forked from qt/qtbase
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathQtPublicSbomCpeHelpers.cmake
90 lines (80 loc) · 2.67 KB
/
QtPublicSbomCpeHelpers.cmake
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# Copyright (C) 2024 The Qt Company Ltd.
# SPDX-License-Identifier: BSD-3-Clause
# Computes a security CPE for a given set of attributes.
#
# When a part is not specified, a wildcard is added.
#
# References:
# https://spdx.github.io/spdx-spec/v2.3/external-repository-identifiers/#f22-cpe23type
# https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf
# https://nvd.nist.gov/products/cpe
#
# Each attribute means:
# 1. part
# 2. vendor
# 3. product
# 4. version
# 5. update
# 6. edition
# 7. language
# 8. sw_edition
# 9. target_sw
# 10. target_hw
# 11. other
function(_qt_internal_sbom_compute_security_cpe out_cpe)
set(opt_args "")
set(single_args
PART
VENDOR
PRODUCT
VERSION
UPDATE
EDITION
)
set(multi_args "")
cmake_parse_arguments(PARSE_ARGV 1 arg "${opt_args}" "${single_args}" "${multi_args}")
_qt_internal_validate_all_args_are_parsed(arg)
set(cpe_template "cpe:2.3:PART:VENDOR:PRODUCT:VERSION:UPDATE:EDITION:*:*:*:*:*")
set(cpe "${cpe_template}")
foreach(attribute_name IN LISTS single_args)
if(arg_${attribute_name})
set(${attribute_name}_value "${arg_${attribute_name}}")
else()
if(attribute_name STREQUAL "PART")
set(${attribute_name}_value "a")
else()
set(${attribute_name}_value "*")
endif()
endif()
string(REPLACE "${attribute_name}" "${${attribute_name}_value}" cpe "${cpe}")
endforeach()
set(${out_cpe} "${cpe}" PARENT_SCOPE)
endfunction()
# Computes the default security CPE for the Qt framework.
function(_qt_internal_sbom_get_cpe_qt out_var)
_qt_internal_sbom_get_root_project_name_lower_case(repo_project_name_lowercase)
_qt_internal_sbom_compute_security_cpe(repo_cpe
VENDOR "qt"
PRODUCT "${repo_project_name_lowercase}"
VERSION "${QT_REPO_MODULE_VERSION}"
)
set(${out_var} "${repo_cpe}" PARENT_SCOPE)
endfunction()
# Computes the default security CPE for a given qt repository.
function(_qt_internal_sbom_get_cpe_qt_repo out_var)
_qt_internal_sbom_compute_security_cpe(qt_cpe
VENDOR "qt"
PRODUCT "qt"
VERSION "${QT_REPO_MODULE_VERSION}"
)
set(${out_var} "${qt_cpe}" PARENT_SCOPE)
endfunction()
# Computes the list of security CPEs for Qt, including both the repo-specific one and generic one.
function(_qt_internal_sbom_compute_security_cpe_for_qt out_cpe_list)
set(cpe_list "")
_qt_internal_sbom_get_cpe_qt(repo_cpe)
list(APPEND cpe_list "${repo_cpe}")
_qt_internal_sbom_get_cpe_qt_repo(qt_cpe)
list(APPEND cpe_list "${qt_cpe}")
set(${out_cpe_list} "${cpe_list}" PARENT_SCOPE)
endfunction()