-
Notifications
You must be signed in to change notification settings - Fork 59
HDF Converters How Tos
The purpose of this page is to assist developer with creation of HDF Converters and Mappers contain content for how-tos and/or links to step by step instructions for some of the more specific HDF-Converter Maps. If you are just getting started on making mappers for HDF-Converters, please visit Editing HDF Mapper and Converter Creation Guide.
This page also contains information to help explain some of the mapping decisions.
A collection of more specific types of mappers.
JSONIX has the capability of using the XML Schema as a mapping object for forward and reverse translation of data. Since JSON objects are used in hdf-converters, the XML Schema needs to be converted to a JSON object that is used for the JSONIX library as a Context. There is a flag to also generate a .jsonschema
that can be used to create a strongly typed object ensuring the results of the JSONIX library are correct.
These files can be saved in the HDF Converters library under schemas
.
A visualization for how the JSONIX library is connected to the HDF-Converters:
graph TD;
XML_Schema --> Jsonix-schema-complier;
Jsonix-schema-complier --> Mapping_Object;
Jsonix-schema-complier --> JSON_Schema;
JSON_Schema --> QuickType;
QuickType --> JSONIX_Unmarshall_Type_Object;
XML_String --> jsonix-converter.ts;
JSONIX_Unmarshall_Type_Object --> jsonix-converter.ts;
Mapping_Object --> jsonix-converter.toJsonix;
jsonix-converter.ts --> jsonix-converter.toJsonix;
jsonix-converter.toJsonix --> MAPPER;
jsonix-converter.toJsonix -- Optional .-> jsonix-intermediate-converter.toIntermediateObject;
Custom_Intermediate_Type_Object --> jsonix-intermediate-converter.toIntermediateObject;
jsonix-intermediate-converter.toIntermediateObject --> MAPPER;
- Use the map generation page found on the JSONIX wiki to generate the module factory file with the
-generateJsonSchema
flag to create an additional file used to create a type for marshalling/unmarshalling functions.
Example of Command
docker run --rm -v "$(pwd)":/jsonix/ -w /jsonix eclipse-temurin:8-jre java -jar jsonix-schema-compiler-full-2.3.9.jar -generateJsonSchema -p CHECKLIST U_Checklist_Schema_V2.xsd
This will generate the following files in the directory using the name provided in the -p
flag:
|--- CHECKLIST.js
|--- CHECKLIST.jsonschema
- Access the resulting .js file.
- Copy the object that is returned as a constant in a separate file.
- Update naming conventions to conform to best practices. (i.e. change the name of the object and use
const
instead ofvar
and export so it is exposed and accessible)
To use the mapping object, a type must be generated and passed to the jsonix-converter.ts
.
This type can be auto-generated using the QuickType library with the .jsonschema file created from the above command
Example of Checklist jsonschema
{
"id":"#",
"definitions":{
"STIGDATA":{
"type":"object",
"title":"STIGDATA",
"required":[
"vulnattribute",
"attributedata"
],
"properties":{
"vulnattribute":{
"title":"vulnattribute",
"allOf":[
{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"CCI_REF",
"Check_Content",
"Check_Content_Ref",
"Class",
"Documentable",
"False_Negatives",
"False_Positives",
"Fix_Text",
"Group_Title",
"IA_Controls",
"Mitigation_Control",
"Mitigations",
"Potential_Impact",
"Responsibility",
"Rule_ID",
"Rule_Title",
"Rule_Ver",
"STIGRef",
"Security_Override_Guidance",
"Severity",
"Third_Party_Tools",
"Vuln_Discuss",
"Vuln_Num",
"Weight",
"TargetKey",
"STIG_UUID",
"LEGACY_ID"
]
}
]
}
],
"propertyType":"element",
"elementName":{
"localPart":"VULN_ATTRIBUTE",
"namespaceURI":""
}
},
"attributedata":{
"title":"attributedata",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"ATTRIBUTE_DATA",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"vulnattribute",
"attributedata"
]
},
"ASSET":{
"type":"object",
"title":"ASSET",
"required":[
"role",
"assettype",
"hostname",
"hostip",
"hostmac",
"hostfqdn",
"techarea",
"targetkey",
"webordatabase",
"webdbsite",
"webdbinstance"
],
"properties":{
"role":{
"title":"role",
"allOf":[
{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"None",
"Workstation",
"Member Server",
"Domain Controller"
]
}
]
}
],
"propertyType":"element",
"elementName":{
"localPart":"ROLE",
"namespaceURI":""
}
},
"assettype":{
"title":"assettype",
"allOf":[
{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"Computing",
"Non-Computing"
]
}
]
}
],
"propertyType":"element",
"elementName":{
"localPart":"ASSET_TYPE",
"namespaceURI":""
}
},
"marking":{
"title":"marking",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"MARKING",
"namespaceURI":""
}
},
"hostname":{
