cvss_rating 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 86710948607aed7404a2f0fe021a0cb734cf1a6b
-  data.tar.gz: 8a98d94e813c4a0be0afe2b22b5f6fd66f5d5b63
+  metadata.gz: 9f34c95f177fe60ecc57c735768fbe8cad31aafe
+  data.tar.gz: 3584d4783a7e04538093797cc8cc50474238e077
 SHA512:
-  metadata.gz: e1c0f19932a291bb805fd5c784ccc0d685bad189aab48ae5b2f2aed4bd56330c345cd3100a2530d12aff54259ea5499ca048f3137a2447e0c8423a829a860abe
-  data.tar.gz: 77af3c98596f4ad2d7f0a429f8275c7c487c91947ab88eb4a099187e84a0cb145518fc9829726bc6849fb78432957af850299934cce8f371494eff136d7719c6
+  metadata.gz: d271f1acc407e4ead7d99302b282d21e22674069738cfaf09e84c8b48d7cfc316f184af3c9c742e39b80917d49e97ce7006d8c5912ffbe8f2483f7dcbc1be0e8
+  data.tar.gz: d3b34287aeadbd3d98bebd3dbf4136f233a09c491f8a4001917f6eecb8079f1e9f092e736a4a7e63f181e6e050152bbcf52b35170f7cc2cc9de1676ee6742f20

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+ - "1.9.3"
+ - "2.1.2"

data/README.md

@@ -1,5 +1,7 @@
 # Cvss Rating
 
+[![Build Status](https://travis-ci.org/mort666/cvss_rating.svg)](https://travis-ci.org/mort666/cvss_rating)
+
 Implements CVSS Risk Rating version 2.0
 
 ## Installation
@@ -18,7 +20,7 @@ Or install it yourself as:
 
 ## Usage
 
-Check out the unit tests for examples of usage
+Check out the unit tests for examples of usage.
 
 ## TODO
 

data/cvss_rating.gemspec

@@ -5,11 +5,11 @@ require 'cvss_rating/version'
 
 Gem::Specification.new do |spec|
   spec.name          = "cvss_rating"
-  spec.version       = Cvss::Rating::VERSION
+  spec.version       = Cvss2::Rating::VERSION
   spec.authors       = ["Stephen Kapp"]
   spec.email         = ["mort666@virus.org"]
-  spec.summary       = %q{CVSS Risk Rating Calucation and Vector parsing}
-  spec.description   = %q{CVSS Risk Rating Calucation and Vector parsing, implements CVSS 2.0 rating}
+  spec.summary       = %q{CVSS Risk Rating Calculation and Vector parsing}
+  spec.description   = %q{CVSS Risk Rating Calculation and Vector parsing, implements CVSS 2.0 rating}
   spec.homepage      = "https://github.com/mort666/cvss_rating"
   spec.license       = "MIT"
 
@@ -20,4 +20,6 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", "~> 1.6"
   spec.add_development_dependency "minitest"
+  spec.add_development_dependency "activesupport"
+  spec.add_development_dependency "rake"
 end

data/lib/cvss_rating/version.rb

@@ -1,5 +1,5 @@
-module Cvss
+module Cvss2
 	class Rating
-  		VERSION = "0.1.1"
+  		VERSION = "0.2.0"
   	end
 end

data/lib/cvss_rating.rb

@@ -1,6 +1,6 @@
 require "cvss_rating/version"
 
-module Cvss
+module Cvss2
 	class Rating
   
 	  attr_accessor :av, :ac, :au, :ci, :ii, :ai, :ex, :rl, :rc, :cdp, :td, :cr, :ir, :ar 
@@ -44,18 +44,28 @@ module Cvss
 	  COLLATERAL_DAMAGE_KEY = { :none => 'N', :low => 'L', :low_medium => 'LM', :medium_high => 'MH', :high => 'H', :notdefined => 'ND' }
 	  TARGET_DISTRIBUTION_KEY = { :none => 'N', :low => 'L', :medium => 'M', :high => 'H', :notdefined => 'ND' }	  
 
-	  def initialize(attributes = {})   
-	    @base = nil 
-	    @temporal = nil 
-	    @environmental = nil 
-	    
-	    self.init
+	private
 
-	    attributes.each do |name, value|
-	      send("#{name}=", value)
+	  def impactfunction(impact)
+	  	return impact != 0 ? 1.176 : 0.0
+	  end
+
+	  def noenvironmental?
+	    if get_key("COLLATERAL_DAMAGE", @cdp) == "ND" && get_key("TARGET_DISTRIBUTION", @td) == "ND" && get_key("CONFIDENTIALITY_REQUIREMENT", @cr) == "ND" && get_key("INTEGRITY_REQUIREMENT", @ir) == "ND" && get_key("AVAILABILITY_REQUIREMENT", @ar) == "ND"
+	      return true
+	    else
+	      return false
 	    end
 	  end
 	  
