From ea1bab197a17dd944e41a583c82c3cc757bb566b Mon Sep 17 00:00:00 2001

From: Gabriel Becker <ggasparb@redhat.com>

Date: Wed, 4 Aug 2021 12:23:05 +0200

Subject: [PATCH] Update STIG mapping table to reflect statistics of coverage.

---

 .../shared_xccdf-apply-overlay-stig.xslt      | 59 +++++++++++++------

 .../transforms/shared_xccdf2table-stig.xslt   | 28 +++++++++

 2 files changed, 68 insertions(+), 19 deletions(-)

diff --git a/shared/transforms/shared_xccdf-apply-overlay-stig.xslt b/shared/transforms/shared_xccdf-apply-overlay-stig.xslt

index 945f709b95..b7c000608c 100644

--- a/shared/transforms/shared_xccdf-apply-overlay-stig.xslt

+++ b/shared/transforms/shared_xccdf-apply-overlay-stig.xslt

@@ -28,26 +28,47 @@

       <xsl:variable name="overlay_ref" select="@disa"/>

       <xsl:variable name="overlay_title" select="xccdf:title/@text"/>

-      <xsl:for-each select="$rules">

-        <xsl:if test="@id=$overlay_rule">

-		  <Group id="V-{$overlay_id}">

-		    <title>SRG-OS-ID</title>

-		    <description></description>

-            <Rule id="{$overlay_rule}" severity="{$overlay_severity}" >

-			<version><xsl:value-of select="$overlay_version"/></version>

-          	<title><xsl:value-of select="$overlay_title"/></title>

-          	<description><xsl:copy-of select="xccdf:rationale/node()" /></description>

-          	<check system="C-{$overlay_id}_chk">

-              <check-content>

-					      <xsl:apply-templates select="xccdf:check[@system='http://scap.nist.gov/schema/ocil/2']"/>

-              </check-content>

-          	</check>

-		  	<ident system="https://public.cyber.mil/stigs/cci"><xsl:value-of select="$overlay_ref" /></ident>

-          	<fixtext><xsl:copy-of select="xccdf:description/node()" /></fixtext>

-          </Rule> 

+      <xsl:choose>

+        <xsl:when test="$overlay_rule='XXXX'">

+          <Group id="V-{$overlay_id}">

+            <title>SRG-OS-ID</title>

+            <description></description>

+                <Rule id="Missing Rule" severity="{$overlay_severity}" >

+          <version><xsl:value-of select="$overlay_version"/></version>

+                <title><xsl:value-of select="$overlay_title"/></title>

+                <description></description>

+                <check system="C-{$overlay_id}_chk">

+                  <check-content>

+                  </check-content>

+                </check>

+                <ident></ident>

+                <fixtext></fixtext>

+              </Rule>

           </Group>

-        </xsl:if>

-      </xsl:for-each> 

+        </xsl:when>

+        <xsl:otherwise>

+          <xsl:for-each select="$rules">

+            <xsl:if test="@id=$overlay_rule">

+          <Group id="V-{$overlay_id}">

+            <title>SRG-OS-ID</title>

+            <description></description>

+                <Rule id="{$overlay_rule}" severity="{$overlay_severity}" >

+          <version><xsl:value-of select="$overlay_version"/></version>

+                <title><xsl:value-of select="$overlay_title"/></title>

+                <description><xsl:copy-of select="xccdf:rationale/node()" /></description>

+                <check system="C-{$overlay_id}_chk">

+                  <check-content>

+                    <xsl:apply-templates select="xccdf:check[@system='http://scap.nist.gov/schema/ocil/2']"/>

+                  </check-content>

+                </check>

+            <ident system="https://public.cyber.mil/stigs/cci"><xsl:value-of select="$overlay_ref" /></ident>

+                <fixtext><xsl:copy-of select="xccdf:description/node()" /></fixtext>

+              </Rule>

+              </Group>

+            </xsl:if>

+          </xsl:for-each>

+        </xsl:otherwise>

+    </xsl:choose>

     </xsl:for-each> 

     </xsl:copy>

diff --git a/shared/transforms/shared_xccdf2table-stig.xslt b/shared/transforms/shared_xccdf2table-stig.xslt

index 3746c386c0..4c477542f4 100644

--- a/shared/transforms/shared_xccdf2table-stig.xslt

+++ b/shared/transforms/shared_xccdf2table-stig.xslt

@@ -20,6 +20,34 @@

+

+			

+			

+				

+				  

+					Total

+					Missing

+					Implemented

+					Coverage

+					STIG ids missing rule

+				  

+				

+				

+				  

+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule))"/>

+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id='Missing Rule']))"/>

+					<xsl:value-of select="number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id!='Missing Rule']))"/>

+					<xsl:value-of select="format-number(count(/cdf:Benchmark/cdf:Group/cdf:Rule[@id!='Missing Rule']) div count(/cdf:Benchmark/cdf:Group/cdf:Rule)*100, '#.00')"/>%

+					

+						<xsl:for-each select="/cdf:Benchmark/cdf:Group/cdf:Rule[@id='Missing Rule']">

+							<xsl:value-of select="cdf:version/node()"/><xsl:text>
</xsl:text>

+						</xsl:for-each>

+					

+				  

+				

+				

+			

+

 			<xsl:apply-templates select="cdf:Benchmark"/>

 		</body>

 		</html>