ssg.build_cpe module

Common functions for building CPEs

class ssg.build_cpe.CPEALCheckFactRef(obj)[source]

Bases: Symbol

static cpe_id_is_parametrized(cpe_id)[source]

enrich_with_cpe_info(cpe_products)[source]

static get_base_name_of_parametrized_cpe_id(cpe_id)[source]: If given a parametrized platform name such as package[test], it returns the package part only.

ns = 'http://cpe.mitre.org/language/2.0'

prefix = 'cpe-lang'

to_ansible_conditional()[source]

to_bash_conditional()[source]

to_xml_element()[source]

class ssg.build_cpe.CPEALLogicalTest(*args)[source]

Bases: Function

enrich_with_cpe_info(cpe_products)[source]

ns = 'http://cpe.mitre.org/language/2.0'

prefix = 'cpe-lang'

to_ansible_conditional()[source]

to_bash_conditional()[source]

to_xml_element()[source]

exception ssg.build_cpe.CPEDoesNotExist[source]: Bases: Exception

class ssg.build_cpe.CPEItem(id_)[source]

Bases: XCCDFEntity, Templatable

Represents the cpe-item element from the CPE standard.

KEYS = {'ansible_conditional': <function CPEItem.<lambda>>, 'args': <function CPEItem.<lambda>>, 'bash_conditional': <function CPEItem.<lambda>>, 'check_id': <function CPEItem.<lambda>>, 'content_id': <function CPEItem.<lambda>>, 'definition_location': <function XCCDFEntity.<lambda>>, 'id_': <function XCCDFEntity.<lambda>>, 'is_product_cpe': <function CPEItem.<lambda>>, 'name': <function CPEItem.<lambda>>, 'template': <function Templatable.<lambda>>, 'title': <function XCCDFEntity.<lambda>>, 'versioned': <function CPEItem.<lambda>>}

MANDATORY_KEYS = ['name']

property cpe_oval_def_id

property cpe_oval_short_def_id

create_resolved_cpe_item_for_fact_ref(fact_ref)[source]

classmethod from_yaml(yaml_file, env_yaml=None, product_cpes=None)[source]

static is_cpe_name(cpe_id_or_name)[source]

ns = 'http://cpe.mitre.org/dictionary/2.0'

prefix = 'cpe-dict'

set_conditional(language, content)[source]

set_cpe_oval_def_id()[source]

set_template_variables(*sources)[source]

to_xml_element(cpe_oval_filename)[source]

class ssg.build_cpe.CPEList[source]

Bases: object

Represents the cpe-list element from the CPE standard.

add(cpe_item)[source]

ns = 'http://cpe.mitre.org/dictionary/2.0'

prefix = 'cpe-dict'

to_file(file_name, cpe_oval_file, selection_of_cpe_names=None)[source]

to_xml_element(cpe_oval_file, selection_of_cpe_names=None)[source]

translate_cpe_oval_def_ids()[source]

class ssg.build_cpe.ProductCPEs[source]

Bases: object

Reads from the disk all the yaml CPEs related to a product and provides them in a structured way.

add_cpe_item(cpe_item)[source]

add_resolved_cpe_items_from_platform(platform)[source]

get_cpe(cpe_id_or_name)[source]

get_cpe_for_fact_ref(fact_ref)[source]

get_cpe_name(cpe_id)[source]

get_product_cpe_names()[source]

load_content_cpes(env_yaml)[source]

load_cpes_from_directory_tree(root_path, env_yaml)[source]

load_cpes_from_list(cpes_list)[source]

load_product_cpes(env_yaml)[source]

load_product_cpes_from_list(product_cpes_list)[source]

ssg.build_cpe.extract_env_obj(objects, local_var)[source]

From a collection of objects, return the object with id matching the object_ref of the local variable.

NOTE: This assumes that a local variable can only reference one object. Which is not true, variables can reference multiple objects. But this assumption should work for OVAL checks for CPEs, as they are not that complicated.

ssg.build_cpe.extract_referred_nodes(tree_with_refs, tree_with_ids, attrname)[source]: Return the elements in tree_with_ids which are referenced from tree_with_refs via the element attribute ‘attrname’.

ssg.build_cpe.extract_subelement(objects, sub_elem_type)[source]

From a collection of element objects, return the value of the first attribute of name sub_elem_type found.

This is useful when the object is a single element and we wish to query some external reference identifier in the subtree of that element.

ssg.build_cpe.get_linked_cpe_oval_document(unlinked_oval_file_path)[source]