spec

package
v0.1.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2024 License: MIT Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TmMDTemplate = `` /* 3140-byte string literal not displayed */

	TmDashboardTemplate = `` /* 306-byte string literal not displayed */

)
View Source 
const (
	NoneUptime        UptimeDependencyClassification = "none"
	DegradedUptime                                   = "degraded"
	HardUptime                                       = "hard"
	OperationalUptime                                = "operational"
)
View Source 
const (
	OtmVer = "0.2.0"
)

Variables

This section is empty.

Functions

func ParseTMTemplate added in v0.0.6 

func ParseTMTemplate(mdTemplate string) (*template.Template, error)

func VersionConstraints added in v0.1.5 

func VersionConstraints(tmw *ThreatmodelWrapped, emit bool) (string, error)

Types

type AdditionalAttribute added in v0.1.6 

type AdditionalAttribute struct {
	Name  string `json:"name" hcl:"name,label"`
	Value string `json:"value" hcl:"value"`
}

type Attribute 

type Attribute struct {
	NewInitiative  bool   `json:"newInitiative" hcl:"new_initiative,attr"`
	InternetFacing bool   `json:"internetFacing" hcl:"internet_facing,attr"`
	InitiativeSize string `json:"initiativeSize" hcl:"initiative_size,attr"`
}

type Component 

type Component struct {
	ComponentType string `json:"componentType" hcl:"component_type,label"`
	ComponentName string `json:"componentName" hcl:"component_name,label"`
	Description   string `json:"description" hcl:"description,attr"`
}

type Control added in v0.1.5 

type Control struct {
	Name                string              `json:"name" hcl:"name,label"`
	Implemented         bool                `json:"implemented,omitempty" hcl:"implemented,optional"`
	Description         string              `json:"description" hcl:"description"`
	ImplementationNotes string              `json:"implementationNotes,omitempty" hcl:"implementation_notes,optional"`
	RiskReduction       int                 `json:"riskReduction,omitempty" hcl:"risk_reduction,optional"`
	Attributes          []*ControlAttribute `json:"attribute,omitempty" hcl:"attribute,block"`
}

type ControlAttribute added in v0.1.5 

type ControlAttribute struct {
	Name  string `json:"name" hcl:"name,label"`
	Value string `json:"value" hcl:"value"`
}

type DataFlowDiagram 

type DataFlowDiagram struct {
	Name              string          `json:"name" hcl:"name,label"`
	ShiftedFromLegacy bool            `json:"-"`
	Processes         []*DfdProcess   `json:"process,omitempty" hcl:"process,block"`
	ExternalElements  []*DfdExternal  `json:"externalElement,omitempty" hcl:"external_element,block"`
	DataStores        []*DfdData      `json:"dataStore,omitempty" hcl:"data_store,block"`
	Flows             []*DfdFlow      `json:"flow,omitempty" hcl:"flow,block"`
	TrustZones        []*DfdTrustZone `json:"trustZone,omitempty" hcl:"trust_zone,block"`
	ImportFile        string          `json:"-" hcl:"import,optional"`
}

func (*DataFlowDiagram) GenerateDfdPng added in v0.1.6 

func (d *DataFlowDiagram) GenerateDfdPng(filepath, tmName string) error

func (*DataFlowDiagram) GenerateDfdSvg added in v0.1.6 

func (d *DataFlowDiagram) GenerateDfdSvg(filepath, tmName string) error

func (*DataFlowDiagram) GenerateDot added in v0.1.6 

func (d *DataFlowDiagram) GenerateDot(tmName string) (string, error)

type DfdData 

type DfdData struct {
	Name      string `json:"name" hcl:"name,label"`
	TrustZone string `json:"trustZone,omitempty" hcl:"trust_zone,optional"`
	IaLink    string `json:"informationAsset,omitempty" hcl:"information_asset,optional"`
}

type DfdExternal 

type DfdExternal struct {
	Name      string `json:"name" hcl:"name,label"`
	TrustZone string `json:"trustZone,omitempty" hcl:"trust_zone,optional"`
}

type DfdFlow 

type DfdFlow struct {
	Name string `json:"name" hcl:"name,label"`
	From string `json:"from" hcl:"from,attr"`
	To   string `json:"to" hcl:"to,attr"`
}

type DfdProcess 

type DfdProcess struct {
	Name      string `json:"name" hcl:"name,label"`
	TrustZone string `json:"trustZone,omitempty" hcl:"trust_zone,optional"`
}

type DfdTrustZone added in v0.1.0 

type DfdTrustZone struct {
	Name             string         `json:"name" hcl:"name,label"`
	Processes        []*DfdProcess  `json:"process,omitempty" hcl:"process,block"`
	ExternalElements []*DfdExternal `json:"externalElement,omitempty" hcl:"external_element,block"`
	DataStores       []*DfdData     `json:"dataStore,omitempty" hcl:"data_store,block"`
}