"title":"hostname",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"HOST_NAME",
"namespaceURI":""
}
},
"hostip":{
"title":"hostip",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"HOST_IP",
"namespaceURI":""
}
},
"hostmac":{
"title":"hostmac",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"HOST_MAC",
"namespaceURI":""
}
},
"hostguid":{
"title":"hostguid",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"HOST_GUID",
"namespaceURI":""
}
},
"hostfqdn":{
"title":"hostfqdn",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"HOST_FQDN",
"namespaceURI":""
}
},
"targetcomment":{
"title":"targetcomment",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"TARGET_COMMENT",
"namespaceURI":""
}
},
"techarea":{
"title":"techarea",
"allOf":[
{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"",
"Application Review",
"Boundary Security",
"CDS Admin Review",
"CDS Technical Review",
"Database Review",
"Domain Name System (DNS)",
"Exchange Server",
"Host Based System Security (HBSS)",
"Internal Network",
"Mobility",
"Releasable Networks (REL)",
"Releaseable Networks (REL)",
"Traditional Security",
"UNIX OS",
"VVOIP Review",
"Web Review",
"Windows OS",
"Other Review"
]
}
]
}
],
"propertyType":"element",
"elementName":{
"localPart":"TECH_AREA",
"namespaceURI":""
}
},
"targetkey":{
"title":"targetkey",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"TARGET_KEY",
"namespaceURI":""
}
},
"stigguid":{
"title":"stigguid",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"STIG_GUID",
"namespaceURI":""
}
},
"webordatabase":{
"title":"webordatabase",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/boolean"
}
],
"propertyType":"element",
"elementName":{
"localPart":"WEB_OR_DATABASE",
"namespaceURI":""
}
},
"webdbsite":{
"title":"webdbsite",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"WEB_DB_SITE",
"namespaceURI":""
}
},
"webdbinstance":{
"title":"webdbinstance",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"WEB_DB_INSTANCE",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"role",
"assettype",
"marking",
"hostname",
"hostip",
"hostmac",
"hostguid",
"hostfqdn",
"targetcomment",
"techarea",
"targetkey",
"stigguid",
"webordatabase",
"webdbsite",
"webdbinstance"
]
},
"SIDATA":{
"type":"object",
"title":"SIDATA",
"required":[
"sidname"
],
"properties":{
"sidname":{
"title":"sidname",
"allOf":[
{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"classification",
"customname",
"description",
"filename",
"notice",
"releaseinfo",
"source",
"stigid",
"title",
"uuid",
"version"
]
}
]
}
],
"propertyType":"element",
"elementName":{
"localPart":"SID_NAME",
"namespaceURI":""
}
},
"siddata":{
"title":"siddata",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"SID_DATA",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"sidname",
"siddata"
]
},
"STIGS":{
"type":"object",
"title":"STIGS",
"required":[
"istig"
],
"properties":{
"istig":{
"title":"istig",
"allOf":[
{
"type":"array",
"items":{
"$ref":"#/definitions/ISTIG"
},
"minItems":1
}
],
"propertyType":"element",
"elementName":{
"localPart":"iSTIG",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"istig"
]
},
"STIGINFO":{
"type":"object",
"title":"STIGINFO",
"required":[
"sidata"
],
"properties":{
"sidata":{
"title":"sidata",
"allOf":[
{
"type":"array",
"items":{
"$ref":"#/definitions/SIDATA"
},
"minItems":1
}
],
"propertyType":"element",
"elementName":{
"localPart":"SI_DATA",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"sidata"
]
},
"CHECKLIST":{
"type":"object",
"title":"CHECKLIST",
"required":[
"asset",
"stigs"
],
"properties":{
"asset":{
"title":"asset",
"allOf":[
{
"$ref":"#/definitions/ASSET"
}
],
"propertyType":"element",
"elementName":{
"localPart":"ASSET",
"namespaceURI":""
}
},
"stigs":{
"title":"stigs",
"allOf":[
{
"$ref":"#/definitions/STIGS"
}
],
"propertyType":"element",
"elementName":{
"localPart":"STIGS",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"asset",
"stigs"
]
},
"VULN":{
"type":"object",
"title":"VULN",
"required":[
"stigdata",
"status",
"findingdetails",
"comments",
"severityoverride",
"severityjustification"
],
"properties":{
"stigdata":{
"title":"stigdata",
"allOf":[
{
"type":"array",
"items":{
"$ref":"#/definitions/STIGDATA"
},
"minItems":1
}
],
"propertyType":"element",
"elementName":{
"localPart":"STIG_DATA",
"namespaceURI":""
}
},
"status":{
"title":"status",
"allOf":[
{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"NotAFinding",
"Open",
"Not_Applicable",
"Not_Reviewed"
]
}
]
}
],
"propertyType":"element",
"elementName":{
"localPart":"STATUS",
"namespaceURI":""
}
},
"findingdetails":{
"title":"findingdetails",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"FINDING_DETAILS",
