-
Notifications
You must be signed in to change notification settings - Fork 20
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #63 from northdpole/master
CRE Mappings
- Loading branch information
Showing
4 changed files
with
342 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
import argparse | ||
import yaml | ||
import requests | ||
import qrcode | ||
import qrcode.image.svg | ||
|
||
opencre_base_url = "https://opencre.org" | ||
opencre_rest_url = "https://opencre.org/rest/v1" | ||
CORNUCOPIA_VERSION = "1.20" | ||
|
||
def make_cre_link(id:str, frontend:bool=False): | ||
if frontend: | ||
return f"{opencre_base_url}/cre/{id}" | ||
else: | ||
return f"{opencre_rest_url}/id/{id}" | ||
|
||
def produce_ecommerce_mappings(source_file, | ||
standards_to_add=[ | ||
"ASVS", | ||
"CAPEC", | ||
"SCP"])->dict: | ||
base = { | ||
"meta": | ||
{ | ||
"edition":"ecommerce", | ||
"component":"mappings", | ||
"language":"ALL", | ||
"version":CORNUCOPIA_VERSION | ||
}, | ||
} | ||
for indx, suit in enumerate(source_file.copy()["suits"]): | ||
for card_indx,card in enumerate(suit["cards"]): | ||
cre = card["cre"][0] | ||
response = requests.get(make_cre_link(cre)) | ||
if response.status_code == 200: | ||
cre_object = response.json().get("data") | ||
for standard in standards_to_add: | ||
for link in cre_object.get("links"): | ||
if link.get("document").get("name") == standard: | ||
source_file["suits"][indx]["cards"][card_indx][standard]=link.get("document").get("sectionID") | ||
else: | ||
print(f"could not find CRE {cre}, status code {response.status_code}") | ||
|
||
base["suits"] = source_file["suits"] | ||
return base | ||
|
||
def generate_qr_images(existing_mappings:dict,directory_path:str): | ||
for suit in existing_mappings["suits"]: | ||
for card in suit["cards"]: | ||
cre = card["cre"][0] | ||
link = make_cre_link(cre,frontend=True) | ||
print(f"making qr code for {cre}") | ||
img = qrcode.make(link, image_factory=qrcode.image.svg.SvgImage) | ||
with open(f"{directory_path}/{cre}","wb") as f: | ||
img.save(f) | ||
|
||
def main(): | ||
global opencre_base_url,opencre_rest_url | ||
parser = argparse.ArgumentParser(description='generate mappings') | ||
parser.add_argument('-c','--cres', help='Where to find the file mapping cornucopia to CREs', required=True) | ||
parser.add_argument('-t','--target', help='Path where to store the result') | ||
parser.add_argument('-s','--staging',action='store_true', help='If provided will use staging.opencre.org instead of opencre.org') | ||
parser.add_argument('-q','--qr_images', help='If provided will populate the target dir with qr image pointing to every cre') | ||
args = vars(parser.parse_args()) | ||
if args["staging"]: | ||
print("Using staging.opencre.org") | ||
opencre_base_url = "https://staging.opencre.org" | ||
opencre_rest_url = "https://staging.opencre.org/rest/v1" | ||
with open(args["cres"]) as f: | ||
mappings = yaml.safe_load(f) | ||
if args["target"]: | ||
ecommerce = produce_ecommerce_mappings(mappings) | ||
with open(args["target"],"w") as ef: | ||
yaml.safe_dump(ecommerce, ef) | ||
if args["qr_images"]: | ||
generate_qr_images(mappings,args["qr_images"]) | ||
|
||
if __name__ == "__main__": | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,234 @@ | ||
meta: | ||
component: mappings | ||
edition: ecommerce | ||
language: ALL | ||
version: '1.20' | ||
suits: | ||
- cards: | ||
- cre: | ||
- 308-515 | ||
value: '2' | ||
- cre: | ||
- 010-308 | ||
value: '3' | ||
- cre: | ||
- 064-808 | ||
value: '4' | ||
- cre: | ||
- 161-451 | ||
value: '5' | ||
- cre: | ||
- 848-711 | ||
value: '6' | ||
- cre: | ||
- 538-446 | ||
value: '7' | ||
- cre: | ||
- 764-765 | ||
value: '8' | ||
- cre: | ||
- 118-602 | ||
value: '9' | ||
- cre: | ||
- 650-560 | ||
value: '10' | ||
- cre: | ||
- 848-711 | ||
value: J | ||
- cre: | ||
- 161-451 | ||
value: Q | ||
- cre: | ||