type Exclusion 

type Exclusion struct {
	Description string `json:"description" hcl:"description,attr"`
}

type InformationAsset 

type InformationAsset struct {
	Name                      string `json:"name" hcl:"name,label"`
	Description               string `json:"description,omitempty" hcl:"description,optional"`
	InformationClassification string `json:"informationClassification,omitempty" hcl:"information_classification,optional"`
	Source                    string `json:"source,omitempty" hcl:"source,optional"`
}

type LegacyDataFlowDiagram added in v0.1.6 

type LegacyDataFlowDiagram struct {
	Processes        []*DfdProcess   `json:"process,omitempty" hcl:"process,block"`
	ExternalElements []*DfdExternal  `json:"externalElement,omitempty" hcl:"external_element,block"`
	DataStores       []*DfdData      `json:"dataStore,omitempty" hcl:"data_store,block"`
	Flows            []*DfdFlow      `json:"flow,omitempty" hcl:"flow,block"`
	TrustZones       []*DfdTrustZone `json:"trustZone,omitempty" hcl:"trust_zone,block"`
	ImportFile       string          `json:"import,omitempty" hcl:"import,optional"`
}

type ProposedControl added in v0.1.0 

type ProposedControl struct {
	Implemented bool   `json:"implemented,omitempty" hcl:"implemented,optional"`
	Description string `json:"description" hcl:"description"`
}

type ThirdPartyDependency 

type ThirdPartyDependency struct {
	Name             string                         `json:"name" hcl:"name,label"`
	Saas             bool                           `json:"saas,omitempty" hcl:"saas,optional"`
	PayingCustomer   bool                           `json:"payingCustomer,omitempty" hcl:"paying_customer,optional"`
	OpenSource       bool                           `json:"openSource,omitempty" hcl:"open_source,optional"`
	UptimeDependency UptimeDependencyClassification `json:"uptimeDependency" hcl:"uptime_dependency,attr"`
	UptimeNotes      string                         `json:"uptimeNotes,omitempty" hcl:"uptime_notes,optional"`
	Infrastructure   bool                           `json:"infrastructure,omitempty" hcl:"infrastructure,optional"`
	Description      string                         `json:"description" hcl:"description,attr"`
}

func (*ThirdPartyDependency) RenderUptime 

func (dep *ThirdPartyDependency) RenderUptime() string

type Threat 

type Threat struct {
	ImpactType           []string           `json:"impacts,omitempty" hcl:"impacts,optional"`
	Description          string             `json:"description" hcl:"description,attr"`
	Control              string             `json:"control,omitempty" hcl:"control,optional"`
	Stride               []string           `json:"stride,omitempty" hcl:"stride,optional"`
	InformationAssetRefs []string           `json:"informationAssetRefs,omitempty" hcl:"information_asset_refs,optional"`
	ProposedControls     []*ProposedControl `json:"proposedControl,omitempty" hcl:"proposed_control,block"`
	Controls             []*Control         `json:"expandedControl,omitempty" hcl:"expanded_control,block"`
}

type Threatmodel 

type Threatmodel struct {
	Name                   string                  `json:"name" hcl:"name,label"`
	Description            string                  `json:"description,omitempty" hcl:"description,optional"`
	Imports                []string                `json:"-" hcl:"imports,optional"`
	Including              string                  `json:"including,omitempty" hcl:"including,optional"`
	Link                   string                  `json:"link,omitempty" hcl:"link,optional"`
	DiagramLink            string                  `json:"diagramLink,omitempty" hcl:"diagram_link,optional"`
	AllDiagrams            []string                `json:"-"` // Used for templates
	Author                 string                  `json:"author" hcl:"author,attr"`
	CreatedAt              int64                   `json:"createdAt,omitempty" hcl:"created_at,optional"`
	UpdatedAt              int64                   `json:"updatedAt,omitempty" hcl:"updated_at,optional"`
	Attributes             *Attribute              `json:"attributes,omitempty" hcl:"attributes,block"`
	AdditionalAttributes   []*AdditionalAttribute  `json:"additionalAttribute,omitempty" hcl:"additional_attribute,block"`
	InformationAssets      []*InformationAsset     `json:"informationAsset,omitempty" hcl:"information_asset,block"`
	Threats                []*Threat               `json:"threat,omitempty" hcl:"threat,block"`
	UseCases               []*UseCase              `json:"useCase,omitempty" hcl:"usecase,block"`
	Exclusions             []*Exclusion            `json:"exclusion,omitempty" hcl:"exclusion,block"`
	ThirdPartyDependencies []*ThirdPartyDependency `json:"thirdPartyDependency,omitempty" hcl:"third_party_dependency,block"`
	DataFlowDiagrams       []*DataFlowDiagram      `json:"dataFlowDiagram,omitempty" hcl:"data_flow_diagram_v2,block"`
	LegacyDfd              *LegacyDataFlowDiagram  `json:"legacyDataFlowDiagram,omitempty" hcl:"data_flow_diagram,block"`
}

