST("none exist"), + + /** + * A value of 'none satisfy' means that a final result of true is given if none the individual results under consideration are true. + * + */ + @XmlEnumValue("none satisfy") + NONE_SATISFY("none satisfy"), + + /** + * A value of 'only one' means that a final result of true is given if one and only one of the individual results under consideration are true. + * + */ + @XmlEnumValue("only one") + ONLY_ONE("only one"); + private final String value; + + CheckEnum(String v) { + value = v; + } + + public String value() { + return value; + } + + public static CheckEnum fromValue(String v) { + for (CheckEnum c: CheckEnum.values()) { + if (c.value.equals(v)) { + return c; + } + } + throw new IllegalArgumentException(v); + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/DefinitionClassEnum.java b/java/code/src/com/suse/oval/ovaltypes/DefinitionClassEnum.java new file mode 100755 index 000000000000..8fd2ee68221d --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/DefinitionClassEnum.java @@ -0,0 +1,56 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlEnum; +import javax.xml.bind.annotation.XmlEnumValue; +import javax.xml.bind.annotation.XmlType; + + +@XmlType(name = "ClassEnumeration", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +@XmlEnum +public enum DefinitionClassEnum { + + /** + * A patch definition details the machine state of whether a patch executable should be installed. + *

+ * A definition of this class will evaluate to true when the specified patch is missing from the system. + * Another way of thinking about this is that a patch definition is stating "the patch should be installed if ...". Note that word SHOULD is intended to mean more than just CAN the patch executable be installed. In other words, if a more recent patch is already installed then the specified patch might not need to be installed. + */ + @XmlEnumValue("patch") + PATCH("patch"), + + /** + * A vulnerability definition describes the conditions under which a machine is vulnerable. + *

+ * A definition of this class will evaluate to true when the system is found to be vulnerable with the stated issue. + * Another way of thinking about this is that a vulnerability definition is stating "the system is vulnerable if ...". + */ + @XmlEnumValue("vulnerability") + VULNERABILITY("vulnerability"); + private final String value; + + DefinitionClassEnum(String v) { + value = v; + } + + public String value() { + return value; + } + + public static DefinitionClassEnum fromValue(String v) { + for (DefinitionClassEnum c : DefinitionClassEnum.values()) { + if (c.value.equals(v)) { + return c; + } + } + throw new IllegalArgumentException(v); + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/DefinitionType.java b/java/code/src/com/suse/oval/ovaltypes/DefinitionType.java new file mode 100755 index 000000000000..dc1834d50e89 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/DefinitionType.java @@ -0,0 +1,142 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; +import java.math.BigInteger; +import java.util.Objects; + + +/** + * The required id attribute is the OVAL-ID of the Definition. The form of an OVAL-ID must follow the specific format + * described by the oval:DefinitionIDPattern. The required version attribute holds the current version of the definition. + *

+ * Versions are integers, starting at 1 and incrementing every time a definition is modified. The required class attribute + * indicates the specific class to which the definition belongs. The class gives a hint to a user, so they can know what the definition + * writer is trying to say. See the definition of oval-def:ClassEnumeration for more information about the different valid classes. + *

+ * The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around + * for historic purposes. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "definition", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class DefinitionType { + + @XmlElement(name = "metadata", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", required = true) + protected MetadataType metadata; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected CriteriaType criteria; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected NotesType notes; + @XmlAttribute(name = "id", required = true) + protected String id; + @XmlAttribute(name = "version", required = true) + @XmlSchemaType(name = "nonNegativeInteger") + protected BigInteger version; + @XmlAttribute(name = "class", required = true) + protected DefinitionClassEnum definitionClass; + @XmlAttribute(name = "deprecated") + protected Boolean deprecated; + + /** + * Gets the value of the metadata property. + * + * @return possible object is + * {@link MetadataType } + */ + public MetadataType getMetadata() { + return metadata; + } + + /** + * Sets the value of the metadata property. + */ + public void setMetadata(MetadataType value) { + this.metadata = value; + } + + public CriteriaType getCriteria() { + return criteria; + } + + public void setCriteria(CriteriaType criteria) { + this.criteria = criteria; + } + + /** + * Gets the value of the notes property. + */ + public NotesType getNotes() { + return notes; + } + + /** + * Sets the value of the notes property. + */ + public void setNotes(NotesType value) { + this.notes = value; + } + + /** + * Gets the value of the id property. + */ + public String getId() { + return id; + } + + /** + * Sets the value of the id property. + */ + public void setId(String value) { + this.id = value; + } + + /** + * Gets the value of the version property. + */ + public BigInteger getVersion() { + return version; + } + + /** + * Sets the value of the version property. + */ + public void setVersion(BigInteger value) { + this.version = value; + } + + /** + * Gets the value of the clazz property. + */ + public DefinitionClassEnum getDefinitionClass() { + return definitionClass; + } + + /** + * Sets the value of the clazz property. + */ + public void setDefinitionClass(DefinitionClassEnum value) { + this.definitionClass = value; + } + + /** + * Gets the value of the deprecated property. + */ + public boolean isDeprecated() { + return Objects.requireNonNullElse(deprecated, false); + } + + /** + * Sets the value of the deprecated property. + */ + public void setDeprecated(Boolean value) { + this.deprecated = value; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/DefinitionsType.java b/java/code/src/com/suse/oval/ovaltypes/DefinitionsType.java new file mode 100755 index 000000000000..b807b8a931bd --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/DefinitionsType.java @@ -0,0 +1,43 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; +import java.util.ArrayList; +import java.util.List; + + +/** + * The DefinitionsType complex type is a container for one or more definition elements. Each definition element describes a single + * OVAL Definition. + *

+ * Please refer to the description of the {@link DefinitionType} for more information about an individual definition. + *

+ */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "DefinitionsType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class DefinitionsType { + + @XmlElement(name = "definition", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", required = true) + protected List definitions; + + /** + * Gets the list of definitions + */ + public List getDefinitions() { + if (definitions == null) { + definitions = new ArrayList<>(); + } + return this.definitions; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/EVRDataTypeEnum.java b/java/code/src/com/suse/oval/ovaltypes/EVRDataTypeEnum.java new file mode 100755 index 000000000000..7a942ead9d4a --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/EVRDataTypeEnum.java @@ -0,0 +1,14 @@ +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlEnum; +import javax.xml.bind.annotation.XmlEnumValue; +import javax.xml.bind.annotation.XmlType; + +@XmlType(namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +@XmlEnum +public enum EVRDataTypeEnum { + @XmlEnumValue("debian_evr_string") + DEBIAN_EVR, + @XmlEnumValue("evr_string") + RPM_EVR +} diff --git a/java/code/src/com/suse/oval/ovaltypes/EVRType.java b/java/code/src/com/suse/oval/ovaltypes/EVRType.java new file mode 100755 index 000000000000..ced1180cbc5e --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/EVRType.java @@ -0,0 +1,41 @@ +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; + +/** + * This represents the epoch, version, and release fields as a single version string. It has the form "EPOCH:VERSION-RELEASE". + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class EVRType { + @XmlValue + private String value; + @XmlAttribute(name = "datatype") + private EVRDataTypeEnum datatype; + @XmlAttribute(name = "operation", required = true) + private OperationEnumeration operation; + + public String getValue() { + return value; + } + + public void setValue(String value) { + this.value = value; + } + + public EVRDataTypeEnum getDatatype() { + return datatype; + } + + public void setDatatype(EVRDataTypeEnum datatype) { + this.datatype = datatype; + } + + public OperationEnumeration getOperation() { + return operation; + } + + public void setOperation(OperationEnumeration operation) { + this.operation = operation; + } +} diff --git a/java/code/src/com/suse/oval/ovaltypes/ExistenceEnum.java b/java/code/src/com/suse/oval/ovaltypes/ExistenceEnum.java new file mode 100755 index 000000000000..a73f55d36acc --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/ExistenceEnum.java @@ -0,0 +1,74 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlEnum; +import javax.xml.bind.annotation.XmlEnumValue; +import javax.xml.bind.annotation.XmlType; + + +@XmlType(name = "ExistenceEnumeration", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +@XmlEnum +public enum ExistenceEnum { + + + /** + * A value of 'all_exist' means that every object defined by the description exists on the system. + * + */ + @XmlEnumValue("all_exist") + ALL_EXIST("all_exist"), + + /** + * A value of 'any_exist' means that zero or more objects defined by the description exist on the system. + * + */ + @XmlEnumValue("any_exist") + ANY_EXIST("any_exist"), + + /** + * A value of 'at_least_one_exists' means that at least one object defined by the description exists on the system. + * + */ + @XmlEnumValue("at_least_one_exists") + AT_LEAST_ONE_EXISTS("at_least_one_exists"), + + /** + * A value of 'none_exist' means that none of the objects defined by the description exist on the system. + * + */ + @XmlEnumValue("none_exist") + NONE_EXIST("none_exist"), + + /** + * A value of 'only_one_exists' means that only one object defined by the description exists on the system. + * + */ + @XmlEnumValue("only_one_exists") + ONLY_ONE_EXISTS("only_one_exists"); + private final String value; + + ExistenceEnum(String v) { + value = v; + } + + public String value() { + return value; + } + + public static ExistenceEnum fromValue(String v) { + for (ExistenceEnum c: ExistenceEnum.values()) { + if (c.value.equals(v)) { + return c; + } + } + throw new IllegalArgumentException(v); + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/FamilyEnum.java b/java/code/src/com/suse/oval/ovaltypes/FamilyEnum.java new file mode 100755 index 000000000000..2987499ebbd7 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/FamilyEnum.java @@ -0,0 +1,87 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlEnum; +import javax.xml.bind.annotation.XmlEnumValue; +import javax.xml.bind.annotation.XmlType; + + +@XmlType(name = "FamilyEnumeration", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +@XmlEnum +public enum FamilyEnum { + + + /** + * The catos value describes the Cisco CatOS operating system. + */ + @XmlEnumValue("catos") + CATOS("catos"), + + /** + * The ios value describes the Cisco IOS operating system. + */ + @XmlEnumValue("ios") + IOS("ios"), + + /** + * The macos value describes the Mac operating system. + */ + @XmlEnumValue("macos") + MACOS("macos"), + + /** + * The pixos value describes the Cisco PIX operating system. + */ + @XmlEnumValue("pixos") + PIXOS("pixos"), + + /** + * The undefined value is to be used when the desired family is not available. + */ + @XmlEnumValue("undefined") + UNDEFINED("undefined"), + + /** + * The unix value describes the UNIX operating system. + */ + @XmlEnumValue("unix") + UNIX("unix"), + + /** + * The vmware_infrastructure value describes VMWare Infrastructure. + */ + @XmlEnumValue("vmware_infrastructure") + VMWARE_INFRASTRUCTURE("vmware_infrastructure"), + + /** + * The windows value describes the Microsoft Windows operating system. + */ + @XmlEnumValue("windows") + WINDOWS("windows"); + private final String value; + + FamilyEnum(String v) { + value = v; + } + + public String value() { + return value; + } + + public static FamilyEnum fromValue(String v) { + for (FamilyEnum c: FamilyEnum.values()) { + if (c.value.equals(v)) { + return c; + } + } + throw new IllegalArgumentException(v); + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/GeneratorType.java b/java/code/src/com/suse/oval/ovaltypes/GeneratorType.java new file mode 100755 index 000000000000..8f139b9b077f --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/GeneratorType.java @@ -0,0 +1,109 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import org.w3c.dom.Element; + +import javax.xml.bind.annotation.*; +import javax.xml.datatype.XMLGregorianCalendar; +import java.math.BigDecimal; +import java.util.ArrayList; +import java.util.List; + + +/** + * Additional generator information is also allowed although it is not part of the official OVAL Schema. Individual + * organizations can place generator information that they feel are important and these will be skipped during the validation. + *