"namespaceURI":""
}
},
"comments":{
"title":"comments",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"COMMENTS",
"namespaceURI":""
}
},
"severityoverride":{
"title":"severityoverride",
"allOf":[
{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"",
"low",
"medium",
"high"
]
}
]
}
],
"propertyType":"element",
"elementName":{
"localPart":"SEVERITY_OVERRIDE",
"namespaceURI":""
}
},
"severityjustification":{
"title":"severityjustification",
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
],
"propertyType":"element",
"elementName":{
"localPart":"SEVERITY_JUSTIFICATION",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"stigdata",
"status",
"findingdetails",
"comments",
"severityoverride",
"severityjustification"
]
},
"ISTIG":{
"type":"object",
"title":"ISTIG",
"required":[
"stiginfo",
"vuln"
],
"properties":{
"stiginfo":{
"title":"stiginfo",
"allOf":[
{
"$ref":"#/definitions/STIGINFO"
}
],
"propertyType":"element",
"elementName":{
"localPart":"STIG_INFO",
"namespaceURI":""
}
},
"vuln":{
"title":"vuln",
"allOf":[
{
"type":"array",
"items":{
"$ref":"#/definitions/VULN"
},
"minItems":1
}
],
"propertyType":"element",
"elementName":{
"localPart":"VULN",
"namespaceURI":""
}
}
},
"typeType":"classInfo",
"propertiesOrder":[
"stiginfo",
"vuln"
]
}
},
"anyOf":[
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"WEB_DB_INSTANCE"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"WEB_DB_INSTANCE",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"TARGET_KEY"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"TARGET_KEY",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"ROLE"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"None",
"Workstation",
"Member Server",
"Domain Controller"
]
}
]
}
},
"elementName":{
"localPart":"ROLE",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"MARKING"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"MARKING",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"SID_NAME"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"classification",
"customname",
"description",
"filename",
"notice",
"releaseinfo",
"source",
"stigid",
"title",
"uuid",
"version"
]
}
]
}
},
"elementName":{
"localPart":"SID_NAME",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"HOST_NAME"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"HOST_NAME",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"SEVERITY_OVERRIDE"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"",
"low",
"medium",
"high"
]
}
]
}
},
"elementName":{
"localPart":"SEVERITY_OVERRIDE",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"HOST_FQDN"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"HOST_FQDN",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"FINDING_DETAILS"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"FINDING_DETAILS",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"SEVERITY_JUSTIFICATION"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"SEVERITY_JUSTIFICATION",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"STIG_DATA"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/STIGDATA"
}
},
"elementName":{
"localPart":"STIG_DATA",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"HOST_MAC"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"HOST_MAC",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"HOST_GUID"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"HOST_GUID",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"STATUS"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"NotAFinding",
"Open",
"Not_Applicable",
"Not_Reviewed"
]
}
]
}
},
"elementName":{
"localPart":"STATUS",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"COMMENTS"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"COMMENTS",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"VULN"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/VULN"
}
},
"elementName":{
"localPart":"VULN",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"STIG_INFO"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/STIGINFO"
}
},
"elementName":{
"localPart":"STIG_INFO",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"ASSET"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/ASSET"
}
},
"elementName":{
"localPart":"ASSET",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"CHECKLIST"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/CHECKLIST"
}
},
"elementName":{
"localPart":"CHECKLIST",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"iSTIG"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/ISTIG"
}
},
"elementName":{
