spec

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 13, 2022 License: MIT Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TmMDTemplate = `` /* 2934-byte string literal not displayed */

	TmDashboardTemplate = `` /* 306-byte string literal not displayed */

)
View Source 
const (
	NoneUptime        UptimeDependencyClassification = "none"
	DegradedUptime                                   = "degraded"
	HardUptime                                       = "hard"
	OperationalUptime                                = "operational"
)

Variables

This section is empty.

Functions

func ParseTMTemplate added in v0.0.6 

func ParseTMTemplate(mdTemplate string) (*template.Template, error)

func VersionConstraints added in v0.1.5 

func VersionConstraints(tmw *ThreatmodelWrapped, emit bool) (string, error)

Types

type Attribute 

type Attribute struct {
	NewInitiative  bool   `hcl:"new_initiative,attr"`
	InternetFacing bool   `hcl:"internet_facing,attr"`
	InitiativeSize string `hcl:"initiative_size,attr"`
}

type Component 

type Component struct {
	ComponentType string `hcl:"component_type,label"`
	ComponentName string `hcl:"component_name,label"`
	Description   string `hcl:"description,attr"`
}

type Control added in v0.1.5 

type Control struct {
	Name                string              `hcl:"name,label"`
	Implemented         bool                `hcl:"implemented,optional"`
	Description         string              `hcl:"description"`
	ImplementationNotes string              `hcl:"implementation_notes,optional"`
	RiskReduction       int                 `hcl:"risk_reduction,optional"`
	Attributes          []*ControlAttribute `hcl:"attribute,block"`
}

type ControlAttribute added in v0.1.5 

type ControlAttribute struct {
	Name  string `hcl:"name,label"`
	Value string `hcl:"value"`
}

type DataFlowDiagram 

type DataFlowDiagram struct {
	Processes        []*DfdProcess   `hcl:"process,block"`
	ExternalElements []*DfdExternal  `hcl:"external_element,block"`
	DataStores       []*DfdData      `hcl:"data_store,block"`
	Flows            []*DfdFlow      `hcl:"flow,block"`
	TrustZones       []*DfdTrustZone `hcl:"trust_zone,block"`
	ImportFile       string          `hcl:"import,optional"`
}

type DfdData 

type DfdData struct {
	Name      string `hcl:"name,label"`
	TrustZone string `hcl:"trust_zone,optional"`
	IaLink    string `hcl:"information_asset,optional"`
}

type DfdExternal 

type DfdExternal struct {
	Name      string `hcl:"name,label"`
	TrustZone string `hcl:"trust_zone,optional"`
}

type DfdFlow 

type DfdFlow struct {
	Name string `hcl:"name,label"`
	From string `hcl:"from,attr"`
	To   string `hcl:"to,attr"`
}

type DfdProcess 

type DfdProcess struct {
	Name      string `hcl:"name,label"`
	TrustZone string `hcl:"trust_zone,optional"`
}

type DfdTrustZone added in v0.1.0 

type DfdTrustZone struct {
	Name             string         `hcl:"name,label"`
	Processes        []*DfdProcess  `hcl:"process,block"`
	ExternalElements []*DfdExternal `hcl:"external_element,block"`
	DataStores       []*DfdData     `hcl:"data_store,block"`
}

type Exclusion 

type Exclusion struct {
	Description string `hcl:"description,attr"`
}

type InformationAsset 

type InformationAsset struct {
	Name                      string `hcl:"name,label"`
	Description               string `hcl:"description,optional"`
	InformationClassification string `hcl:"information_classification,optional"`
	Source                    string `hcl:"source,optional"`
}

type ProposedControl added in v0.1.0 

type ProposedControl struct {
	Implemented bool   `hcl:"implemented,optional"`
	Description string `hcl:"description"`
}

type ThirdPartyDependency 

type ThirdPartyDependency struct {
	Name             string                         `hcl:"name,label"`
	Saas             bool                           `hcl:"saas,optional"`
	PayingCustomer   bool                           `hcl:"paying_customer,optional"`
	OpenSource       bool                           `hcl:"open_source,optional"`
	UptimeDependency UptimeDependencyClassification `hcl:"uptime_dependency,attr"`
	UptimeNotes      string                         `hcl:"uptime_notes,optional"`
	Infrastructure   bool                           `hcl:"infrastructure,optional"`
	Description      string                         `hcl:"description,attr"`
}

func (*ThirdPartyDependency) RenderUptime 

func (dep *ThirdPartyDependency) RenderUptime() string

type Threat 

type Threat struct {
	ImpactType           []string           `hcl:"impacts,optional"`
	Description          string             `hcl:"description,attr"`
	Control              string             `hcl:"control,optional"`
	Stride               []string           `hcl:"stride,optional"`
	InformationAssetRefs []string           `hcl:"information_asset_refs,optional"`
	ProposedControls     []*ProposedControl `hcl:"proposed_control,block"`
	Controls             []*Control         `hcl:"expanded_control,block"`
}