+ * All OVAL really cares about is that the stated generator information is there. + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "GeneratorType", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +public class GeneratorType { + + @XmlElement(name = "product_name", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") + protected String productName; + @XmlElement(name = "product_version", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") + protected String productVersion; + @XmlElement(name = "schema_version", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5", required = true) + protected BigDecimal schemaVersion; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-common-5", required = true) + @XmlSchemaType(name = "dateTime") + protected XMLGregorianCalendar timestamp; + @XmlAnyElement + protected List any; + + /** + * Gets the value of the productName property. + */ + public String getProductName() { + return productName; + } + + /** + * Sets the value of the productName property. + */ + public void setProductName(String value) { + this.productName = value; + } + + /** + * Gets the value of the productVersion property. + */ + public String getProductVersion() { + return productVersion; + } + + /** + * Sets the value of the productVersion property. + */ + public void setProductVersion(String value) { + this.productVersion = value; + } + + /** + * Gets the value of the schemaVersion property. + */ + public BigDecimal getSchemaVersion() { + return schemaVersion; + } + + /** + * Sets the value of the schemaVersion property. + */ + public void setSchemaVersion(BigDecimal value) { + this.schemaVersion = value; + } + + /** + * Gets the value of the timestamp property. + */ + public XMLGregorianCalendar getTimestamp() { + return timestamp; + } + + /** + * Sets the value of the timestamp property. + */ + public void setTimestamp(XMLGregorianCalendar value) { + this.timestamp = value; + } + + /** + * Gets the value of the any property. + */ + public List getAny() { + if (any == null) { + any = new ArrayList<>(); + } + return this.any; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/LogicOperatorType.java b/java/code/src/com/suse/oval/ovaltypes/LogicOperatorType.java new file mode 100755 index 000000000000..fe8cf7598658 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/LogicOperatorType.java @@ -0,0 +1,52 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlEnum; +import javax.xml.bind.annotation.XmlType; + + +@XmlType(name = "OperatorEnumeration", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +@XmlEnum +public enum LogicOperatorType { + + + /** + * The AND operator produces a true result if every argument is true. If one or more arguments are false, the result of the AND is false. If one or more of the arguments are unknown, and if none of the arguments are false, then the AND operator produces a result of unknown. + * + */ + AND, + + /** + * The ONE operator produces a true result if one and only one argument is true. If there are more than argument is true (or if there are no true arguments), the result of the ONE is false. If one or more of the arguments are unknown, then the ONE operator produces a result of unknown. + * + */ + ONE, + + /** + * The OR operator produces a true result if one or more arguments is true. If every argument is false, the result of the OR is false. If one or more of the arguments are unknown and if none of arguments are true, then the OR operator produces a result of unknown. + * + */ + OR, + + /** + * XOR is defined to be true if an odd number of its arguments are true, and false otherwise. If any of the arguments are unknown, then the XOR operator produces a result of unknown. + * + */ + XOR; + + public String value() { + return name(); + } + + public static LogicOperatorType fromValue(String v) { + return valueOf(v); + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/MetadataType.java b/java/code/src/com/suse/oval/ovaltypes/MetadataType.java new file mode 100755 index 000000000000..6b4ab11e41e5 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/MetadataType.java @@ -0,0 +1,97 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import org.w3c.dom.Element; + +import javax.xml.bind.annotation.*; +import java.util.ArrayList; +import java.util.List; + + +/** + * Additional metadata is also allowed, although it is not part of the official OVAL Schema. + * Individual organizations can place metadata items that they feel are important and these will be skipped during the validation. + *

+ * All OVAL really cares about is that the stated metadata items are there. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "MetadataType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class MetadataType { + + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", required = true) + protected String title; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected List affected; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected List reference; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", required = true) + protected String description; + @XmlAnyElement + protected List any; + + /** + * Gets the value of the title property. + */ + public String getTitle() { + return title; + } + + /** + * Sets the value of the title property. + */ + public void setTitle(String value) { + this.title = value; + } + + /** + * Gets the value of the affected property. + */ + public List getAffected() { + if (affected == null) { + affected = new ArrayList<>(); + } + return this.affected; + } + + /** + * Gets the value of the reference property. + */ + public List getReference() { + if (reference == null) { + reference = new ArrayList<>(); + } + return this.reference; + } + + /** + * Gets the value of the description property. + */ + public String getDescription() { + return description; + } + + /** + * Sets the value of the description property. + */ + public void setDescription(String value) { + this.description = value; + } + + /** + * Gets the value of the 'any' property. + */ + public List getAny() { + if (any == null) { + any = new ArrayList<>(); + } + return this.any; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/NotesType.java b/java/code/src/com/suse/oval/ovaltypes/NotesType.java new file mode 100755 index 000000000000..0011de76caeb --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/NotesType.java @@ -0,0 +1,41 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; +import java.util.ArrayList; +import java.util.List; + + +/** + * The NotesType complex type is a container for one or more note child elements. Each note contains some information + * about the definition or tests that it references. A note may record an unresolved question about the definition or + * test or present the reason as to why a particular approach was taken. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "NotesType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class NotesType { + + @XmlElement(name = "note", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", required = true) + protected List notes; + + /** + * Gets the list of notes + */ + public List getNotes() { + if (notes == null) { + notes = new ArrayList<>(); + } + return this.notes; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/ObjectRefType.java b/java/code/src/com/suse/oval/ovaltypes/ObjectRefType.java new file mode 100755 index 000000000000..af222a88420b --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/ObjectRefType.java @@ -0,0 +1,42 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlType; + + +/** + * The ObjectRefType defines an object reference to be used by OVAL Tests that are defined in the component schemas. + * The required object_ref attribute specifies the id of the OVAL Object being referenced. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "ObjectRefType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class ObjectRefType { + + @XmlAttribute(name = "object_ref", required = true) + protected String objectRef; + + /** + * Gets the value of the objectRef property. + */ + public String getObjectRef() { + return objectRef; + } + + /** + * Sets the value of the objectRef property. + */ + public void setObjectRef(String value) { + this.objectRef = value; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/ObjectType.java b/java/code/src/com/suse/oval/ovaltypes/ObjectType.java new file mode 100755 index 000000000000..b190107722df --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/ObjectType.java @@ -0,0 +1,126 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import com.suse.ovaltypes.linux.DpkginfoObject; +import com.suse.ovaltypes.linux.RpminfoObject; + +import javax.xml.bind.annotation.*; +import java.math.BigInteger; + + +/** + * The required id attribute uniquely identifies each object, and must conform to the format specified by the ObjectIdPattern simple type. + * The required version attribute holds the current version of the object element. Versions are integers, starting at 1 + * and incrementing every time an object is modified. The optional comment attribute provides a short description of the object. + *

+ * The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept + * around for historic purposes. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "ObjectType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class ObjectType { + + @XmlAttribute(name = "id", required = true) + protected String id; + @XmlAttribute(name = "version", required = true) + @XmlSchemaType(name = "nonNegativeInteger") + protected BigInteger version; + @XmlAttribute(name = "comment") + protected String comment; + @XmlAttribute(name = "deprecated") + protected Boolean deprecated; + + + // These attributes are not specified for the base object type as per the schema; nevertheless, they has been included + // since both dpkg and rpm objects have them. + + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux") + protected String name; + + + /** + * Gets the value of the id property. + */ + public String getId() { + return id; + } + + /** + * Sets the value of the id property. + */ + public void setId(String value) { + this.id = value; + } + + /** + * Gets the value of the version property. + */ + public BigInteger getVersion() { + return version; + } + + /** + * Sets the value of the version property. + */ + public void setVersion(BigInteger value) { + this.version = value; + } + + /** + * Gets the value of the comment property. + */ + public String getComment() { + return comment; + } + + /** + * Sets the value of the comment property. + */ + public void setComment(String value) { + this.comment = value; + } + + /** + * Gets the value of the deprecated property. + */ + public boolean isDeprecated() { + if (deprecated == null) { + return false; + } else { + return deprecated; + } + } + + /** + * Sets the value of the deprecated property. + */ + public void setDeprecated(Boolean value) { + this.deprecated = value; + } + + /** + * Returns the package name. + */ + public String getPackageName() { + return name; + } + + public void setPackageName(String name) { + this.name = name; + } + + public boolean isDpkg() { + return this instanceof DpkginfoObject; + } + + public boolean isRpm() { + return this instanceof RpminfoObject; + } +} diff --git a/java/code/src/com/suse/oval/ovaltypes/ObjectsType.java b/java/code/src/com/suse/oval/ovaltypes/ObjectsType.java new file mode 100755 index 000000000000..012ab063cd25 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/ObjectsType.java @@ -0,0 +1,46 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import com.suse.ovaltypes.linux.DpkginfoObject; +import com.suse.ovaltypes.linux.RpminfoObject; + +import javax.xml.bind.annotation.*; +import java.util.ArrayList; +import java.util.List; + + +/** + * The ObjectsType is a container for one or more object child elements. + *