"localPart":"iSTIG",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"HOST_IP"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"HOST_IP",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"STIG_GUID"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"STIG_GUID",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"WEB_OR_DATABASE"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/boolean"
}
},
"elementName":{
"localPart":"WEB_OR_DATABASE",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"SID_DATA"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"SID_DATA",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"TECH_AREA"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"",
"Application Review",
"Boundary Security",
"CDS Admin Review",
"CDS Technical Review",
"Database Review",
"Domain Name System (DNS)",
"Exchange Server",
"Host Based System Security (HBSS)",
"Internal Network",
"Mobility",
"Releasable Networks (REL)",
"Releaseable Networks (REL)",
"Traditional Security",
"UNIX OS",
"VVOIP Review",
"Web Review",
"Windows OS",
"Other Review"
]
}
]
}
},
"elementName":{
"localPart":"TECH_AREA",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"ATTRIBUTE_DATA"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"ATTRIBUTE_DATA",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"ASSET_TYPE"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"Computing",
"Non-Computing"
]
}
]
}
},
"elementName":{
"localPart":"ASSET_TYPE",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"VULN_ATTRIBUTE"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/string"
},
{
"enum":[
"CCI_REF",
"Check_Content",
"Check_Content_Ref",
"Class",
"Documentable",
"False_Negatives",
"False_Positives",
"Fix_Text",
"Group_Title",
"IA_Controls",
"Mitigation_Control",
"Mitigations",
"Potential_Impact",
"Responsibility",
"Rule_ID",
"Rule_Title",
"Rule_Ver",
"STIGRef",
"Security_Override_Guidance",
"Severity",
"Third_Party_Tools",
"Vuln_Discuss",
"Vuln_Num",
"Weight",
"TargetKey",
"STIG_UUID",
"LEGACY_ID"
]
}
]
}
},
"elementName":{
"localPart":"VULN_ATTRIBUTE",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"TARGET_COMMENT"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"TARGET_COMMENT",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"SI_DATA"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/SIDATA"
}
},
"elementName":{
"localPart":"SI_DATA",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"WEB_DB_SITE"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"XMLSchema.jsonschema#/definitions/string"
}
},
"elementName":{
"localPart":"WEB_DB_SITE",
"namespaceURI":""
}
},
{
"type":"object",
"properties":{
"name":{
"allOf":[
{
"$ref":"XMLSchema.jsonschema#/definitions/QName"
},
{
"type":"object",
"properties":{
"localPart":{
"enum":[
"STIGS"
]
},
"namespaceURI":{
"enum":[
""
]
}
}
}
]
},
"value":{
"$ref":"#/definitions/STIGS"
}
},
"elementName":{
"localPart":"STIGS",
"namespaceURI":""
}
}
]
}
Use the following command line syntax to generate a file with the type structure to use.
npx quicktype -l ts -s schema --src <PATH-TO-JSONSCHEMA-FILE.jsonschema> -o <PATH-TO-CREATE-FILE.ts> --runtime-typecheck
You may find you will have to install quicktype if not install if you receive this message:
Need to install the following packages:
quicktype@#.#.#
Ok to proceed? (y)
The resulting file will contain both the type structure and a class for parsing json strings. This class is not necessary for Heimdall and can be removed.
The types should be tightened up in a few ways. For example, any
should be substituted with actual types or unknown
, allowance for generic indexable fields (i.e. [property: string]: any
) should be removed unless that type is intended on being expandable in that fashion, and the syntax should be changed from interface
to type
.
// ORIGINAL
export interface Name {
};
// CHANGE TO
export type Name = {
};
Store the contents of the type in a <FILE-NAME>.d.ts
file under the /types directory.
Specific details for a particular map or HDF Converters file can be found here.
An abstract class added to assist with implementation of JSONIX library. Contains a constructor that requires the XML string of the file and the type object generated from the quicktype
command.
The class also contains a toJsonix()
function that uses the map object generated from the jsonix-schema-compiler
and returns a Jsonix mapped object. This object can then be used to map directly to HDF.
However, in some instances, it may be more useful to create an intermediate object that flattens and makes the elements directly accessible. As example, if the schema defines key-value pairs as the values of repeated elements such as:
{
"sidname": "version",
"siddata": "1"
},
{
"sidname": "description",
"siddata": "This STIG is published ..."
} ...