+	  def notemporal?
+	    if get_key("EXPLOITABILITY", @ex) == "ND" && get_key("REMEDIATION_LEVEL", @rl) == "ND" && get_key("REPORT_CONFIDENCE", @rc) == "ND"
+	      return true
+	    else
+	      return false
+	    end
+	  end
+
 	  def init(ex = "ND", rl = "ND", rc = "ND", cd = "ND", td = "ND", cr = "ND", ir = "ND", ar = "ND")
 	    self.ex = ex
 	    self.rl = rl
@@ -67,8 +77,22 @@ module Cvss
 		self.ir = ir
 	    self.ar = ar
 	  end
+
+	public
+
+	  def initialize(attributes = {})   
+	    @base = nil 
+	    @temporal = nil 
+	    @environmental = nil 
+	    
+	    init
+
+	    attributes.each do |name, value|
+	      send("#{name}=", value)
+	    end
+	  end
 	  
-	  def scores(av, ac, au, ci, ii, ai, ex = "ND", rl = "ND", rc = "ND", cd = "ND", td = "ND", cr = "ND", ir = "ND", ar = "ND")
+	  def scores(av, ac, au, ci, ii, ai, ex = "ND", rl = "ND", rc = "ND", cdp = "ND", td = "ND", cr = "ND", ir = "ND", ar = "ND")
 	    self.av = av
 	    self.ac = ac
 	    self.au = au
@@ -80,7 +104,7 @@ module Cvss
 	    self.rl = rl
 	    self.rc = rc
 
-	    self.cd = cd
+	    self.cdp = cdp
 		self.td = td
 		self.cr = cr
 		self.ir = ir
@@ -91,22 +115,6 @@ module Cvss
 	    get_key = eval(vector + "_KEY")[(eval(vector).select { |k,v| v == value }).keys[0]]
 	  end
 	  
-	  def noenvironmental
-	    if get_key("COLLATERAL_DAMAGE", @cdp) == "ND" && get_key("TARGET_DISTRIBUTION", @td) == "ND" && get_key("CONFIDENTIALITY_REQUIREMENT", @cr) == "ND" && get_key("INTEGRITY_REQUIREMENT", @ir) == "ND" && get_key("AVAILABILITY_REQUIREMENT", @ar) == "ND"
-	      return true
-	    else
-	      return false
-	    end
-	  end
-	  
-	  def notemporal
-	    if get_key("EXPLOITABILITY", @ex) == "ND" && get_key("REMEDIATION_LEVEL", @rl) == "ND" && get_key("REPORT_CONFIDENCE", @rc) == "ND"
-	      return true
-	    else
-	      return false
-	    end
-	  end
-	  
 	  def set_key
 	    @key = "AV:%s/AC:%s/Au:%s/C:%s/I:%s/A:%s" % [ get_key("ACCESS_VECTOR", @av),
 	        get_key("ACCESS_COMPLEXITY", @ac),
@@ -115,13 +123,13 @@ module Cvss
 	        get_key("INTEGRITY_IMPACT", @ii),
 	        get_key("AVAILABILITY_IMPACT", @ai)]
 	        
-	    if !notemporal
+	    if !notemporal?
 	      @key += "/E:%s/RL:%s/RC:%s" % [ get_key("EXPLOITABILITY", @ex),
 	          get_key("REMEDIATION_LEVEL", @rl),
 	          get_key("REPORT_CONFIDENCE", @rc)]
 	    end
 	    
-	    if !noenvironmental
+	    if !noenvironmental?
 	      @key += "/CDP:%s/TD:%s/CR:%s/IR:%s/AR:%s" % [ get_key("COLLATERAL_DAMAGE", @cdp),
 	          get_key("TARGET_DISTRIBUTION", @td),
 	          get_key("CONFIDENTIALITY_REQUIREMENT", @cr),
@@ -360,7 +368,7 @@ module Cvss
 	    string = vector.split("/")
 	    len = string.length
 