+ * Each object element provides details that define a unique set of matching items to be used by an OVAL Test. + * Please refer to the description of the object element for more information about an individual object. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "ObjectsType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class ObjectsType { + + @XmlElements({ + @XmlElement(name = "rpminfo_object", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux", type = RpminfoObject.class), + @XmlElement(name = "dpkginfo_object", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux", type = DpkginfoObject.class), + @XmlElement(name = "object", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", type = ObjectType.class) + }) + protected List objects; + + /** + * Gets the list of contained objects. + */ + public List getObjects() { + if (objects == null) { + objects = new ArrayList<>(); + } + return this.objects; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/OperationEnumeration.java b/java/code/src/com/suse/oval/ovaltypes/OperationEnumeration.java new file mode 100755 index 000000000000..ed4251c3b39e --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/OperationEnumeration.java @@ -0,0 +1,130 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlEnum; +import javax.xml.bind.annotation.XmlEnumValue; +import javax.xml.bind.annotation.XmlType; + + +@XmlType(name = "OperationEnumeration", namespace = "http://oval.mitre.org/XMLSchema/oval-common-5") +@XmlEnum +public enum OperationEnumeration { + + + /** + * The 'equals' operation returns true if the actual value on the system is equal to the stated entity. When the specified datatype is a string, this results in a case-sensitive comparison. + * + */ + @XmlEnumValue("equals") + EQUALS("equals"), + + /** + * The 'not equal' operation returns true if the actual value on the system is not equal to the stated entity. When the specified datatype is a string, this results in a case-sensitive comparison. + * + */ + @XmlEnumValue("not equal") + NOT_EQUAL("not equal"), + + /** + * The 'case insensitive equals' operation is meant for string data and returns true if the actual value on the system is equal (using a case insensitive comparison) to the stated entity. + * + */ + @XmlEnumValue("case insensitive equals") + CASE_INSENSITIVE_EQUALS("case insensitive equals"), + + /** + * The 'case insensitive not equal' operation is meant for string data and returns true if the actual value on the system is not equal (using a case insensitive comparison) to the stated entity. + * + */ + @XmlEnumValue("case insensitive not equal") + CASE_INSENSITIVE_NOT_EQUAL("case insensitive not equal"), + + /** + * The 'greater than' operation returns true if the actual value on the system is greater than the stated entity. + * + */ + @XmlEnumValue("greater than") + GREATER_THAN("greater than"), + + /** + * The 'less than' operation returns true if the actual value on the system is less than the stated entity. + * + */ + @XmlEnumValue("less than") + LESS_THAN("less than"), + + /** + * The 'greater than or equal' operation returns true if the actual value on the system is greater than or equal to the stated entity. + * + */ + @XmlEnumValue("greater than or equal") + GREATER_THAN_OR_EQUAL("greater than or equal"), + + /** + * The 'less than or equal' operation returns true if the actual value on the system is less than or equal to the stated entity. + * + */ + @XmlEnumValue("less than or equal") + LESS_THAN_OR_EQUAL("less than or equal"), + + /** + * The 'bitwise and' operation is used to determine if a specific bit is set. It returns true if performing a BITWISE AND with the binary representation of the stated entity against the binary representation of the actual value on the system results in a binary value that is equal to the binary representation of the stated entity. For example, assuming a datatype of 'int', if the actual integer value of the setting on your machine is 6 (same as 0110 in binary), then performing a 'bitwise and' with the stated integer 4 (0100) returns 4 (0100). Since the result is the same as the state mask, then the test returns true. If the actual value on your machine is 1 (0001), then the 'bitwise and' with the stated integer 4 (0100) returns 0 (0000). Since the result is not the same as the stated mask, then the test fails. + * + */ + @XmlEnumValue("bitwise and") + BITWISE_AND("bitwise and"), + + /** + * The 'bitwise or' operation is used to determine if a specific bit is not set. It returns true if performing a BITWISE OR with the binary representation of the stated entity against the binary representation of the actual value on the system results in a binary value that is equal to the binary representation of the stated entity. For example, assuming a datatype of 'int', if the actual integer value of the setting on your machine is 6 (same as 0110 in binary), then performing a 'bitwise or' with the stated integer 14 (1110) returns 14 (1110). Since the result is the same as the state mask, then the test returns true. If the actual value on your machine is 1 (0001), then the 'bitwise or' with the stated integer 14 (1110) returns 15 (1111). Since the result is not the same as the stated mask, then the test fails. + * + */ + @XmlEnumValue("bitwise or") + BITWISE_OR("bitwise or"), + + /** + * The 'pattern match' operation allows an item to be tested against a regular expression. When used by an entity in an OVAL Object, the regular expression represents the unique set of matching items on the system. OVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5's regular expression specification. For more information on the supported regular expression syntax in OVAL see: http://oval.mitre.org/language/about/re_support_5.6.html + * + */ + @XmlEnumValue("pattern match") + PATTERN_MATCH("pattern match"), + + /** + * The 'subset of' operation returns true if the actual set on the system is a subset of the set defined by the stated entity. + * + */ + @XmlEnumValue("subset of") + SUBSET_OF("subset of"), + + /** + * The 'superset of' operation returns true if the actual set on the system is a superset of the set defined by the stated entity. + * + */ + @XmlEnumValue("superset of") + SUPERSET_OF("superset of"); + private final String value; + + OperationEnumeration(String v) { + value = v; + } + + public String value() { + return value; + } + + public static OperationEnumeration fromValue(String v) { + for (OperationEnumeration c: OperationEnumeration.values()) { + if (c.value.equals(v)) { + return c; + } + } + throw new IllegalArgumentException(v); + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/OvalRootType.java b/java/code/src/com/suse/oval/ovaltypes/OvalRootType.java new file mode 100755 index 000000000000..6a70cdb5300b --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/OvalRootType.java @@ -0,0 +1,100 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; + + +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "") +@XmlRootElement(name = "oval_definitions", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class OvalRootType { + + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", required = true) + protected GeneratorType generator; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected DefinitionsType definitions; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected TestsType tests; + @XmlElement(name = "objects", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected ObjectsType objects; + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") + protected StatesType states; + + + /** + * Gets the value of the generator property. + */ + public GeneratorType getGenerator() { + return generator; + } + + /** + * Sets the value of the generator property. + */ + public void setGenerator(GeneratorType value) { + this.generator = value; + } + + /** + * Gets the value of the definitions property. + */ + public DefinitionsType getDefinitions() { + return definitions; + } + + /** + * Sets the value of the definitions' property. + */ + public void setDefinitions(DefinitionsType value) { + this.definitions = value; + } + + /** + * Gets the value of the tests property. + */ + public TestsType getTests() { + return tests; + } + + /** + * Sets the value of the tests property. + */ + public void setTests(TestsType value) { + this.tests = value; + } + + /** + * Gets the value of the objects property. + */ + public ObjectsType getObjects() { + return objects; + } + + /** + * Sets the value of the objects property. + */ + public void setObjects(ObjectsType value) { + this.objects = value; + } + + /** + * Gets the value of the states property. + */ + public StatesType getStates() { + return states; + } + + /** + * Sets the value of the states property. + */ + public void setStates(StatesType value) { + this.states = value; + } +} diff --git a/java/code/src/com/suse/oval/ovaltypes/ReferenceType.java b/java/code/src/com/suse/oval/ovaltypes/ReferenceType.java new file mode 100755 index 000000000000..950ed56d2679 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/ReferenceType.java @@ -0,0 +1,75 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; +import java.util.Optional; + + +/** + * The required source attribute specifies where the reference is coming from. In other words, it identifies + * the reference repository being used. The required ref_id attribute is the external id of the reference. + *

+ * The optional ref_url attribute is the URL to the reference. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "ReferenceType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class ReferenceType { + + @XmlAttribute(name = "source", required = true) + protected String source; + @XmlAttribute(name = "ref_id", required = true) + protected String refId; + @XmlAttribute(name = "ref_url") + @XmlSchemaType(name = "anyURI") + protected String refUrl; + + /** + * Gets the value of the source property. + */ + public String getSource() { + return source; + } + + /** + * Sets the value of the source property. + */ + public void setSource(String value) { + this.source = value; + } + + /** + * Gets the value of the refId property. + */ + public String getRefId() { + return refId; + } + + /** + * Sets the value of the refId property. + */ + public void setRefId(String value) { + this.refId = value; + } + + /** + * Gets the value of the refUrl property. + */ + public Optional getRefUrl() { + return Optional.ofNullable(refUrl); + } + + /** + * Sets the value of the refUrl property. + */ + public void setRefUrl(String value) { + this.refUrl = value; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/StateRefType.java b/java/code/src/com/suse/oval/ovaltypes/StateRefType.java new file mode 100755 index 000000000000..fd8298b967ed --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/StateRefType.java @@ -0,0 +1,42 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlType; + + +/** + * The StateRefType defines a state reference to be used by OVAL Tests that are defined in the component schemas. + * The required state_ref attribute specifies the id of the OVAL State being referenced. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "StateRefType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class StateRefType { + + @XmlAttribute(name = "state_ref", required = true) + protected String stateRef; + + /** + * Gets the value of the stateRef property. + */ + public String getStateRef() { + return stateRef; + } + + /** + * Sets the value of the stateRef property. + */ + public void setStateRef(String value) { + this.stateRef = value; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/StateType.java b/java/code/src/com/suse/oval/ovaltypes/StateType.java new file mode 100755 index 000000000000..c5de94895445 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/StateType.java @@ -0,0 +1,146 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; +import java.math.BigInteger; + + +/** + * When evaluating a particular state against an object, one should evaluate each individual entity separately. + * The individual results are then combined by the operator to produce an overall result. + *

+ * This process holds true even when there are multiple instances of the same entity. Evaluate each instance separately, + * taking the entity check attribute into account, and then combine everything using the operator. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "StateType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class StateType { + + @XmlAttribute(name = "id", required = true) + protected String id; + @XmlAttribute(name = "version", required = true) + @XmlSchemaType(name = "nonNegativeInteger") + protected BigInteger version; + @XmlAttribute(name = "operator") + protected LogicOperatorType operator; + @XmlAttribute(name = "comment") + protected String comment; + @XmlAttribute(name = "deprecated") + protected Boolean deprecated; + @XmlElement(name = "evr", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux") + protected EVRType packageEVR; + @XmlElement(name = "arch", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux") + protected ArchType packageArch; + @XmlElement(name = "version", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux") + protected VersionType packageVersion; + + + /** + * Gets the value of the id property. + */ + public String getId() { + return id; + } + + /** + * Sets the value of the id property. + */ + public void setId(String value) { + this.id = value; + } + + /** + * Gets the value of the version property. + */ + public BigInteger getVersion() { + return version; + } + + /** + * Sets the value of the version property. + */ + public void setVersion(BigInteger value) { + this.version = value; + } + + /** + * Gets the value of the operator property. + */ + public LogicOperatorType getOperator() { + if (operator == null) { + return LogicOperatorType.AND; + } else { + return operator; + } + } + + /** + * Sets the value of the operator property. + */ + public void setOperator(LogicOperatorType value) { + this.operator = value; + } + + /** + * Gets the value of the comment property. + */ + public String getComment() { + return comment; + } + + /** + * Sets the value of the comment property. + */ + public void setComment(String value) { + this.comment = value; + } + + /** + * Gets the value of the deprecated property. + */ + public boolean isDeprecated() { + if (deprecated == null) { + return false; + } else { + return deprecated; + } + } + + /** + * Sets the value of the deprecated property. + */ + public void setDeprecated(Boolean value) { + this.deprecated = value; + } + + public EVRType getPackageEVR() { + return packageEVR; + } + + public void setPackageEVR(EVRType packageEVR) { + this.packageEVR = packageEVR; + } + + public ArchType getPackageArch() { + return packageArch; + } + + public void setPackageArch(ArchType packageArch) { + this.packageArch = packageArch; + } + + public VersionType getPackageVersion() { + return packageVersion; + } + + public void setPackageVersion(VersionType packageVersion) { + this.packageVersion = packageVersion; + } +} diff --git a/java/code/src/com/suse/oval/ovaltypes/StatesType.java b/java/code/src/com/suse/oval/ovaltypes/StatesType.java new file mode 100755 index 000000000000..d32602d73811 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/StatesType.java @@ -0,0 +1,46 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import com.suse.ovaltypes.linux.DpkginfoState; +import com.suse.ovaltypes.linux.RpminfoState; + +import javax.xml.bind.annotation.*; +import java.util.ArrayList; +import java.util.List; + + +/** + * The StatesType is a container for one or more state child elements. + * Each state provides details about specific characteristics that can be used during an evaluation of an object. + *

+ * Please refer to the description of the state element for more information about an individual state. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "StatesType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class StatesType { + + @XmlElements({ + @XmlElement(name = "rpminfo_state", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux", type = RpminfoState.class), + @XmlElement(name = "dpkginfo_state", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux", type = DpkginfoState.class), + @XmlElement(name = "state", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", type = StateType.class) + }) + protected List states; + + /** + * Gets the contained states. + */ + public List getStates() { + if (states == null) { + states = new ArrayList<>(); + } + return this.states; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/TestType.java b/java/code/src/com/suse/oval/ovaltypes/TestType.java new file mode 100755 index 000000000000..ac5fe29f95e7 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/TestType.java @@ -0,0 +1,197 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; +import java.math.BigInteger; +import java.util.List; +import java.util.Optional; + + +/** + * The optional state_operator attribute provides the logical operator that combines the evaluation results from each referenced state + * on a per item basis. Each matching item is compared to each referenced state. + *

+ * The result of comparing each state to a single item is combined based on the specified state_operator value to determine one result + * for each item. Finally, the results for each item are combined based on the specified check value. Note that if the test does not contain + * any references to OVAL States, then the state_operator attribute has no meaning and can be ignored during evaluation. + *