In this scenario, making an intermediate object allows for the use of path
keyword when mapping to HDF rather than relying on string matching. Turning the above example into:
{
"version": "1",
"description": "This STIG is published ..."
}
This is the purpose of this abstract class. It will require the type object generated from the quicktype
command and the hand-created type generated by the implementation of the abstract function toIntermediateObject()
. The implementation of an intermediate object is to stay as close to the structure of the schema. Since this is a custom implementation, the type is not something automated.
The spreadsheet below contains the following headers and are defined as follows:
- Checklist - Elements found in Checklist file
- Checklist (intermediate Object found in Passthrough) - Object used in Checklist Mapper
- Typical Values and/or StigViewer area - What are the typical values (and default if defined) and where in StigViewer is it found
- is Searchable? - Does StigViewer provide a filter or search option for field?
- HDF - What part of the HDF schema is matched to
- Notes - Extra details
Correlation Spreadsheet
Checklist | ChecklistFile (intermediate Object found in Passthrough) | Typical Values and/or StigViewer area | is Searchable? | HDF | Notes |
---|---|---|---|---|---|
ASSET | ChecklistAsset | ||||
ROLE | role | Default None | Workstation | Member Server | Domain Controller | |||
ASSET_TYPE | assettype | Target Data (Computing | Non-Computing) | |||
MARKING | marking | Target Data (default CUI) | Hardcoded to CUI: private String marking = "CUI"; | ||
HOST_NAME | hostname | Target Data | |||
HOST_IP | hostip | Target Data | |||
HOST_MAC | hostmac | Target Data | |||
HOST_GUID | |||||
HOST_FQDN | hostfqdn | Target Data | |||
TARGET_COMMENT | targetcomment | Target Data | |||
TECH_AREA | techarea | Under Technology Area - dropdown | There is a supported spelling error | ||
TARKET_KEY | targetkey | First non-empty vuln attr.TargetKey | if (cs.size() > 0 && ( (STIG)cs.get(0)).getVulnList().size() > 0) this.Checklist.setTargetKey(((Vuln)((STIG)cs .get(0)).getVulnList().get(0)).getAttr(Vuln.VulnAttr.TargetKey)); | ||
STIG_GUID | |||||
WEB_OR_DATABASE | webordatabase | Checkbox Boolean default False | |||
WEB_DB_SITE | webdbsite | If above is true | |||
WEB_DB_INSTANCE | webdbinstance | If above is true | |||
STIGS | ChecklistStig | ||||
iSTIG | |||||
STIG_INFO | StigHeader | ||||
CLASSIFICATION | classification | Default UNCLASSIFIED | UNCLASSIFIED//FOR OFFICIAL USE ONLY | CUI | This alters Vuln.Class to equal Unclass | FOUO | CUI and this is what appears next to Classification in viewer | ||
CUSTOMNAME | customname | Typically empty | Does not appear to have a viewable component linked | ||
DESCRIPTION | description | Either This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]. OR This Security Requirements Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]. | profiles.summary | This can also be blank and appears the Export is using some concatenation of the filename + version + sha256 + maintainer + copyright + copyright_email + number of controls | |
FILENAME | filename | Specific XXCDF Filename | |||
NOTICE | notice | Only value I have seen is terms-of-use | profiles.license | Code in source that parses it does not appear in viewer case "notice": this.ImportSTIG.setSTIG_notice(parseXMLAttr("id")); | |
RELEASEINFO | releaseinfo | Release: # Benchmark Date: dd mon yyyy | Appears in 'title' at top after :: and Version # | ||
SOURCE | source | Only value I have seen is STIG.DOD.MIL | |||
STIGID | stigid | Seems to be a duplicate field of title but snake cased | |||
TITLE | title | Title of STIG | profiles.title && profiles.name | This appears as the first element at top | |
UUID | uuid | ||||
VERSION | version | Version # of the stig typically a number | profiles.version | This appears just after the 'title' and :: Version # | |
VULN | ChecklistVuln | ||||
STIG_DATA | |||||
CCI_REF | cciRef | List of CCI numbers | yes | profiles.controls.tags.cci && profiles.controls.tags.nist using transform | CCI Definitions and NIST Control Maps are down internally with the use of U_CCI_List.xml and displayed under References. Also appears as a column in center |
CHECK_CONTENT | checkContent | string | profiles.controls.descriptions as check | Appears as Check Text | |