type Threatmodel 

type Threatmodel struct {
	Name                   string                  `hcl:"name,label"`
	Description            string                  `hcl:"description,optional"`
	Imports                []string                `hcl:"imports,optional"`
	Including              string                  `hcl:"including,optional"`
	Link                   string                  `hcl:"link,optional"`
	DiagramLink            string                  `hcl:"diagram_link,optional"`
	Author                 string                  `hcl:"author,attr"`
	CreatedAt              int64                   `hcl:"created_at,optional"`
	UpdatedAt              int64                   `hcl:"updated_at,optional"`
	Attributes             *Attribute              `hcl:"attributes,block"`
	InformationAssets      []*InformationAsset     `hcl:"information_asset,block"`
	Threats                []*Threat               `hcl:"threat,block"`
	UseCases               []*UseCase              `hcl:"usecase,block"`
	Exclusions             []*Exclusion            `hcl:"exclusion,block"`
	ThirdPartyDependencies []*ThirdPartyDependency `hcl:"third_party_dependency,block"`
	DataFlowDiagram        *DataFlowDiagram        `hcl:"data_flow_diagram,block"`
}

func (*Threatmodel) GenerateDfdPng 

func (tm *Threatmodel) GenerateDfdPng(filepath string) error

func (*Threatmodel) GenerateDfdSvg added in v0.1.1 

func (tm *Threatmodel) GenerateDfdSvg(filepath string) error

func (*Threatmodel) GenerateDot added in v0.1.1 

func (tm *Threatmodel) GenerateDot() (string, error)

func (*Threatmodel) Include added in v0.1.4 

func (tm *Threatmodel) Include(cfg *ThreatmodelSpecConfig, myfilename string) error

func (*Threatmodel) RenderMarkdown 

func (tm *Threatmodel) RenderMarkdown(mdTemplate string) (io.Reader, error)

type ThreatmodelParser 

type ThreatmodelParser struct {
	// contains filtered or unexported fields
}

func NewThreatmodelParser 

func NewThreatmodelParser(cfg *ThreatmodelSpecConfig) *ThreatmodelParser

func (*ThreatmodelParser) AddTMAndWrite 

func (p *ThreatmodelParser) AddTMAndWrite(tm Threatmodel, f io.Writer, debug bool) error

func (*ThreatmodelParser) GetWrapped 

func (p *ThreatmodelParser) GetWrapped() *ThreatmodelWrapped

func (*ThreatmodelParser) ParseFile added in v0.1.0 

func (p *ThreatmodelParser) ParseFile(filename string, isChild bool) error

ParseFile parses a single Threatmodel file, and will account for either JSON or HCL (this is a wrapper sort of for the two different methods)

func (*ThreatmodelParser) ParseHCLFile 

func (p *ThreatmodelParser) ParseHCLFile(filename string, isChild bool) error

ParseHCLFile parses a single HCL Threatmodel file

func (*ThreatmodelParser) ParseHCLRaw 

func (p *ThreatmodelParser) ParseHCLRaw(input []byte) error

ParseHCLRaw parses a byte slice into HCL Threatmodels This is used for piping in STDIN

func (*ThreatmodelParser) ParseJSONFile added in v0.1.0 

func (p *ThreatmodelParser) ParseJSONFile(filename string, isChild bool) error

ParseJSONFile parses a single JSON Threatmodel file

func (*ThreatmodelParser) ParseJSONRaw added in v0.1.0 

func (p *ThreatmodelParser) ParseJSONRaw(input []byte) error

ParseJSONRaw parses a byte slice into HCL Threatmodels from JSON This is used for piping in STDIN

func (*ThreatmodelParser) ValidateTm 

func (p *ThreatmodelParser) ValidateTm(tm *Threatmodel) error

type ThreatmodelSpecConfig 

type ThreatmodelSpecConfig struct {
	Version                        string
	InitiativeSizes                []string `hcl:"initiative_sizes,optional"`
	DefaultInitiativeSize          string   `hcl:"default_initiative_size,optional"`
	InfoClassifications            []string `hcl:"info_classifications,optional"`
	DefaultInfoClassification      string   `hcl:"default_info_classification,optional"`
	ImpactTypes                    []string `hcl:"impact_types,optional"`
	STRIDE                         []string `hcl:"strides,optional"`
	UptimeDepClassifications       []string `hcl:"uptime_dep_classifications,optional"`
	DefaultUptimeDepClassification string   `hcl:"default_uptime_dep_classification,optional"`
}

func LoadSpecConfig 

func LoadSpecConfig() (*ThreatmodelSpecConfig, error)

func (*ThreatmodelSpecConfig) LoadSpecConfigFile 

func (t *ThreatmodelSpecConfig) LoadSpecConfigFile(file string) error

type ThreatmodelWrapped 

type ThreatmodelWrapped struct {
	Threatmodels []Threatmodel `hcl:"threatmodel,block"`
	SpecVersion  string        `hcl:"spec_version,optional"`
	Components   []*Component  `hcl:"component,block"`
	Variables    []*Variable   `hcl:"variable,block"`
}

type UptimeDependencyClassification 

type UptimeDependencyClassification string

type UseCase 

type UseCase struct {
	Description string `hcl:"description,attr"`
}

type Variable 

type Variable struct {
	VariableName  string `hcl:"variable_name,label"`
	VariableValue string `hcl:"value,attr"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.