+ * Referencing multiple states in one test allows ranges of possible values to be expressed. For example, one state can check + * that a value greater than 8 is found and another state can check that a value of less than 16 is found. In this example + * the referenced states are combined with a state_operator = 'AND' indicating that the conditions of all referenced states + * must be satisfied and that the value must be between 8 AND 16. The valid state_operation values are explained in + * the description of the OperatorEnumeration simple type. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "TestType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class TestType { + + @XmlAttribute(name = "id", required = true) + protected String id; + @XmlAttribute(name = "version", required = true) + @XmlSchemaType(name = "nonNegativeInteger") + protected BigInteger version; + @XmlAttribute(name = "check_existence") + protected ExistenceEnum checkExistence; + @XmlAttribute(name = "state_operator") + protected LogicOperatorType stateOperator; + @XmlAttribute(name = "check", required = true) + protected CheckEnum check; + @XmlAttribute(name = "comment", required = true) + protected String comment; + @XmlAttribute(name = "deprecated") + protected Boolean deprecated; + + /** + * These attributes are not specified for the base test type as per the schema; nevertheless, it has been included + * since both dpkg and rpm test types have it. + */ + @XmlElement(namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux", required = true) + protected ObjectRefType object; + @XmlElement(name = "state", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux") + protected List states; + + /** + * Gets the value of the id property. + */ + public String getId() { + return id; + } + + /** + * Sets the value of the id property. + */ + public void setId(String value) { + this.id = value; + } + + /** + * Gets the value of the version property. + */ + public BigInteger getVersion() { + return version; + } + + /** + * Sets the value of the version property. + */ + public void setVersion(BigInteger value) { + this.version = value; + } + + /** + * Gets the value of the checkExistence property. + */ + public ExistenceEnum getCheckExistence() { + if (checkExistence == null) { + return ExistenceEnum.AT_LEAST_ONE_EXISTS; + } else { + return checkExistence; + } + } + + /** + * Sets the value of the checkExistence property. + */ + public void setCheckExistence(ExistenceEnum value) { + this.checkExistence = value; + } + + /** + * Gets the value of the check property. + */ + public CheckEnum getCheck() { + return check; + } + + /** + * Sets the value of the check property. + */ + public void setCheck(CheckEnum value) { + this.check = value; + } + + /** + * Gets the value of the comment property. + */ + public String getComment() { + return comment; + } + + /** + * Sets the value of the comment property. + */ + public void setComment(String value) { + this.comment = value; + } + + /** + * Gets the value of the deprecated property. + */ + public boolean isDeprecated() { + if (deprecated == null) { + return false; + } else { + return deprecated; + } + } + + /** + * Sets the value of the deprecated property. + */ + public void setDeprecated(Boolean value) { + this.deprecated = value; + } + + /** + * Gets the value of the object property. + */ + public ObjectRefType getObject() { + return object; + } + + /** + * Sets the value of the object property. + */ + public void setObject(ObjectRefType value) { + this.object = value; + } + + /** + * Gets the value of the state property. + *

+ * Although the OVAL specs says that an OVAL test could have 0 or more states but for the OVAL files that we're + * consuming, it's always 0 or 1 state hence an {@code Optional} is used. + */ + public Optional getStateRef() { + if (this.states == null) { + return Optional.empty(); + } else if (this.states.size() == 1) { + return Optional.ofNullable(states.get(0).getStateRef()); + } else { + throw new IllegalStateException("Each test is expected to have 0 or 1 state. See the comment above the method"); + } + } + + public LogicOperatorType getStateOperator() { + if (stateOperator == null) { + return LogicOperatorType.AND; + } else { + return stateOperator; + } + } + + public void setStateOperator(LogicOperatorType stateOperator) { + this.stateOperator = stateOperator; + } + + public void setStates(List states) { + this.states = states; + } +} diff --git a/java/code/src/com/suse/oval/ovaltypes/TestsType.java b/java/code/src/com/suse/oval/ovaltypes/TestsType.java new file mode 100755 index 000000000000..40b2f16b0a9c --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/TestsType.java @@ -0,0 +1,46 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import com.suse.ovaltypes.linux.DpkginfoTest; +import com.suse.ovaltypes.linux.RpminfoTest; + +import javax.xml.bind.annotation.*; +import java.util.ArrayList; +import java.util.List; + + +/** + * The TestsType complex type is a container for one or more test child elements. + *

+ * Each test element describes a single OVAL Test. Please refer to the description of the TestType for more information + * about an individual test. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "TestsType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class TestsType { + + @XmlElements({ + @XmlElement(name = "rpminfo_test", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux", type = RpminfoTest.class), + @XmlElement(name = "dpkginfo_test", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5#linux", type = DpkginfoTest.class), + @XmlElement(name = "test", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", type = TestType.class) + }) + protected List tests; + + /** + * Gets the value of the contained tests. + */ + public List getTests() { + if (tests == null) { + tests = new ArrayList<>(); + } + return this.tests; + } + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/VersionType.java b/java/code/src/com/suse/oval/ovaltypes/VersionType.java new file mode 100755 index 000000000000..50e00ad17e7b --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/VersionType.java @@ -0,0 +1,28 @@ +package com.suse.oval.ovaltypes; + +import javax.xml.bind.annotation.*; + +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class VersionType { + @XmlValue + private String value; + @XmlAttribute(name = "operation", required = true) + private OperationEnumeration operation; + + public String getValue() { + return value; + } + + public void setValue(String value) { + this.value = value; + } + + public OperationEnumeration getOperation() { + return operation; + } + + public void setOperation(OperationEnumeration operation) { + this.operation = operation; + } +} \ No newline at end of file From 123bc8d7f7fe44b4f53a7e1ac0f716e7d47c5209 Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:27:02 +0100 Subject: [PATCH 2/9] Create OVAL objects, states and tests managers - It's an optimization to enable faster lookups of OVAL resources --- .../suse/oval/manager/OvalObjectManager.java | 33 ++++++++++++++++++ .../suse/oval/manager/OvalStateManager.java | 33 ++++++++++++++++++ .../suse/oval/manager/OvalTestManager.java | 34 +++++++++++++++++++ 3 files changed, 100 insertions(+) create mode 100755 java/code/src/com/suse/oval/manager/OvalObjectManager.java create mode 100755 java/code/src/com/suse/oval/manager/OvalStateManager.java create mode 100755 java/code/src/com/suse/oval/manager/OvalTestManager.java diff --git a/java/code/src/com/suse/oval/manager/OvalObjectManager.java b/java/code/src/com/suse/oval/manager/OvalObjectManager.java new file mode 100755 index 000000000000..b49808ffc14a --- /dev/null +++ b/java/code/src/com/suse/oval/manager/OvalObjectManager.java @@ -0,0 +1,33 @@ +package com.suse.oval.manager; + +import com.suse.oval.ovaltypes.ObjectType; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class OvalObjectManager { + private final Map objectsMap = new HashMap<>(); + + public OvalObjectManager(List objects) { + for (ObjectType objectType : objects) { + objectsMap.put(objectType.getId(), objectType); + } + } + + public ObjectType get(String objectId) { + ObjectType object = objectsMap.get(objectId); + if (object == null) { + throw new IllegalArgumentException("The object id is invalid: " + objectId); + } + return object; + } + + public boolean exists(String objectId) { + return objectsMap.containsKey(objectId); + } + + public void add(ObjectType objectType) { + objectsMap.put(objectType.getId(), objectType); + } +} diff --git a/java/code/src/com/suse/oval/manager/OvalStateManager.java b/java/code/src/com/suse/oval/manager/OvalStateManager.java new file mode 100755 index 000000000000..9f6dd13ef5bd --- /dev/null +++ b/java/code/src/com/suse/oval/manager/OvalStateManager.java @@ -0,0 +1,33 @@ +package com.suse.oval.manager; + +import com.suse.oval.ovaltypes.StateType; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class OvalStateManager { + private final Map statesMap = new HashMap<>(); + + public OvalStateManager(List states) { + for (StateType state : states) { + statesMap.put(state.getId(), state); + } + } + + public StateType get(String stateId) { + StateType state = statesMap.get(stateId); + if (state == null) { + throw new IllegalArgumentException("The state id is invalid: " + stateId); + } + return state; + } + + public boolean exists(String stateId) { + return statesMap.containsKey(stateId); + } + + public void add(StateType state) { + statesMap.put(state.getId(), state); + } +} diff --git a/java/code/src/com/suse/oval/manager/OvalTestManager.java b/java/code/src/com/suse/oval/manager/OvalTestManager.java new file mode 100755 index 000000000000..9b6152d8677f --- /dev/null +++ b/java/code/src/com/suse/oval/manager/OvalTestManager.java @@ -0,0 +1,34 @@ +package com.suse.oval.manager; + + +import com.suse.oval.ovaltypes.TestType; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class OvalTestManager { + private final Map testsMap = new HashMap<>(); + + public OvalTestManager(List tests) { + for (TestType test : tests) { + testsMap.put(test.getId(), test); + } + } + + public TestType get(String testId) { + TestType test = testsMap.get(testId); + if (test == null) { + throw new IllegalArgumentException("The test id is invalid: " + testId); + } + return test; + } + + public boolean exists(String testId) { + return testsMap.containsKey(testId); + } + + public void add(TestType testType) { + testsMap.put(testType.getId(), testType); + } +} From e95f3a8ce24a3bafbc7914206f87a4589445fa80 Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:31:54 +0100 Subject: [PATCH 3/9] Create a facade class that offers mock implementations for Uyuni APIs - This class is temporary and will be removed when the integration with Uyuni is complete. --- java/code/src/com/suse/oval/UyuniAPI.java | 670 ++++++++++++++++++++++ 1 file changed, 670 insertions(+) create mode 100755 java/code/src/com/suse/oval/UyuniAPI.java diff --git a/java/code/src/com/suse/oval/UyuniAPI.java b/java/code/src/com/suse/oval/UyuniAPI.java new file mode 100755 index 000000000000..365ab8bd555c --- /dev/null +++ b/java/code/src/com/suse/oval/UyuniAPI.java @@ -0,0 +1,670 @@ +package com.suse.oval; + +import java.util.Comparator; +import java.util.Optional; +import java.util.stream.Stream; + +/** + * This class offers mock implementations for the APIs in Uyuni. It does not provide real data or + * perform any logic. When working on the integration with Uyuni, it is necessary to substitute calls to this class + * with calls to the real APIs. + */ +public class UyuniAPI { + + public static Stream listSystemsByPatchStatus(User user, String cveIdentifier) { + + return Stream.of( + new CVEPatchStatus(1, Optional.of("libsoftokn3-hmac-32bit"), + Optional.of(PackageEvr.parseRpm("0:3.68.3-150400.1.7")), true), + new CVEPatchStatus(1, Optional.of("libsha1detectcoll1"), + Optional.of(PackageEvr.parseRpm("0:1.0.3-2.18")), true), + new CVEPatchStatus(1, Optional.of("libsha1detectcoll1"), + Optional.of(PackageEvr.parseRpm("0:1.0.0-2.18")), true), + new CVEPatchStatus(1, Optional.of("libsha1detectcoll1"), + Optional.of(PackageEvr.parseRpm("0:1.0.10-2.18")), true) + ); + } + + public static class CVEPatchStatus { + + private final long systemId; + private final Optional packageName; + private final Optional packageArch; + private final Optional packageEvr; + private final boolean packageInstalled; + + CVEPatchStatus(long systemIdIn, Optional packageNameIn, + Optional evrIn, boolean packageInstalledIn, Optional packageArch) { + this.systemId = systemIdIn; + this.packageName = packageNameIn; + this.packageInstalled = packageInstalledIn; + this.packageEvr = evrIn; + this.packageArch = packageArch; + } + + CVEPatchStatus(long systemIdIn, Optional packageNameIn, Optional evrIn, boolean packageInstalledIn) { + this(systemIdIn, packageNameIn, evrIn, packageInstalledIn, Optional.of("noarch")); + } + + public long getSystemId() { + return systemId; + } + + public Optional getPackageName() { + return packageName; + } + + public Optional getPackageEvr() { + return packageEvr; + } + + public boolean isPackageInstalled() { + return packageInstalled; + } + + public Optional getPackageArch() { + return packageArch; + } + } + + public static class PackageEvr implements Comparable { + private static final RpmVersionComparator RPMVERCMP = new RpmVersionComparator(); + private static final DebVersionComparator DEBVERCMP = new DebVersionComparator(); + private Long id; + private String epoch; + private String version; + private String release; + private String type; + + + public PackageEvr(String epochIn, String versionIn, String releaseIn, String typeIn) { + id = null; + epoch = epochIn; + version = versionIn; + release = releaseIn; + type = typeIn; + } + + + public String getEpoch() { + return epoch; + } + + public void setEpoch(String e) { + this.epoch = e; + } + + public Long getId() { + return id; + } + + public void setId(Long i) { + this.id = i; + } + + public String getRelease() { + return release; + } + + public String getType() { + return type; + } + + public void setType(String t) { + this.type = t; + } + + public void setRelease(String r) { + this.release = r; + } + + public String getVersion() { + return version; + } + + public void setVersion(String v) { + this.version = v; + } + + private int rpmCompareTo(PackageEvr other) { + // This method mirrors the perl function RHN::Manifest::vercmp + // There is another perl function, RHN::DB::Package::vercmp which + // does almost the same, but has a subtle difference when it comes + // to null epochs (the RHN::DB::Package version does not treat null + // epochs the same as epoch == 0, but sorts them as Integer.MIN_VALUE) + int result = Integer.compare(epochAsInteger(), other.epochAsInteger()); + if (result != 0) { + return result; + } + if (getVersion() == null || other.getVersion() == null) { + throw new IllegalStateException( + "To compare PackageEvr, both must have non-null versions"); + } + result = RPMVERCMP.compare(getVersion(), other.getVersion()); + if (result != 0) { + return result; + } + // The perl code doesn't check for null releases, so we won't either + // In the long run, a check might be in order, though + return RPMVERCMP.compare(getRelease(), other.getRelease()); + } + + private int debCompareTo(PackageEvr other) { + int result = Integer.compare(epochAsInteger(), other.epochAsInteger()); + if (result != 0) { + return result; + } + if (getVersion() == null || other.getVersion() == null) { + throw new IllegalStateException( + "To compare PackageEvr, both must have non-null versions"); + } + result = DEBVERCMP.compare(getVersion(), other.getVersion()); + if (result != 0) { + return result; + } + // The perl code doesn't check for null releases, so we won't either + // In the long run, a check might be in order, though + return DEBVERCMP.compare(getRelease(), other.getRelease()); + } + + /** + * {@inheritDoc} + */ + @Override + public int compareTo(PackageEvr other) { + if (this.getPackageType() == other.getPackageType()) { + if (this.getPackageType() == PackageType.DEB) { + return debCompareTo(other); + } else if (this.getPackageType() == PackageType.RPM) { + return rpmCompareTo(other); + } else { + throw new RuntimeException("unhandled package type " + this.getPackageType()); + } + } else { + throw new RuntimeException("can not compare incompatible packageevr of type " + this.getPackageType() + + " with type " + other.getPackageType()); + } + } + + private int epochAsInteger() { + if (getEpoch() == null) { + return 0; + } else { + return Integer.parseInt(getEpoch()); + } + } + + /** + * Return a string representation in the format "[epoch:]version-release". + * + * @return string representation of epoch, version and release + */ + @Override + public String toString() { + StringBuilder builder = new StringBuilder(); + builder.append(getEpoch()).append(':'); + /* if (StringUtils.isNumeric(getEpoch())) { + builder.append(getEpoch()).append(':'); + }*/ + builder.append(getVersion()).append('-').append(getRelease()); + return builder.toString(); + } + + /** + * Parses a Debian package version string to create a {@link PackageEvr} object. + *

