particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

oscap: add oscap package

Browse source 
Add a package with the constants of the
valid oscap profiles. Add a function to
validate the available profiles against
an allow map of supported profiles. The
allowed function checks for both exact
matches and shorthand versions of the
oscap profiles.
This commit is contained in:
Gianluca Zuccarelli 2022-07-06 15:06:20 +01:00 committed by Christian Kellner
parent 512cbd6089
commit 0cb28f3a8f
1 changed files with 45 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

45
internal/oscap/oscap.go Normal file
View file

@ -0,0 +1,45 @@
package oscap
import "strings"
type Profile string
func (p Profile) String() string {
return string(p)
}
const (
AnssiBp28Enhanced Profile = "xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced"
AnssiBp28High Profile = "xccdf_org.ssgproject.content_profile_anssi_bp28_high"
AnssiBp28Intermediary Profile = "xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary"
AnssiBp28Minimal Profile = "xccdf_org.ssgproject.content_profile_anssi_bp28_minimal"
Cis Profile = "xccdf_org.ssgproject.content_profile_cis"
CisServerL1 Profile = "xccdf_org.ssgproject.content_profile_cis_server_l1"
CisWorkstationL1 Profile = "xccdf_org.ssgproject.content_profile_cis_workstation_l1"
CisWorkstationL2 Profile = "xccdf_org.ssgproject.content_profile_cis_workstation_l2"
Cui Profile = "xccdf_org.ssgproject.content_profile_cui"
E8 Profile = "xccdf_org.ssgproject.content_profile_e8"
Hippa Profile = "xccdf_org.ssgproject.content_profile_hipaa"
IsmO Profile = "xccdf_org.ssgproject.content_profile_ism_o"
Ospp Profile = "xccdf_org.ssgproject.content_profile_ospp"
PciDss Profile = "xccdf_org.ssgproject.content_profile_pci-dss"
Standard Profile = "xccdf_org.ssgproject.content_profile_standard"
Stig Profile = "xccdf_org.ssgproject.content_profile_stig"
StigGui Profile = "xccdf_org.ssgproject.content_profile_stig_gui"
)
func IsProfileAllowed(profile string, allowlist []Profile) bool {
for _, a := range allowlist {
if a.String() == profile {
return true
}
// this enables a user to specify
// the full profile or the short
// profile id
if strings.HasSuffix(a.String(), profile) {
return true
}
}
return false
}