|
1 | | -API Document |
| 1 | +Document for IoTcube API |
| 2 | +======================== |
| 3 | +This document is an outline and usage document of "IoTcube API". This document is an early version and describes the APIs that deal with the "Vulnerable Code Clone Detection" functionality of "Whitebox Testing" in IoTcube. |
| 4 | + |
| 5 | +Getting Started with API |
| 6 | +------------------------ |
| 7 | +Currently, the initial version of IoTcube API can receive vulnerability information in software by sending ".hidx file" (generated through *hmark*, <https://github.com/iotcube/hmark>) through **POST** method to our API address. |
| 8 | + |
| 9 | +**Address to send POST request** |
| 10 | +>**https://<span></span>iotcube.net/api/wf1** |
| 11 | +
|
| 12 | +**Params** |
| 13 | +* ***files***: the **path** and **contents** of the ".hidx file" (which you want to check for vulnerabilities). |
| 14 | +* ***headers***: your **user-agent** value |
| 15 | + |
| 16 | +**Return Field Definitions** |
| 17 | ++ **Common value** |
| 18 | + + **total_cve** - Total number of detected CVEs. |
| 19 | + + **total_vulfunc** - Total number of detected vulnerable functions. |
| 20 | + + **file_count** - Total number of files in uploaded '.hidx file'. |
| 21 | + + **func_count** - Total number of functions in uploaded '.hidx file'. |
| 22 | + + **line_count** - Total number of lines in uploaded '.hidx file'. |
| 23 | + |
| 24 | ++ **Vulnerability exists** |
| 25 | + + **cveid** - The CVE value of the vulnerability. |
| 26 | + + **cwe** - The CWE value of the vulnerability. |
| 27 | + + **cvss** - The CVSS value of the vulnerability. |
| 28 | + + **file** - The file path where the vulnerability exists. |
| 29 | + + **funcid** - The function number in the file (*See hmark*). |
| 30 | + + **diff** - Patch information for this vulnerability. |
| 31 | + |
| 32 | +Result (JSON) |
| 33 | +------------- |
| 34 | +``` |
| 35 | +[ |
| 36 | + { |
| 37 | + "total_cve" : 5, |
| 38 | + "total_vulfunc": 6, |
| 39 | + "file_count" : 100, |
| 40 | + "func_count" : 1000, |
| 41 | + "line_count" : 10000, |
| 42 | + }, |
| 43 | + { |
| 44 | + "cveid" : "CVE-2018-0000", |
| 45 | + "cwe" : "CWE-119", |
| 46 | + "cvss" : "10.0", |
| 47 | + "file" : "Path/to/file", |
| 48 | + "funcid": "5", |
| 49 | + "diff" : "https://iotcube.net/whitebox/diff/.../CVE-2018-0000_....diff", |
| 50 | + }, … , |
| 51 | + { |
| 52 | + … |
| 53 | + } |
| 54 | +] |
| 55 | +``` |
| 56 | +Sample codes |
| 57 | +------------ |
| 58 | +See *'example'* directory. |
| 59 | + |
| 60 | +About |
| 61 | +----- |
| 62 | +This document and code is authored and maintained by Seunghoon Woo. |
| 63 | +>seunghoonwoo@<span></span>korea.ac.kr |
0 commit comments