+ * Debian package versioning policy format: [epoch:]upstream_version[-debian_revision] + * Additional ':' and '-' characters are allowed in 'upstream_version' + * https://www.debian.org/doc/debian-policy/ch-controlfields.html#version + * + * @param version the package version string + * @return the package EVR + */ + public static PackageEvr parseDebian(String version) { + + // repo-sync replaces empty releases with 'X'. We copy the same behavior. + String release = "X"; + String epoch = null; + + int epochIndex = version.indexOf(':'); + if (epochIndex > 0) { + // Strip away optional 'epoch' + epoch = version.substring(0, epochIndex); + version = version.substring(epochIndex + 1); + } + + int releaseIndex = version.lastIndexOf('-'); + if (releaseIndex > 0) { + // Strip away optional 'release' + release = version.substring(releaseIndex + 1); + version = version.substring(0, releaseIndex); + } + + return new PackageEvr(epoch, version, release, "deb"); + } + + /** + * Parses a RPM package version string to create a {@link PackageEvr} object. + *

+ * RPM package version policy format: [epoch:]version[-release] + * + * @param version the package version string + * @return the package EVR + */ + public static PackageEvr parseRpm(String version) { + String release = ""; + String epoch = null; + + int epochIndex = version.indexOf(':'); + if (epochIndex > 0) { + // Strip away optional 'epoch' + epoch = version.substring(0, epochIndex); + version = version.substring(epochIndex + 1); + } + + int releaseIndex = version.lastIndexOf('-'); + if (releaseIndex > 0) { + // Strip away optional 'release' + release = version.substring(releaseIndex + 1); + version = version.substring(0, releaseIndex); + } + + return new PackageEvr(epoch, version, release, "rpm"); + } + + /** + * @return package type + */ + public PackageType getPackageType() { + if (type.equals(PackageType.DEB.getDbString())) { + return PackageType.DEB; + } else if (type.equals(PackageType.RPM.getDbString())) { + return PackageType.RPM; + } else { + throw new RuntimeException("unsupported evr type: " + type); + } + } + + /** + * Detect package type and call the correct parser for the version string. + * + * @param version the version string + * @param type package type + * @return parsed PackageEvr object + */ + public static PackageEvr parsePackageEvr(PackageType type, String version) { + switch (type) { + case RPM: + return parseRpm(version); + case DEB: + return parseDebian(version); + default: + throw new RuntimeException("unreachable"); + } + } + } + + public static class User { + public static final User INSTANCE = new User(); + } + + public static enum PatchStatus { + + // Values sorted by seriousness + AFFECTED_PATCH_INAPPLICABLE("Affected, patch available in unassigned channel", 0), + AFFECTED_PATCH_APPLICABLE("Affected, patch available in assigned channel", 1), + NOT_AFFECTED("Not affected", 2), + PATCHED("Patched", 3), + AFFECTED_PATCH_INAPPLICABLE_SUCCESSOR_PRODUCT("Affected, patch available in a Product Migration target", 4); + + /** + * The lower the more severe + */ + private int rank; + private String description; + + PatchStatus(String descriptionIn, int rankIn) { + this.description = descriptionIn; + this.rank = rankIn; + } + + public String getDescription() { + return description; + } + + public int getRank() { + return rank; + } + } + + /** + * Implement the rpmvercmp function provided by librpm + * in Java. The comparator operates on two strings that + * represent an RPM version or release. + * + *

This comparator is not perfectly antisymmetric for unequal versions, + * but close enough to warrant being a comparator. For examples of asymmetry, + * check the test. + */ + private static class RpmVersionComparator implements Comparator { + + /** + * {@inheritDoc} + */ + @Override + public int compare(String o1, String o2) { + if (o1 == null) { + o1 = ""; + } + if (o2 == null) { + o2 = ""; + } + // This method tries to mimick rpmvercmp.c as + // closely as possible; it is deliberately doing things + // in a more C-like manner + if (o1 != null && o1.equals(o2)) { + return 0; + } + + String str1 = (String) o1; + String str2 = (String) o2; + int b1 = 0; + int b2 = 0; + + /* loop through each version segment of str1 and str2 and compare them */ + while (true) { + b1 = skipNonAlnum(str1, b1); + b2 = skipNonAlnum(str2, b2); + + /* handle the tilde separator, it sorts before everything else */ + if (xchar(str1, b1) == '~' || xchar(str2, b2) == '~') { + if (xchar(str1, b1) == '\0' || xchar(str1, b1) != '~') { + return 1; + } + if (xchar(str2, b2) == '\0' || xchar(str2, b2) != '~') { + return -1; + } + b1++; + b2++; + continue; + } + /* + * Handle caret separator. Concept is the same as tilde, + * except that if one of the strings ends (base version), + * the other is considered as higher version. + */ + if (xchar(str1, b1) == '^' || xchar(str2, b2) == '^') { + if (xchar(str1, b1) == '\0') { + return -1; + } + if (xchar(str2, b2) == '\0') { + return 1; + } + if (xchar(str1, b1) != '^') { + return 1; + } + if (xchar(str2, b2) != '^') { + return -1; + } + b1++; + b2++; + continue; + } + if (b1 >= str1.length() || b2 >= str2.length()) { + break; + } + /* grab first completely alpha or completely numeric segment */ + /* str1.substring(b1, e1) and str2.substring(b2, e2) will */ + /* contain the segments */ + int e1, e2; + boolean isnum; + if (xisdigit(xchar(str1, b1))) { + e1 = skipDigits(str1, b1); + e2 = skipDigits(str2, b2); + isnum = true; + } else { + e1 = skipAlpha(str1, b1); + e2 = skipAlpha(str2, b2); + isnum = false; + } + /* take care of the case where the two version segments are */ + /* different types: one numeric, the other alpha (i.e. empty) */ + if (b1 == e1) { + return -1; /* arbitrary */ + } + if (b2 == e2) { + return (isnum ? 1 : -1); + } + + if (isnum) { + b1 = skipZeros(str1, b1, e1); + b2 = skipZeros(str2, b2, e2); + + /* whichever number has more digits wins */ + if (e1 - b1 > e2 - b2) { + return 1; + } + if (e2 - b2 > e1 - b1) { + return -1; + } + } + + /* compareTo will return which one is greater - even if the two */ + /* segments are alpha or if they are numeric. don't return */ + /* if they are equal because there might be more segments to */ + /* compare */ + String seg1 = str1.substring(b1, e1); + String seg2 = str2.substring(b2, e2); + int rc = seg1.compareTo(seg2); + if (rc != 0) { + return (rc < 0) ? -1 : 1; + } + // Reinitilize + b1 = e1; + b2 = e2; + } + /* this catches the case where all numeric and alpha segments have */ + /* compared identically but the segment sepparating characters were */ + /* different */ + if (b1 == str1.length() && b2 == str2.length()) { + return 0; + } + + /* whichever version still has characters left over wins */ + if (b1 == str1.length()) { + return -1; + } + return 1; + } + + private int skipZeros(String s, int b, int e) { + /* throw away any leading zeros - it's a number, right? */ + while (xchar(s, b) == '0' && b < e) { + b++; + } + return b; + } + + private int skipDigits(String s, int i) { + while (i < s.length() && xisdigit(xchar(s, i))) { + i++; + } + return i; + } + + private int skipAlpha(String s, int i) { + while (i < s.length() && xisalpha(xchar(s, i))) { + i++; + } + return i; + } + + private int skipNonAlnum(String s, int i) { + while (i < s.length() && xchar(s, i) != '~' && xchar(s, i) != '^' && !xisalnum(xchar(s, i))) { + i++; + } + return i; + } + + private boolean xisalnum(char c) { + return xisdigit(c) || xisalpha(c); + } + + private boolean xisdigit(char c) { + return Character.isDigit(c); + } + + private boolean xisalpha(char c) { + return Character.isLetter(c); + } + + private char xchar(String s, int i) { + return (i < s.length() ? s.charAt(i) : '\0'); + } + } + + /** + * DebVersionComparator + */ + public static class DebVersionComparator implements Comparator { + + /** + * {@inheritDoc} + *

+ * Compare two versions, *a* and *b*, and return an integer value which has + * the same meaning as the built-in :func:`cmp` function's return value has, + * see the following table for details. + *

+ * .. table:: Return values + *

+ * ===== ============================================= + * Value Meaning + * ===== ============================================= + * > 0 The version *a* is greater than version *b*. + * = 0 Both versions are equal. + * < 0 The version *a* is less than version *b*. + * ===== ============================================= + *