CHECK_CONTENT_REF | checkContentRef | M always M | |||
CLASS | class | Unclass | FOUO | CUI | This is what appears next to Classification in viewer and seems to be controlled by the CLASSIFICATION value | ||
DOCUMENTABLE | documentable | Boolean | Only value I have seen is 'false' and is used during the StigViewer Export to print Yes or No. | ||
FALSE_NEGATIVES | falseNegatives | profiles.controls.tags.false_negatives | |||
FALSE_POSITIVES | falsePositives | profiles.controls.tags.false_positives | |||
FIX_TEXT | fixText | string | profiles.controls.descriptions as fix | Appears as Fix Text | |
GROUP_TITLE | groupTitle | profiles.controls.tags.gtitle | Appears as Rule Name in center | ||
IA_CONTROLS | iaControls | List of DOD-8500.2 controls | yes | profiles.controls.tags.ia_controls | If existing, appears under References as MISC Data |
MITIGATION_CONTROL | mitigationControls | profiles.controls.tags.mitigation_controls | |||
MITIGATIONS | mitigations | profiles.controls.tags.mitigations | |||
POTENTIAL_IMPACT | potentialImpact | profiles.controls.tags.potential_impact | |||
RESPONSIBILITY | responsibility | profiles.tags.responsibility | |||
RULE_ID | ruleId | Rule ID | yes | profiles.controls.tags.rid | Appears in center column as Rule ID and as field in header |
RULE_TITLE | ruleTitle | Rule Title | yes | profiles.controls.title | Appears as Rule Title |
RULE_VER | ruleVersion | STIG ID | yes | profiles.controls.tags.stigId | Appears in center column as STIG ID and as field in header |
STIGREF | stigRef | Full Title <title> :: Version , <release_info> | profiles.controls.tags.stig_ref | Appears at the top of the header area | |
SECURITY_OVERRIDE_GUIDANCE | securityOverrideGuidance | profiles.controls.tags.security_override_guidance | |||
SEVERITY | severity | low | medium | high | yes (as individuals) | profiles.controls.impact through transformer | Corresponds with CAT III | CAT II | CAT I |
THIRD_PARTY_TOOLS | thirdPartyTools | Typically empty | When this has a value it is displayed under MISC Data | ||
VULN_DISCUSS | vulnDiscuss | Discussion | profiles.controls.desc | Appears as Discussion | |
VULN_NUM | vulnNum | Vul ID | yes | profiles.controls.tags.gid && profiles.controls.id | Appears as Vul ID |
WEIGHT | weight | Unknown but typically always 10.0 | profiles.controls.tags.weight | ||
TARGETKEY | targetKey | Defined as "Asset Posture" under Vuln.class in STIG Viewer and typically a four digit number | Each STIG appears to have their own as each Vuln is the same under the same iSTIG object - not displayed | ||
STIG_UUID | stigUuid | ||||
LEGACY_ID | legacyId | Legacy Group ID THEN Rule ID | yes | profiles.controls.tags.legacy_id | Is displayed as Legacy IDs: in header |
STATUS | status | Not Reviewed | Open | Not a Finding | Not Applicable | yes (as individuals) | profiles.controls.results.status through transformer AND profiles.controls.impact through transformer | Displayed as dropdown at top |
FINDING_DETAILS | findingDetails | Findings | profiles.controle.results.code_desc && profiles.controls.results.message through transformer | Displayed as Finding Details full text area and uses setCHK_Notes as updater | |
COMMENTS | comments | Comments | profiles.controls.descriptions as comments | Displayed as Comments full text area and uses setCheckComment as updater | |
SEVERITY_OVERRIDE | severityOverride | ''| low | medium | high | profiles.controls.impact through transformer | Does not have a good display that the original severity was changed | |
SEVERITY_JUSTIFICATION | severityJustification | Reason for changing severity | profiles.controls.tags.severity_justification | Is not displayed anywhere |
Helping the overall cybersecurity strength of organizations.
- Home
- How to create a release
- Environment Variables Configuration
- Heimdall Authentication Methods
- Heimdall API Documentation
- Group and User Management
- Heimdall Interface Connections
- Heimdall Architecture Information
- Heimdall Class Diagrams
- Heimdall Development Tips & Tricks
- Heimdall Frontend Components
- Heimdall Processes Documentation
- Heimdall Heroku Documentation
- Developers Code Style
- Troubleshooting
- HDF Converter Mappings
- HDF Converters How Tos
- Manual Attestations
- Control Correlation Identifier (CCI) Converter