security_tools/tools/launchpad_cve_puller/cve_puller.py

from launchpadlib.launchpad import Launchpad
import requests
import json
import sys

# for http logging support:
import httplib2
httplib2.debuglevel = 1


class CvePuller:
    def __init__(self):
        self.cachedir = './launchpadlib/cachedir'
        self.url = 'https://api.launchpad.net/devel'
        self.launchpad = self.login()

    def login(self):
        return Launchpad.login_anonymously('just testing', 'production', self.cachedir)

    def cves(self):
        return self.launchpad.cves

    def cve(self, sequence_id):
        r = requests.get(
            '{}/bugs/cve/{}'.format(self.url, sequence_id))
        if r.status_code == 200:
            return r.json()
        else:
            print("HTTP Code: {}".format(r.status_code))

    def bug_from_cve(self, sequence_id):
        try:
            cve_json = self.cve(sequence_id)
            bug_link = cve_json['bugs_collection_link']
            return self.get_bug(bug_link)
        except:
            return 'Error occured while retrieving bug. Check HTTP status code for further information.'

    def activity_from_bug(self, bug_id):
        r = requests.get('{}/bugs/{}/activity'.format(self.url, bug_id))
        if r.status_code == 200:
            return r.json()
        else:
            print("HTTP Code: {}".format(r.status_code))

    def get_bug(self, bug_collection_link):
        r = requests.get(bug_collection_link)
        if r.status_code == 200:
            return r.json() 
        else:
            print("HTTP Code: {}".format(r.status_code))

    def bugs_with_cves(self):
        return self.launchpad.bugs.searchTasks(has_cve=True)

    def iterate_cve_bugs(self, num):
        bugs = []
        for bug in self.bugs_with_cves()[0:num]:
            bug_obj = bug.bug
            bugs.append(bug_obj)

            return bugs

    def cve_id_to_seq_id(self, cve_id):
        return cve_id[4:]


def json_pp(data):
    return json.dumps(data, indent=4)

puller = CvePuller()

cve_id = sys.argv[1]
sequence_id = puller.cve_id_to_seq_id(cve_id)

cve_json = puller.cve(sequence_id)
cve_json_pp = json_pp(cve_json)

bug_from_cve_json = puller.bug_from_cve(sequence_id)
bug_from_cve_json_pp = json_pp(bug_from_cve_json)

bug_ids = []

for entry in bug_from_cve_json['entries']:
    id = entry['id']
    bug_ids.append(id)

activity_results = []

for bug_id in bug_ids:
    activity = puller.activity_from_bug(bug_id)
    activity_pp = json_pp(activity)

print('Now looking up CVE: {}'.format(cve_id))
print('-------' * 12)
print('CVE JSON: {}'.format(cve_json_pp))
print('-------' * 12)
print('Bugs JSON: {}'.format(bug_from_cve_json_pp))
print('-------' * 12)

for bug_id in bug_ids:
    activity = puller.activity_from_bug(bug_id)
    activity_pp = json_pp(activity)
    print('Activity for bug_id {}: {}'.format(bug_id, activity_pp))