+ * See: https://www.debian.org/doc/debian-policy/ch-controlfields.html#version + * See: https://salsa.debian.org/dpkg-team/dpkg/blob/master/lib/dpkg/version.c#L140 + */ + @Override + public int compare(String o1, String o2) { + String version1 = o1, revision1 = null, version2 = o2, revision2 = null; + /* Split version and revision: https://www.debian.org/doc/debian-policy/ch-controlfields.html#version */ + + int hyphen = version1.lastIndexOf('-'); + if (hyphen > 0) { + revision1 = version1.substring(hyphen + 1); + version1 = version1.substring(0, hyphen); + } + hyphen = version2.lastIndexOf('-'); + if (hyphen > 0) { + revision2 = version2.substring(hyphen + 1); + version2 = version2.substring(0, hyphen); + } + int rc = verrevcmp(version1, version2); + if (rc > 0) { + return 1; + } else if (rc < 0) { + return -1; + } else { /* (rc == 0) */ + int rv = verrevcmp(revision1, revision2); + if (rv > 0) { + return 1; + } else if (rv < 0) { + return -1; + } + return 0; + } + } + + private int order(int c) { + if (Character.isDigit(c)) { + return 0; + } else if (Character.isLetter(c)) { + return c; + } else if (c == '~') { + return -1; + } else if (c != 0) { + return c + 256; + } else { + return 0; + } + } + + private int verrevcmp(String a1, String b1) { + char[] a, b; + + if (a1 == null) { + a1 = ""; + } + if (b1 == null) { + b1 = ""; + } + + a = a1.toCharArray(); + b = b1.toCharArray(); + + int i = 0; + int j = 0; + + while (i < a.length || j < b.length) { + int firstDiff = 0; + + while ((i < a.length && !Character.isDigit(a[i])) || (j < b.length && !Character.isDigit(b[j]))) { + int ac = i >= a.length ? 0 : order(a[i]); + int bc = j >= b.length ? 0 : order(b[j]); + + if (ac != bc) { + return ac - bc; + } + + i++; + j++; + } + while (i < a.length && a[i] == '0') { + i++; + } + while (j < b.length && b[j] == '0') { + j++; + } + while (i < a.length && j < b.length && Character.isDigit(a[i]) && Character.isDigit((b[j]))) { + if (firstDiff == 0) { + firstDiff = a[i] - b[j]; + } + i++; + j++; + } + + if (i < a.length && Character.isDigit(a[i])) { + return 1; + } + if (j < b.length && Character.isDigit(b[j])) { + return -1; + } + if (firstDiff != 0) { + return firstDiff; + } + } + return 0; + } + } + + public static enum PackageType { + RPM("rpm"), + DEB("deb"); + + private final String dbString; + + PackageType(String dbStringIn) { + dbString = dbStringIn; + } + + public String getDbString() { + return dbString; + } + } + + +} From 32ac87c94de0343581796e436b08c9860c5e81fa Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:32:38 +0100 Subject: [PATCH 4/9] Implement the OVAL test evaluation algorithm --- .../code/src/com/suse/oval/TestEvaluator.java | 167 ++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100755 java/code/src/com/suse/oval/TestEvaluator.java diff --git a/java/code/src/com/suse/oval/TestEvaluator.java b/java/code/src/com/suse/oval/TestEvaluator.java new file mode 100755 index 000000000000..f36c1e74e567 --- /dev/null +++ b/java/code/src/com/suse/oval/TestEvaluator.java @@ -0,0 +1,167 @@ +package com.suse.oval; + +import com.suse.oval.manager.OvalObjectManager; +import com.suse.oval.manager.OvalStateManager; +import com.suse.oval.manager.OvalTestManager; +import com.suse.oval.ovaltypes.*; + +import java.util.ArrayList; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import java.util.stream.Collectors; + +public class TestEvaluator { + private final OvalTestManager ovalTestManager; + private final OvalObjectManager ovalObjectManager; + private final OvalStateManager ovalStateManager; + private final List systemCvePatchStatusList; + + public TestEvaluator(OvalTestManager ovalTestManager, OvalObjectManager ovalObjectManager, + OvalStateManager ovalStateManager, List systemCvePatchStatusList) { + Objects.requireNonNull(ovalTestManager); + + this.ovalStateManager = ovalStateManager; + this.ovalObjectManager = ovalObjectManager; + this.systemCvePatchStatusList = systemCvePatchStatusList == null ? new ArrayList<>() : systemCvePatchStatusList; + this.ovalTestManager = ovalTestManager; + } + + public boolean evaluate(String testId) { + TestType test = ovalTestManager.get(testId); + if (test.getObject() == null) { + throw new IllegalStateException(); + } + + ObjectType object = ovalObjectManager.get(test.getObject().getObjectRef()); + List packageVersionsOnSystem = listPackageVersionsInstalledOnSystem(object.getPackageName()); + long packageVersionsCount = packageVersionsOnSystem.size(); + + ExistenceEnum checkExistence = test.getCheckExistence(); + switch (checkExistence) { + case NONE_EXIST: + if (packageVersionsCount != 0) { + return false; + } + break; + case ONLY_ONE_EXISTS: + if (packageVersionsCount != 1) { + return false; + } + break; + // We have only one component under consideration that is the package name, + // thus 'all_exist' and 'at_least_one_exists' are logically equivalent. + case ALL_EXIST: + case AT_LEAST_ONE_EXISTS: + if (packageVersionsCount < 1) { + return false; + } + break; + } + + Optional ovalState = test.getStateRef(); + if (ovalState.isEmpty()) { + return true; + } + + List stateEvaluations = ovalState.stream() + .map(ovalStateManager::get) + .map(state -> evaluatePackageState(packageVersionsOnSystem, state)) + .collect(Collectors.toList()); + + return combineBooleans(test.getStateOperator(), stateEvaluations); + } + + private boolean evaluatePackageState(List packageVersionsOnSystem, StateType expectedState) { + return packageVersionsOnSystem.stream().anyMatch(cvePatchStatus -> { + // This list holds the evaluation results of each of the specified state entities .e.g. arch, + // evr, version, etc. + List stateEntitiesEvaluations = new ArrayList<>(); + + EVRType expectedEvr = expectedState.getPackageEVR(); + if (expectedEvr != null) { + cvePatchStatus.getPackageEvr().ifPresent(packageOnSystemEVR -> { + UyuniAPI.PackageEvr packageOnOvalEVR = UyuniAPI.PackageEvr + .parsePackageEvr(toPackageType(expectedEvr.getDatatype()), expectedEvr.getValue()); + + int evrComparisonResult = packageOnSystemEVR.compareTo(packageOnOvalEVR); + + stateEntitiesEvaluations.add(checkPackageEVR(evrComparisonResult, expectedEvr.getOperation())); + }); + } + + + ArchType expectedArch = expectedState.getPackageArch(); + if (expectedArch != null) { + stateEntitiesEvaluations.add(checkPackageArch(cvePatchStatus.getPackageArch().orElse(""), + expectedArch.getValue(), expectedArch.getOperation())); + } + + VersionType expectedVersion = expectedState.getPackageVersion(); + if (expectedVersion != null) { + cvePatchStatus.getPackageEvr().ifPresent(packageOnSystemEVR -> { + stateEntitiesEvaluations.add(checkPackageVersion(packageOnSystemEVR.getVersion(), + expectedVersion.getValue(), expectedVersion.getOperation())); + }); + } + + return combineBooleans(expectedState.getOperator(), stateEntitiesEvaluations); + }); + } + + private boolean checkPackageEVR(int evrComparisonResult, OperationEnumeration operation) { + return (evrComparisonResult == 0 && operation == OperationEnumeration.EQUALS) || + (evrComparisonResult != 0 && operation == OperationEnumeration.NOT_EQUAL) || + (evrComparisonResult > 0 && operation == OperationEnumeration.GREATER_THAN) || + (evrComparisonResult >= 0 && operation == OperationEnumeration.GREATER_THAN_OR_EQUAL) || + (evrComparisonResult < 0 && operation == OperationEnumeration.LESS_THAN) || + (evrComparisonResult <= 0 && operation == OperationEnumeration.LESS_THAN_OR_EQUAL); + } + + private boolean checkPackageArch(String systemPackageArch, String expectedArch, OperationEnumeration operation) { + switch (operation) { + case PATTERN_MATCH: + return systemPackageArch.matches(expectedArch); + case EQUALS: + return systemPackageArch.equals(expectedArch); + case NOT_EQUAL: + return !systemPackageArch.equals(expectedArch); + default: + throw new IllegalArgumentException("The specified operation is not supported"); + } + } + + private boolean checkPackageVersion(String systemPackageVersion, String expectedVersion, OperationEnumeration operation) { + if (!(operation == OperationEnumeration.EQUALS || operation == OperationEnumeration.NOT_EQUAL)) { + throw new IllegalArgumentException("Operation '" + operation + "' is not supported for the version state entity"); + } + + return systemPackageVersion.equals(expectedVersion); + } + + private List listPackageVersionsInstalledOnSystem(String packageName) { + return systemCvePatchStatusList.stream() + .filter(cvePatchStatus -> Optional.ofNullable(packageName).equals(cvePatchStatus.getPackageName())) + .collect(Collectors.toList()); + } + + private UyuniAPI.PackageType toPackageType(EVRDataTypeEnum evrDataTypeEnum) { + Objects.requireNonNull(evrDataTypeEnum); + + return evrDataTypeEnum == EVRDataTypeEnum.DEBIAN_EVR ? UyuniAPI.PackageType.DEB : UyuniAPI.PackageType.RPM; + } + + private boolean combineBooleans(LogicOperatorType operator, List booleans) { + switch (operator) { + case AND: + return booleans.stream().allMatch(Boolean::booleanValue); + case OR: + return booleans.stream().anyMatch(Boolean::booleanValue); + case XOR: + return booleans.stream().reduce((a, b) -> a ^ b).orElse(false); + case ONE: + return booleans.stream().filter(Boolean::booleanValue).count() == 1L; + } + return false; + } +} From f3f88ad40ce4de3782d504abf04a87f3c28a3b1d Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:35:14 +0100 Subject: [PATCH 5/9] Add OVAL Criteria and Criterion types - Also, implemented the composite design pattern to enable the evaluation of the criteria tree --- .../com/suse/oval/ovaltypes/BaseCriteria.java | 8 + .../com/suse/oval/ovaltypes/CriteriaType.java | 140 ++++++++++++++++++ .../suse/oval/ovaltypes/CriterionType.java | 88 +++++++++++ 3 files changed, 236 insertions(+) create mode 100755 java/code/src/com/suse/oval/ovaltypes/BaseCriteria.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/CriteriaType.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/CriterionType.java diff --git a/java/code/src/com/suse/oval/ovaltypes/BaseCriteria.java b/java/code/src/com/suse/oval/ovaltypes/BaseCriteria.java new file mode 100755 index 000000000000..77871a454a1e --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/BaseCriteria.java @@ -0,0 +1,8 @@ +package com.suse.oval.ovaltypes; + +import com.suse.oval.TestEvaluator; + +public interface BaseCriteria { + + boolean evaluate(TestEvaluator testEvaluator); +} diff --git a/java/code/src/com/suse/oval/ovaltypes/CriteriaType.java b/java/code/src/com/suse/oval/ovaltypes/CriteriaType.java new file mode 100755 index 000000000000..e13c347f904a --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/CriteriaType.java @@ -0,0 +1,140 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import com.suse.oval.TestEvaluator; + +import javax.xml.bind.annotation.*; +import java.util.ArrayList; +import java.util.List; + + +/** + * The required operator attribute provides the logical operator that binds the different statements inside a criteria together. + * The optional negate attribute signifies that the result of the criteria as a whole should be negated during analysis. + * For example, consider a criteria that evaluates to TRUE if certain software is installed. + *