func (*Threatmodel) Include added in v0.1.4 

func (tm *Threatmodel) Include(cfg *ThreatmodelSpecConfig, myfilename string) error

func (*Threatmodel) RenderMarkdown 

func (tm *Threatmodel) RenderMarkdown(mdTemplate string) (io.Reader, error)

func (*Threatmodel) RenderOtm added in v0.1.7 

func (tm *Threatmodel) RenderOtm() (otm.OtmSchemaJson, error)

func (*Threatmodel) ValidateTm added in v0.1.6 

func (tm *Threatmodel) ValidateTm(p *ThreatmodelParser) error

type ThreatmodelParser 

type ThreatmodelParser struct {
	// contains filtered or unexported fields
}

func NewThreatmodelParser 

func NewThreatmodelParser(cfg *ThreatmodelSpecConfig) *ThreatmodelParser

func (*ThreatmodelParser) AddTMAndWrite 

func (p *ThreatmodelParser) AddTMAndWrite(tm Threatmodel, f io.Writer, debug bool) error

func (*ThreatmodelParser) GetWrapped 

func (p *ThreatmodelParser) GetWrapped() *ThreatmodelWrapped

func (*ThreatmodelParser) ParseFile added in v0.1.0 

func (p *ThreatmodelParser) ParseFile(filename string, isChild bool) error

ParseFile parses a single Threatmodel file, and will account for either JSON or HCL (this is a wrapper sort of for the two different methods)

func (*ThreatmodelParser) ParseHCLFile 

func (p *ThreatmodelParser) ParseHCLFile(filename string, isChild bool) error

ParseHCLFile parses a single HCL Threatmodel file

func (*ThreatmodelParser) ParseHCLRaw 

func (p *ThreatmodelParser) ParseHCLRaw(input []byte) error

ParseHCLRaw parses a byte slice into HCL Threatmodels This is used for piping in STDIN

func (*ThreatmodelParser) ParseJSONFile added in v0.1.0 

func (p *ThreatmodelParser) ParseJSONFile(filename string, isChild bool) error

ParseJSONFile parses a single JSON Threatmodel file

func (*ThreatmodelParser) ParseJSONRaw added in v0.1.0 

func (p *ThreatmodelParser) ParseJSONRaw(input []byte) error

ParseJSONRaw parses a byte slice into HCL Threatmodels from JSON This is used for piping in STDIN

type ThreatmodelSpecConfig 

type ThreatmodelSpecConfig struct {
	Version                        string
	InitiativeSizes                []string `hcl:"initiative_sizes,optional"`
	DefaultInitiativeSize          string   `hcl:"default_initiative_size,optional"`
	InfoClassifications            []string `hcl:"info_classifications,optional"`
	DefaultInfoClassification      string   `hcl:"default_info_classification,optional"`
	ImpactTypes                    []string `hcl:"impact_types,optional"`
	STRIDE                         []string `hcl:"strides,optional"`
	UptimeDepClassifications       []string `hcl:"uptime_dep_classifications,optional"`
	DefaultUptimeDepClassification string   `hcl:"default_uptime_dep_classification,optional"`
}

func LoadSpecConfig 

func LoadSpecConfig() (*ThreatmodelSpecConfig, error)

func (*ThreatmodelSpecConfig) LoadSpecConfigFile 

func (t *ThreatmodelSpecConfig) LoadSpecConfigFile(file string) error

type ThreatmodelWrapped 

type ThreatmodelWrapped struct {
	Threatmodels []Threatmodel `json:"threatmodels" hcl:"threatmodel,block"`
	SpecVersion  string        `json:"specVersion,omitempty" hcl:"spec_version,optional"`
	Components   []*Component  `json:"components,omitempty" hcl:"component,block"`
	Variables    []*Variable   `json:"variables,omitempty" hcl:"variable,block"`
}

type UptimeDependencyClassification 

type UptimeDependencyClassification string

type UseCase 

type UseCase struct {
	Description string `json:"description" hcl:"description,attr"`
}

type Variable 

type Variable struct {
	VariableName  string `json:"variableName" hcl:"variable_name,label"`
	VariableValue string `json:"variableValue" hcl:"value,attr"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.