- 760-764 | ||
value: K | ||
name: Data validation & encoding | ||
- cards: | ||
- cre: | ||
- 138-448 | ||
value: '2' | ||
- cre: | ||
- 223-780 | ||
value: '3' | ||
- cre: | ||
- 224-321 | ||
value: '4' | ||
- cre: | ||
- 774-888 | ||
value: '5' | ||
- cre: | ||
- 581-525 | ||
value: '6' | ||
- cre: | ||
- 270-568 | ||
value: '7' | ||
- cre: | ||
- 166-151 | ||
value: '8' | ||
- cre: | ||
- 258-115 | ||
value: '9' | ||
- cre: | ||
- 113-133 | ||
value: '10' | ||
- cre: | ||
- 146-556 | ||
value: J | ||
- cre: | ||
- 146-556 | ||
value: Q | ||
- cre: | ||
- 633-428 | ||
value: K | ||
name: Authentication | ||
- cards: | ||
- cre: | ||
- 716-526 | ||
value: '2' | ||
- cre: | ||
- 177-260 | ||
value: '3' | ||
- cre: | ||
- 177-260 | ||
value: '4' | ||
- cre: | ||
- 716-526 | ||
value: '5' | ||
- cre: | ||
- 470-731 | ||
value: '6' | ||
- cre: | ||
- 457-165 | ||
value: '7' | ||
- cre: | ||
- 470-731 | ||
value: '8' | ||
- cre: | ||
- 177-260 | ||
value: '9' | ||
- cre: | ||
- 060-472 | ||
value: '10' | ||
- cre: | ||
- 060-472 | ||
value: J | ||
- cre: | ||
- 576-042 | ||
value: Q | ||
- cre: | ||
- 177-260 | ||
value: K | ||
name: Session management | ||
- cards: | ||
- cre: | ||
- 657-084 | ||
value: '2' | ||
- cre: | ||
- 330-281 | ||
value: '3' | ||
- cre: | ||
- 284-521 | ||
value: '4' | ||
- cre: | ||
- 284-521 | ||
value: '5' | ||
- cre: | ||
- 284-521 | ||
value: '6' | ||
- cre: | ||
- 284-521 | ||
value: '7' | ||
- cre: | ||
- 576-042 | ||
value: '8' | ||
- cre: | ||
- 854-643 | ||
value: '9' | ||
- cre: | ||
- 128-128 | ||
value: '10' | ||
- cre: | ||
- 308-515 | ||
value: J | ||
- cre: | ||
- 857-718 | ||
value: Q | ||
- cre: | ||
- 284-521 | ||
value: K | ||
name: Authorization | ||
- cards: | ||
- cre: | ||
- 504-340 | ||
value: '2' | ||
- cre: | ||
- 762-616 | ||
value: '3' | ||
- cre: | ||
- 504-340 | ||
value: '4' | ||
- cre: | ||
- 036-810 | ||
value: '5' | ||
- cre: | ||
- 504-340 | ||
value: '6' | ||
- cre: | ||
- 504-340 | ||
value: '7' | ||
- cre: | ||
- 400-007 | ||
value: '8' | ||
- cre: | ||
- 664-571 | ||
value: '9' | ||
- cre: | ||
- 002-801 | ||
value: '10' | ||
- cre: | ||
- 223-780 | ||
value: J | ||
- cre: | ||
- 223-780 | ||
value: Q | ||
- cre: | ||
- 170-772 | ||
value: K | ||
name: Cryptography | ||
- cards: | ||
- cre: | ||
- 724-770 | ||
value: '2' | ||
- cre: | ||
- 308-515 | ||
value: '3' | ||
- cre: | ||
- 184-284 | ||
value: '4' | ||
- cre: | ||
- 155-155 | ||
value: '5' | ||
- cre: | ||
- 513-183 | ||
value: '6' | ||
- cre: | ||
- 402-706 | ||
value: '7' | ||
- cre: | ||
- 724-770 | ||
value: '8' | ||
- cre: | ||
- 152-725 | ||
value: '9' | ||
- cre: | ||
- 613-285 | ||
value: '10' | ||
- cre: | ||
- 180-488 | ||
value: J | ||
- cre: | ||
- 132-146 | ||
value: Q | ||
- cre: | ||
- 623-550 | ||
value: K | ||
name: Cornucopia |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
import unittest | ||
from scripts import gen_mappings as gm | ||
|
||
|
||
if "unittest.util" in __import__("sys").modules: | ||
# Show full diff in self.assertEqual. | ||
__import__("sys").modules["unittest.util"]._MAX_LENGTH = 999999999 | ||
|
||
|
||
class TestProduceEcommerceMappings(unittest.TestCase): | ||
|
||
def test_can_add_one_standard(self): | ||
input = {'suits': [{'cards': [{'cre': ['308-515'], 'value': '2'}], 'name': 'Data validation & encoding'}, {'cards': [{'cre': ['138-448'], 'value': '2'}], 'name': 'Session management'}]} | ||
standards = ['ASVS'] | ||
expected = {'meta': {'component': 'mappings','edition': 'ecommerce','language': 'ALL','version': '1.20'},'suits': [{'cards': [{'cre': ['308-515'], 'value': '2'}],'name': 'Data validation & encoding'},{'cards': [{'ASVS': 'V2.3.3', 'cre': ['138-448'], 'value': '2'}], 'name': 'Session management'}]} | ||
|
||
self.assertEqual(gm.produce_ecommerce_mappings(input,standards),expected) | ||
|
||
if __name__ == "__main__": | ||
unittest.main() |