+ * By negating this test, it now evaluates to TRUE if the software is NOT installed. The optional comment attribute provides + * a short description of the criteria. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "CriteriaType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class CriteriaType implements BaseCriteria { + + @XmlElements({ + @XmlElement(name = "criteria", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", type = CriteriaType.class), + @XmlElement(name = "criterion", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5", type = CriterionType.class) + }) + protected List children; + @XmlAttribute(name = "operator") + protected LogicOperatorType operator; + @XmlAttribute(name = "negate") + protected Boolean negate; + @XmlAttribute(name = "comment") + protected String comment; + + /** + * Gets the value of the contained criteria or criterion objects. + */ + public List getChildren() { + if (children == null) { + children = new ArrayList<>(); + } + return this.children; + } + + /** + * Gets the value of the operator property. + * + * @return possible object is + * {@link LogicOperatorType } + */ + public LogicOperatorType getOperator() { + if (operator == null) { + return LogicOperatorType.AND; + } else { + return operator; + } + } + + /** + * Sets the value of the operator property. + * + * @param value allowed object is + * {@link LogicOperatorType } + */ + public void setOperator(LogicOperatorType value) { + this.operator = value; + } + + /** + * Gets the value of the negate property. + */ + public boolean isNegate() { + if (negate == null) { + return false; + } else { + return negate; + } + } + + /** + * Sets the value of the negate property. + */ + public void setNegate(Boolean value) { + this.negate = value; + } + + /** + * Gets the value of the comment property. + */ + public String getComment() { + return comment; + } + + /** + * Sets the value of the comment property. + */ + public void setComment(String value) { + this.comment = value; + } + + @Override + public boolean evaluate(TestEvaluator testEvaluator) { + switch (operator) { + case OR: + return negate ^ evaluateOR(testEvaluator); + case AND: + return negate ^ evaluateAND(testEvaluator); + case ONE: + case XOR: + //TODO: Implement + return false; + } + return false; + } + + private boolean evaluateOR(TestEvaluator testEvaluator) { + for (BaseCriteria childCriteria : children) { + if (childCriteria.evaluate(testEvaluator)) { + return true; + } + } + return false; + } + + private boolean evaluateAND(TestEvaluator testEvaluator) { + for (BaseCriteria childCriteria : children) { + if (!childCriteria.evaluate(testEvaluator)) { + return false; + } + } + return true; + } +} diff --git a/java/code/src/com/suse/oval/ovaltypes/CriterionType.java b/java/code/src/com/suse/oval/ovaltypes/CriterionType.java new file mode 100755 index 000000000000..9628745afa66 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/CriterionType.java @@ -0,0 +1,88 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.01 at 01:02:18 PM CET +// + + +package com.suse.oval.ovaltypes; + +import com.suse.oval.TestEvaluator; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlType; + + +/** + * The required test_ref attribute is the actual id of the test being referenced. The optional negate attribute signifies + * that the result of an individual test should be negated during analysis. For example, consider a test that evaluates to TRUE + * if a specific patch is installed. By negating this test, it now evaluates to TRUE if the patch is NOT installed. + *