-	    self.init
+	    init
 
 	    @originalkey = vector
 	    
@@ -379,9 +387,9 @@ module Cvss
 	    printf "Base Score:\t\t\t%3.1f\n", @base
 	    printf "  Impact Subscore:\t\t%3.1f\n", @impact
 	    printf "  Exploitability Subscore:\t%3.1f\n", @exploitability
-	    printf "Temporal Score:\t\t\t%3.1f\n", @temporal if !self.notemporal
-	    printf "Environmental Score:\t\t%3.1f\n", @environmental  if !self.noenvironmental
-	    printf "  Adjusted Impact Score:\t%3.1f\n", @adjimpact if !self.noenvironmental
+	    printf "Temporal Score:\t\t\t%3.1f\n", @temporal if !notemporal?
+	    printf "Environmental Score:\t\t%3.1f\n", @environmental  if !noenvironmental?
+	    printf "  Adjusted Impact Score:\t%3.1f\n", @adjimpact if !noenvironmental?
 	    printf "Overall Score:\t\t\t%3.1f\n", overallscore
 	  end
 	  
@@ -420,8 +428,8 @@ module Cvss
 	  end
 	  
 	  def overallscore
-	    if self.noenvironmental
-	      if self.notemporal
+	    if noenvironmental?
+	      if notemporal?
 	        overallscore = @base
 	      else
 	        overallscore = @temporal
@@ -432,10 +440,6 @@ module Cvss
 	    return overallscore
 	  end
 	  
-	  def impactfunction(impact)
-	  	return impact != 0 ? 1.176 : 0.0
-	  end
-	  
 	  def impactscore
 	    impact = 10.41*(1.0-(1.0-@ci.abs)*(1.0-@ii.abs)*(1.0-@ai.abs))
 	  end

data/test/cvss_rating_test.rb

@@ -4,7 +4,7 @@ require 'cvss_rating'
 
 class CvssRatingTest < MiniTest::Unit::TestCase
 	def setup
-		@cvss = Cvss::Rating.new
+		@cvss = Cvss2::Rating.new
 		@cvss.av = "N"
 		@cvss.ac = "M"
 		@cvss.au = "N"
@@ -13,7 +13,7 @@ class CvssRatingTest < MiniTest::Unit::TestCase
 		@cvss.ai = "P"
 		@cvss.set_key
 
-		@cvss_2 = Cvss::Rating.new
+		@cvss_2 = Cvss2::Rating.new
 		@cvss_2.av = "L"
 		@cvss_2.ac = "M"
 		@cvss_2.au = "M"
@@ -29,7 +29,7 @@ class CvssRatingTest < MiniTest::Unit::TestCase
 	end
 
 	def test_cvss_rating_from_vector
-		cvss = Cvss::Rating.new
+		cvss = Cvss2::Rating.new
 		cvss.parse("AV:N/AC:M/Au:N/C:P/I:P/A:P")
 		assert_equal @cvss.key, cvss.key
 
@@ -37,7 +37,6 @@ class CvssRatingTest < MiniTest::Unit::TestCase
 
 		assert_equal @cvss.overallscore, cvss.overallscore
 
-		cvss.init
 		cvss.parse("AV:L/AC:M/Au:M/C:P/I:C/A:C/CDP:L/TD:H/CR:M/IR:M/AR:M")
 		assert_equal @cvss_2.key, cvss.key
 
@@ -47,8 +46,7 @@ class CvssRatingTest < MiniTest::Unit::TestCase
 	end
 
 	def test_cvss_rating_parameters
-		cvss = Cvss::Rating.new
-		cvss.init
+		cvss = Cvss2::Rating.new
 
 		cvss.av = "local"
 
@@ -58,4 +56,14 @@ class CvssRatingTest < MiniTest::Unit::TestCase
 
 		assert_equal @cvss_2.cdp, cvss.cdp
 	end
+
+	def test_cvss_rating_scores
+		cvss = Cvss2::Rating.new
+
+		cvss.scores("N", "M", "N", "P", "P", "P")
+		assert_equal @cvss.key, cvss.key
+
+		cvss.scores("L", "M", "M", "P", "C", "C", "ND", "ND", "ND", "L", "H",  "M", "M",  "M")
+		assert_equal @cvss_2.key, cvss.key
+	end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cvss_rating
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Stephen Kapp
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-08-14 00:00:00.000000000 Z
+date: 2015-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -38,7 +38,36 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: CVSS Risk Rating Calucation and Vector parsing, implements CVSS 2.0 rating
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: CVSS Risk Rating Calculation and Vector parsing, implements CVSS 2.0
+  rating
 email:
 - mort666@virus.org
 executables: []
@@ -46,6 +75,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -77,6 +107,6 @@ rubyforge_project:
 rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
-summary: CVSS Risk Rating Calucation and Vector parsing
+summary: CVSS Risk Rating Calculation and Vector parsing
 test_files:
 - test/cvss_rating_test.rb