1 /*
2 * This file is part of dependency-check-core.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 *
16 * Copyright (c) 2016 Jeremy Long. All Rights Reserved.
17 */
18 package org.owasp.dependencycheck.xml.hints;
19
20 import java.util.ArrayList;
21 import java.util.List;
22 import org.owasp.dependencycheck.dependency.Confidence;
23 import org.owasp.dependencycheck.dependency.Evidence;
24 import org.owasp.dependencycheck.xml.suppression.PropertyType;
25
26 /**
27 * A collection of product and vendor evidence to match; if any evidence is
28 * matched the addVendor and addProduct evidence should be added to the
29 * dependency.
30 *
31 * @author Jeremy Long
32 */
33 public class HintRule {
34
35 /**
36 * The list of file names to match.
37 */
38 private final List<PropertyType> filenames = new ArrayList<PropertyType>();
39
40 /**
41 * Adds the filename evidence to the collection.
42 *
43 * @param filename the filename to add
44 */
45 public void addFilename(PropertyType filename) {
46 this.filenames.add(filename);
47 }
48
49 /**
50 * Returns the list of filename evidence to match against.
51 *
52 * @return the list of filename evidence to match against
53 */
54 public List<PropertyType> getFilenames() {
55 return filenames;
56 }
57 /**
58 * The list of product evidence that is being matched.
59 */
60 private final List<Evidence> givenProduct = new ArrayList<Evidence>();
61
62 /**
63 * Adds a given product to the list of evidence to matched.
64 *
65 * @param source the source of the evidence
66 * @param name the name of the evidence
67 * @param value the value of the evidence
68 * @param confidence the confidence of the evidence
69 */
70 public void addGivenProduct(String source, String name, String value, Confidence confidence) {
71 givenProduct.add(new Evidence(source, name, value, confidence));
72 }
73
74 /**
75 * Get the value of givenProduct.
76 *
77 * @return the value of givenProduct
78 */
79 public List<Evidence> getGivenProduct() {
80 return givenProduct;
81 }
82
83 /**
84 * The list of vendor evidence that is being matched.
85 */
86 private final List<Evidence> givenVendor = new ArrayList<Evidence>();
87
88 /**
89 * The list of product evidence to add.
90 */
91 private final List<Evidence> addProduct = new ArrayList<Evidence>();
92 /**
93 * The list of version evidence to add.
94 */
95 private final List<Evidence> addVersion = new ArrayList<Evidence>();
96
97 /**
98 * Adds a given vendors to the list of evidence to matched.
99 *
100 * @param source the source of the evidence
101 * @param name the name of the evidence
102 * @param value the value of the evidence
103 * @param confidence the confidence of the evidence
104 */
105 public void addGivenVendor(String source, String name, String value, Confidence confidence) {
106 givenVendor.add(new Evidence(source, name, value, confidence));
107 }
108
109 /**
110 * Get the value of givenVendor.
111 *
112 * @return the value of givenVendor
113 */
114 public List<Evidence> getGivenVendor() {
115 return givenVendor;
116 }
117
118 /**
119 * Adds a given product to the list of evidence to add when matched.
120 *
121 * @param source the source of the evidence
122 * @param name the name of the evidence
123 * @param value the value of the evidence
124 * @param confidence the confidence of the evidence
125 */
126 public void addAddProduct(String source, String name, String value, Confidence confidence) {
127 addProduct.add(new Evidence(source, name, value, confidence));
128 }
129
130 /**
131 * Get the value of addProduct.
132 *
133 * @return the value of addProduct
134 */
135 public List<Evidence> getAddProduct() {
136 return addProduct;
137 }
138
139 /**
140 * Adds a given version to the list of evidence to add when matched.
141 *
142 * @param source the source of the evidence
143 * @param name the name of the evidence
144 * @param value the value of the evidence
145 * @param confidence the confidence of the evidence
146 */
147 public void addAddVersion(String source, String name, String value, Confidence confidence) {
148 addVersion.add(new Evidence(source, name, value, confidence));
149 }
150
151 /**
152 * Get the value of addVersion.
153 *
154 * @return the value of addVersion
155 */
156 public List<Evidence> getAddVersion() {
157 return addVersion;
158 }
159
160 /**
161 * The list of vendor hints to add.
162 */
163 private final List<Evidence> addVendor = new ArrayList<Evidence>();
164
165 /**
166 * Adds a given vendor to the list of evidence to add when matched.
167 *
168 * @param source the source of the evidence
169 * @param name the name of the evidence
170 * @param value the value of the evidence
171 * @param confidence the confidence of the evidence
172 */
173 public void addAddVendor(String source, String name, String value, Confidence confidence) {
174 addVendor.add(new Evidence(source, name, value, confidence));
175 }
176
177 /**
178 * Get the value of addVendor.
179 *
180 * @return the value of addVendor
181 */
182 public List<Evidence> getAddVendor() {
183 return addVendor;
184 }
185 }