+ * The optional comment attribute provides a short description of the specified test and should mirror the comment + * attribute of the actual test. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "CriterionType", namespace = "http://oval.mitre.org/XMLSchema/oval-definitions-5") +public class CriterionType implements BaseCriteria { + + @XmlAttribute(name = "test_ref", required = true) + protected String testRef; + @XmlAttribute(name = "negate") + protected Boolean negate; + @XmlAttribute(name = "comment") + protected String comment; + + /** + * Gets the value of the testRef property. + */ + public String getTestRef() { + return testRef; + } + + /** + * Sets the value of the testRef property. + */ + public void setTestRef(String value) { + this.testRef = value; + } + + /** + * Gets the value of the negate property. + */ + public boolean isNegate() { + if (negate == null) { + return false; + } else { + return negate; + } + } + + /** + * Sets the value of the negate property. + */ + public void setNegate(Boolean value) { + this.negate = value; + } + + /** + * Gets the value of the comment property. + */ + public String getComment() { + return comment; + } + + /** + * Sets the value of the comment property. + */ + public void setComment(String value) { + this.comment = value; + } + + @Override + public boolean evaluate(TestEvaluator testEvaluator) { + return negate ^ testEvaluator.evaluate(testRef); + } +} From 68012c35c06480b72249e1104c51a5d96f78b293 Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:37:32 +0100 Subject: [PATCH 6/9] Create OVAL Linux extension types --- .../com/suse/oval/ovaltypes/ObjectType.java | 4 +-- .../com/suse/oval/ovaltypes/ObjectsType.java | 4 +-- .../com/suse/oval/ovaltypes/StatesType.java | 4 +-- .../com/suse/oval/ovaltypes/TestsType.java | 4 +-- .../oval/ovaltypes/linux/DpkginfoObject.java | 26 +++++++++++++++++++ .../oval/ovaltypes/linux/DpkginfoState.java | 26 +++++++++++++++++++ .../oval/ovaltypes/linux/DpkginfoTest.java | 26 +++++++++++++++++++ .../oval/ovaltypes/linux/RpminfoObject.java | 25 ++++++++++++++++++ .../oval/ovaltypes/linux/RpminfoState.java | 23 ++++++++++++++++ .../oval/ovaltypes/linux/RpminfoTest.java | 25 ++++++++++++++++++ 10 files changed, 159 insertions(+), 8 deletions(-) create mode 100755 java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoObject.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoState.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoTest.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/linux/RpminfoObject.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/linux/RpminfoState.java create mode 100755 java/code/src/com/suse/oval/ovaltypes/linux/RpminfoTest.java diff --git a/java/code/src/com/suse/oval/ovaltypes/ObjectType.java b/java/code/src/com/suse/oval/ovaltypes/ObjectType.java index b190107722df..b624a9c3ab83 100755 --- a/java/code/src/com/suse/oval/ovaltypes/ObjectType.java +++ b/java/code/src/com/suse/oval/ovaltypes/ObjectType.java @@ -8,8 +8,8 @@ package com.suse.oval.ovaltypes; -import com.suse.ovaltypes.linux.DpkginfoObject; -import com.suse.ovaltypes.linux.RpminfoObject; +import com.suse.oval.ovaltypes.linux.DpkginfoObject; +import com.suse.oval.ovaltypes.linux.RpminfoObject; import javax.xml.bind.annotation.*; import java.math.BigInteger; diff --git a/java/code/src/com/suse/oval/ovaltypes/ObjectsType.java b/java/code/src/com/suse/oval/ovaltypes/ObjectsType.java index 012ab063cd25..387cba3c8a37 100755 --- a/java/code/src/com/suse/oval/ovaltypes/ObjectsType.java +++ b/java/code/src/com/suse/oval/ovaltypes/ObjectsType.java @@ -8,8 +8,8 @@ package com.suse.oval.ovaltypes; -import com.suse.ovaltypes.linux.DpkginfoObject; -import com.suse.ovaltypes.linux.RpminfoObject; +import com.suse.oval.ovaltypes.linux.DpkginfoObject; +import com.suse.oval.ovaltypes.linux.RpminfoObject; import javax.xml.bind.annotation.*; import java.util.ArrayList; diff --git a/java/code/src/com/suse/oval/ovaltypes/StatesType.java b/java/code/src/com/suse/oval/ovaltypes/StatesType.java index d32602d73811..2f13cd3b733c 100755 --- a/java/code/src/com/suse/oval/ovaltypes/StatesType.java +++ b/java/code/src/com/suse/oval/ovaltypes/StatesType.java @@ -8,8 +8,8 @@ package com.suse.oval.ovaltypes; -import com.suse.ovaltypes.linux.DpkginfoState; -import com.suse.ovaltypes.linux.RpminfoState; +import com.suse.oval.ovaltypes.linux.DpkginfoState; +import com.suse.oval.ovaltypes.linux.RpminfoState; import javax.xml.bind.annotation.*; import java.util.ArrayList; diff --git a/java/code/src/com/suse/oval/ovaltypes/TestsType.java b/java/code/src/com/suse/oval/ovaltypes/TestsType.java index 40b2f16b0a9c..9d6504a78392 100755 --- a/java/code/src/com/suse/oval/ovaltypes/TestsType.java +++ b/java/code/src/com/suse/oval/ovaltypes/TestsType.java @@ -8,8 +8,8 @@ package com.suse.oval.ovaltypes; -import com.suse.ovaltypes.linux.DpkginfoTest; -import com.suse.ovaltypes.linux.RpminfoTest; +import com.suse.oval.ovaltypes.linux.DpkginfoTest; +import com.suse.oval.ovaltypes.linux.RpminfoTest; import javax.xml.bind.annotation.*; import java.util.ArrayList; diff --git a/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoObject.java b/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoObject.java new file mode 100755 index 000000000000..515ce3818d6c --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoObject.java @@ -0,0 +1,26 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.05 at 09:45:43 PM CET +// + + +package com.suse.oval.ovaltypes.linux; + + +import com.suse.oval.ovaltypes.ObjectType; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlType; + + +/** + * A dpkginfo object consists of a single name entity that identifies the package being checked. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "dpkginfo_object") +public class DpkginfoObject extends ObjectType { + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoState.java b/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoState.java new file mode 100755 index 000000000000..5e3a85b275ec --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoState.java @@ -0,0 +1,26 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.05 at 09:45:43 PM CET +// + + +package com.suse.oval.ovaltypes.linux; + + +import com.suse.oval.ovaltypes.StateType; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlType; + + +/** + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "dpkginfo_state") +public class DpkginfoState extends StateType { + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoTest.java b/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoTest.java new file mode 100755 index 000000000000..7b1652b9ddf2 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/linux/DpkginfoTest.java @@ -0,0 +1,26 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.05 at 09:45:43 PM CET +// + + +package com.suse.oval.ovaltypes.linux; + +import com.suse.oval.ovaltypes.TestType; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlType; + + +/** + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "dpkginfo_test") +public class DpkginfoTest extends TestType { + + +} diff --git a/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoObject.java b/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoObject.java new file mode 100755 index 000000000000..4306b4ee18e9 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoObject.java @@ -0,0 +1,25 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.05 at 09:45:43 PM CET +// + + +package com.suse.oval.ovaltypes.linux; + + +import com.suse.oval.ovaltypes.ObjectType; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlType; + + +/** + * A rpm info object consists of a single name entity that identifies the package being checked. + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "rpminfo_object") +public class RpminfoObject extends ObjectType { +} diff --git a/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoState.java b/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoState.java new file mode 100755 index 000000000000..0db99ff9f4ee --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoState.java @@ -0,0 +1,23 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.05 at 09:45:43 PM CET +// + + +package com.suse.oval.ovaltypes.linux; + + +import com.suse.oval.ovaltypes.StateType; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlType; + +/** + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "rpminfo_state") +public class RpminfoState extends StateType { +} diff --git a/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoTest.java b/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoTest.java new file mode 100755 index 000000000000..c446360e3a82 --- /dev/null +++ b/java/code/src/com/suse/oval/ovaltypes/linux/RpminfoTest.java @@ -0,0 +1,25 @@ +// +// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.3.1 +// See https://javaee.github.io/jaxb-v2/ +// Any modifications to this file will be lost upon recompilation of the source schema. +// Generated on: 2023.06.05 at 09:45:43 PM CET +// + + +package com.suse.oval.ovaltypes.linux; + +import com.suse.oval.ovaltypes.TestType; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlType; + + +/** + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "rpminfo_test") +public class RpminfoTest extends TestType { + +} From 1ae1e4b0c034ea5562b1fbf74b7bbb62b54845ea Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:42:21 +0100 Subject: [PATCH 7/9] Implement the OVAL parser - This is a temporary implementation based on JAXB API which consumes a lot of memory. I plan to rewrite it with StAX for better performance. --- java/code/src/com/suse/oval/OvalParser.java | 26 +++++++++++++++++++ .../oval/exceptions/OvalParserException.java | 19 ++++++++++++++ 2 files changed, 45 insertions(+) create mode 100755 java/code/src/com/suse/oval/OvalParser.java create mode 100755 java/code/src/com/suse/oval/exceptions/OvalParserException.java diff --git a/java/code/src/com/suse/oval/OvalParser.java b/java/code/src/com/suse/oval/OvalParser.java new file mode 100755 index 000000000000..7314d5b9a7da --- /dev/null +++ b/java/code/src/com/suse/oval/OvalParser.java @@ -0,0 +1,26 @@ +package com.suse.oval; + +import com.suse.oval.exceptions.OvalParserException; +import com.suse.oval.ovaltypes.OvalRootType; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import java.io.File; + +/** + * The Oval Parser is responsible for parsing OVAL(Open Vulnerability and Assessment Language) documents + */ +public class OvalParser { + + public OvalRootType parse(File ovalFile) throws OvalParserException { + try { + JAXBContext jaxbContext = JAXBContext.newInstance(OvalRootType.class); + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + return (OvalRootType) unmarshaller.unmarshal(ovalFile); + } catch (JAXBException e) { + throw new OvalParserException("Failed to parse the given OVAL file at: " + ovalFile.getAbsolutePath(), e); + } + } + +} diff --git a/java/code/src/com/suse/oval/exceptions/OvalParserException.java b/java/code/src/com/suse/oval/exceptions/OvalParserException.java new file mode 100755 index 000000000000..c4867948b5b6 --- /dev/null +++ b/java/code/src/com/suse/oval/exceptions/OvalParserException.java @@ -0,0 +1,19 @@ +package com.suse.oval.exceptions; + +public class OvalParserException extends RuntimeException { + public OvalParserException() { + super(); + } + + public OvalParserException(String message) { + super(message); + } + + public OvalParserException(Throwable cause) { + super(cause); + } + + public OvalParserException(String message, Throwable cause) { + super(message, cause); + } +} From 4ce39a83918ea1ad9b7b654d3c60d8867efbcf44 Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:46:48 +0100 Subject: [PATCH 8/9] Test TestEvaluatorTest --- java/code/src/com/suse/oval/UyuniAPI.java | 6 +- .../com/suse/oval/test/TestEvaluatorTest.java | 254 ++++++++++++++++++ 2 files changed, 257 insertions(+), 3 deletions(-) create mode 100755 java/code/src/com/suse/oval/test/TestEvaluatorTest.java diff --git a/java/code/src/com/suse/oval/UyuniAPI.java b/java/code/src/com/suse/oval/UyuniAPI.java index 365ab8bd555c..f6cb078d14cc 100755 --- a/java/code/src/com/suse/oval/UyuniAPI.java +++ b/java/code/src/com/suse/oval/UyuniAPI.java @@ -33,8 +33,8 @@ public static class CVEPatchStatus { private final Optional packageEvr; private final boolean packageInstalled; - CVEPatchStatus(long systemIdIn, Optional packageNameIn, - Optional evrIn, boolean packageInstalledIn, Optional packageArch) { + public CVEPatchStatus(long systemIdIn, Optional packageNameIn, + Optional evrIn, boolean packageInstalledIn, Optional packageArch) { this.systemId = systemIdIn; this.packageName = packageNameIn; this.packageInstalled = packageInstalledIn; @@ -42,7 +42,7 @@ public static class CVEPatchStatus { this.packageArch = packageArch; } - CVEPatchStatus(long systemIdIn, Optional packageNameIn, Optional evrIn, boolean packageInstalledIn) { + public CVEPatchStatus(long systemIdIn, Optional packageNameIn, Optional evrIn, boolean packageInstalledIn) { this(systemIdIn, packageNameIn, evrIn, packageInstalledIn, Optional.of("noarch")); } diff --git a/java/code/src/com/suse/oval/test/TestEvaluatorTest.java b/java/code/src/com/suse/oval/test/TestEvaluatorTest.java new file mode 100755 index 000000000000..cdd7d6472d01 --- /dev/null +++ b/java/code/src/com/suse/oval/test/TestEvaluatorTest.java @@ -0,0 +1,254 @@ +package com.suse.oval.test; + +import com.suse.oval.TestEvaluator; +import com.suse.oval.UyuniAPI; +import com.suse.oval.manager.OvalObjectManager; +import com.suse.oval.manager.OvalStateManager; +import com.suse.oval.manager.OvalTestManager; +import com.suse.oval.ovaltypes.*; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + +import java.util.Collections; +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; + + +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class TestEvaluatorTest { + TestEvaluator testEvaluator; + OvalObjectManager ovalObjectManager = new OvalObjectManager(Collections.emptyList()); + OvalStateManager ovalStateManager = new OvalStateManager(Collections.emptyList()); + OvalTestManager ovalTestManager = new OvalTestManager(Collections.emptyList()); + + TestType t1; + TestType t2; + TestType t3; + TestType t4; + TestType t5; + TestType t6; + TestType t7; + TestType t8; + TestType t9; + TestType t10; + TestType t11; + + @BeforeEach + void setUp() { + ovalObjectManager = new OvalObjectManager(Collections.emptyList()); + ovalStateManager = new OvalStateManager(Collections.emptyList()); + ovalTestManager = new OvalTestManager(Collections.emptyList()); + + List systemCvePatchStatusList = List.of( + new UyuniAPI.CVEPatchStatus(1, Optional.of("libsoftokn3-hmac-32bit"), + Optional.of(UyuniAPI.PackageEvr.parseRpm("0:3.68.3-150400.1.7")), true), + new UyuniAPI.CVEPatchStatus(1, Optional.of("libsha1detectcoll1"), + Optional.of(UyuniAPI.PackageEvr.parseRpm("0:3.68.2-150400.1.7")), true), + new UyuniAPI.CVEPatchStatus(1, Optional.of("libsha1detectcoll1"), + Optional.of(UyuniAPI.PackageEvr.parseRpm("0:3.68.3-150400.1.7")), true), + new UyuniAPI.CVEPatchStatus(1, Optional.of("libsha1detectcoll1"), + Optional.of(UyuniAPI.PackageEvr.parseRpm("0:3.68.4-150400.1.7")), true, Optional.of("aarch64")), + new UyuniAPI.CVEPatchStatus(1, Optional.of("postgresql12-plperl"), + Optional.of(UyuniAPI.PackageEvr.parseRpm("0:3.68.3-150400.1.7")), true, Optional.of("aarch64")), + new UyuniAPI.CVEPatchStatus(1, Optional.of("sles-release"), + Optional.of(UyuniAPI.PackageEvr.parseRpm("0:15.4-0")), true) + ); + + ObjectType o1 = newObjectType("obj:1", "libsoftokn3-hmac-32bit"); + ObjectType o2 = newObjectType("obj:2", "libsha1detectcoll1"); + ObjectType o3 = newObjectType("obj:3", "postgresql12-plperl"); + ObjectType o4 = newObjectType("obj:4", "sles-release"); + + StateType s1 = new StateTypeBuilder("ste:1") + .withEVR("0:3.68.3-150400.1.7", OperationEnumeration.LESS_THAN) + .build(); + + StateType s2 = new StateTypeBuilder("ste:2") + .withEVR("0:3.68.3-150400.1.7", OperationEnumeration.GREATER_THAN) + .build(); + + StateType s3 = new StateTypeBuilder("ste:3") + .withEVR("0:3.68.3-150400.1.7", OperationEnumeration.EQUALS) + .build(); + + StateType s4 = new StateTypeBuilder("ste:4") + .withEVR("0:3.68.3-150400.1.7", OperationEnumeration.GREATER_THAN) + .withArch("aarch64", OperationEnumeration.EQUALS) + .build(); + + StateType s5 = new StateTypeBuilder("ste:5") + .withEVR("0:3.68.3-150400.1.7", OperationEnumeration.GREATER_THAN) + .withArch("(aarch64|noarch)", OperationEnumeration.PATTERN_MATCH) + .build(); + + StateType s6 = new StateTypeBuilder("ste:6") + .withVersion("15.4", OperationEnumeration.EQUALS) + .build(); + + t1 = newTestType("tst:1", o1, s1); + t2 = newTestType("tst:2", o1, s2); + t3 = newTestType("tst:3", o1, s3); + t4 = newTestType("tst:4", o2, s1); + t5 = newTestType("tst:5", o2, s2); + t6 = newTestType("tst:6", o2, s3); + t7 = newTestType("tst:7", o1, s4); + t8 = newTestType("tst:8", o2, s4); + t9 = newTestType("tst:9", o3, s4); + t10 = newTestType("tst:10", o2, s5); + t11 = newTestType("tst:11", o4, s6); + + testEvaluator = new TestEvaluator(ovalTestManager, ovalObjectManager, ovalStateManager, systemCvePatchStatusList); + } + + /** + * Test T1 ensures that if the evr state operation is LESS_THAN and the system has a package with an evr less than the + * state evr, then the evaluation should return 'true' + */ + @Test + void testT1() { + assertFalse(testEvaluator.evaluate(t1.getId())); + } + + @Test + void testT2() { + assertFalse(testEvaluator.evaluate(t2.getId())); + } + + @Test + void testT3() { + assertTrue(testEvaluator.evaluate(t3.getId())); + } + + @Test + void testT4() { + assertTrue(testEvaluator.evaluate(t4.getId())); + } + + @Test + void testT5() { + assertTrue(testEvaluator.evaluate(t5.getId())); + } + + @Test + void testT6() { + assertTrue(testEvaluator.evaluate(t6.getId())); + } + + @Test + void testT7() { + assertFalse(testEvaluator.evaluate(t7.getId())); + } + + /** + * Tests when both arch and evr properties satisfied + */ + @Test + void testT8() { + assertTrue(testEvaluator.evaluate(t8.getId())); + } + + /** + * Tests when arch property is satisfied but evr is not satisfied + */ + @Test + void testT9() { + assertFalse(testEvaluator.evaluate(t9.getId())); + } + + /** + * Test when arch is a pattern + */ + @Test + void testT10() { + assertTrue(testEvaluator.evaluate(t10.getId())); + } + + @Test + void testT11() { + assertTrue(testEvaluator.evaluate(t11.getId())); + } + + TestType newTestType(String id, ObjectType object, List states) { + ObjectRefType objectRefType = new ObjectRefType(); + objectRefType.setObjectRef(object.getId()); + + List stateRefs = states.stream().map(state -> { + StateRefType stateRefType = new StateRefType(); + stateRefType.setStateRef(state.getId()); + return stateRefType; + }).collect(Collectors.toList()); + + TestType testType = new TestType(); + testType.setId(id); + testType.setObject(objectRefType); + testType.setStates(stateRefs); + + ovalTestManager.add(testType); + + return testType; + } + + TestType newTestType(String id, ObjectType object, StateType state) { + return newTestType(id, object, List.of(state)); + } + + ObjectType newObjectType(String id, String packageName) { + ObjectRefType objectRefType = new ObjectRefType(); + objectRefType.setObjectRef(id); + + ObjectType object = new ObjectType(); + object.setId(objectRefType.getObjectRef()); + object.setPackageName(packageName); + + ovalObjectManager.add(object); + + return object; + } + + private class StateTypeBuilder { + private StateType state = new StateType(); + + public StateTypeBuilder(String id) { + state.setId(id); + } + + public StateTypeBuilder withEVR(String evr, OperationEnumeration operation) { + EVRType evrType = new EVRType(); + evrType.setDatatype(EVRDataTypeEnum.RPM_EVR); + evrType.setOperation(operation); + evrType.setValue(evr); + + state.setPackageEVR(evrType); + + return this; + } + + public StateTypeBuilder withArch(String arch, OperationEnumeration operation) { + ArchType archType = new ArchType(); + archType.setValue(arch); + archType.setOperation(operation); + + state.setPackageArch(archType); + + return this; + } + + public StateTypeBuilder withVersion(String version, OperationEnumeration operation) { + VersionType versionType = new VersionType(); + versionType.setValue(version); + versionType.setOperation(operation); + + state.setPackageVersion(versionType); + + return this; + } + + public StateType build() { + ovalStateManager.add(state); + return state; + } + } +} From c565947664dc88036e448857fda1bebb237b36f4 Mon Sep 17 00:00:00 2001 From: HoussemNasri Date: Wed, 21 Jun 2023 14:51:52 +0100 Subject: [PATCH 9/9] Refactor getDefinitions() method --- .../code/src/com/suse/oval/ovaltypes/OvalRootType.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/java/code/src/com/suse/oval/ovaltypes/OvalRootType.java b/java/code/src/com/suse/oval/ovaltypes/OvalRootType.java index 6a70cdb5300b..c3bee765ed28 100755 --- a/java/code/src/com/suse/oval/ovaltypes/OvalRootType.java +++ b/java/code/src/com/suse/oval/ovaltypes/OvalRootType.java @@ -9,6 +9,8 @@ package com.suse.oval.ovaltypes; import javax.xml.bind.annotation.*; +import java.util.ArrayList; +import java.util.List; @XmlAccessorType(XmlAccessType.FIELD) @@ -45,8 +47,12 @@ public void setGenerator(GeneratorType value) { /** * Gets the value of the definitions property. */ - public DefinitionsType getDefinitions() { - return definitions; + public List getDefinitions() { + if (definitions == null) { + return new ArrayList<>(); + } else { + return definitions.getDefinitions(); + } } /**