cvss_tools/

lib.rs

use std::collections::HashMap;
use std::fs::File;
use std::io::BufReader;
mod macro_vector_values;
use macro_vector_values::build_macro_vector_values;

fn build_av_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("N".to_string(), 0.0),
        ("A".to_string(), 0.1),
        ("L".to_string(), 0.2),
        ("P".to_string(), 0.3),
    ])
}

fn build_pr_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("N".to_string(), 0.0),
        ("L".to_string(), 0.1),
        ("H".to_string(), 0.2),
    ])
}

fn build_ui_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("N".to_string(), 0.0),
        ("P".to_string(), 0.1),
        ("A".to_string(), 0.2),
    ])
}

fn build_ac_levels() -> HashMap<String, f64> {
    HashMap::from([("L".to_string(), 0.0), ("H".to_string(), 0.1)])
}

fn build_at_levels() -> HashMap<String, f64> {
    HashMap::from([("N".to_string(), 0.0), ("P".to_string(), 0.1)])
}

fn build_vc_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("H".to_string(), 0.0),
        ("L".to_string(), 0.1),
        ("N".to_string(), 0.2),
    ])
}

fn build_vi_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("H".to_string(), 0.0),
        ("L".to_string(), 0.1),
        ("N".to_string(), 0.2),
    ])
}

fn build_va_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("H".to_string(), 0.0),
        ("L".to_string(), 0.1),
        ("N".to_string(), 0.2),
    ])
}

fn build_sc_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("H".to_string(), 0.1),
        ("L".to_string(), 0.2),
        ("N".to_string(), 0.3),
    ])
}

fn build_si_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("S".to_string(), 0.0),
        ("H".to_string(), 0.1),
        ("L".to_string(), 0.2),
        ("N".to_string(), 0.3),
    ])
}

fn build_sa_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("S".to_string(), 0.0),
        ("H".to_string(), 0.1),
        ("L".to_string(), 0.2),
        ("N".to_string(), 0.3),
    ])
}

fn build_cr_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("H".to_string(), 0.0),
        ("M".to_string(), 0.1),
        ("L".to_string(), 0.2),
    ])
}

fn build_ir_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("H".to_string(), 0.0),
        ("M".to_string(), 0.1),
        ("L".to_string(), 0.2),
    ])
}

fn build_ar_levels() -> HashMap<String, f64> {
    HashMap::from([
        ("H".to_string(), 0.0),
        ("M".to_string(), 0.1),
        ("L".to_string(), 0.2),
    ])
}

fn build_default_metric_values() -> HashMap<String, String> {
    HashMap::from([
        ("AV".to_string(), "N".to_string()),
        ("AC".to_string(), "L".to_string()),
        ("AT".to_string(), "N".to_string()),
        ("PR".to_string(), "N".to_string()),
        ("UI".to_string(), "N".to_string()),
        ("VC".to_string(), "N".to_string()),
        ("VI".to_string(), "N".to_string()),
        ("VA".to_string(), "N".to_string()),
        ("SC".to_string(), "N".to_string()),
        ("SI".to_string(), "N".to_string()),
        ("SA".to_string(), "N".to_string()),
        ("S".to_string(), "X".to_string()),
        ("AU".to_string(), "X".to_string()),
        ("R".to_string(), "X".to_string()),
        ("V".to_string(), "X".to_string()),
        ("RE".to_string(), "X".to_string()),
        ("U".to_string(), "X".to_string()),
        ("MAV".to_string(), "X".to_string()),
        ("MAC".to_string(), "X".to_string()),
        ("MAT".to_string(), "X".to_string()),
        ("MPR".to_string(), "X".to_string()),
        ("MUI".to_string(), "X".to_string()),
        ("MVC".to_string(), "X".to_string()),
        ("MVI".to_string(), "X".to_string()),
        ("MVA".to_string(), "X".to_string()),
        ("MSC".to_string(), "X".to_string()),
        ("MSI".to_string(), "X".to_string()),
        ("MSA".to_string(), "X".to_string()),
        ("CR".to_string(), "X".to_string()),
        ("IR".to_string(), "X".to_string()),
        ("AR".to_string(), "X".to_string()),
        ("E".to_string(), "X".to_string()),
    ])
}

fn build_full_vector(mut vector: HashMap<String, String>) -> HashMap<String, String> {
    for (metric, value) in build_default_metric_values() {
        if vector.contains_key(&metric) {
            continue;
        }

        vector.insert(metric, value);
    }

    vector
}

fn preprocess_vector(vector: String) -> HashMap<String, String> {
    let mut result: HashMap<String, String> = HashMap::new();
    for metric_data in vector.split("/") {
        if metric_data.contains("CVSS") {
            continue;
        }

        let metric_and_value: Vec<&str> = metric_data.split(":").collect();
        if metric_and_value == vec!["".to_string()] {
            continue;
        }

        result.insert(
            metric_and_value[0].to_string(),
            metric_and_value[1].to_string(),
        );
    }

    result
}

fn get_m(vector: HashMap<String, String>, metric: String) -> String {
    // If E=X it will default to the worst case i.e. E=A
    if metric == "E" && vector[&metric] == "X" {
        return "A".to_string();
    }

    // If CR=X, IR=X or AR=X they will default to the worst case i.e. CR=H, IR=H and AR=H
    if metric == "CR" && vector[&metric] == "X" {
        return "H".to_string();
    }

    // IR:X is the same as IR:H
    if metric == "IR" && vector[&metric] == "X" {
        return "H".to_string();
    }
    // AR:X is the same as AR:H
    if metric == "AR" && vector[&metric] == "X" {
        return "H".to_string();
    }

    // All other environmental metrics just overwrite base score values,
    // so if they’re not defined just use the base score value.
    let metric_with_m: String = "M".to_string() + &metric;
    if vector.contains_key(&metric_with_m) {
        if vector[&metric_with_m] != "X" {
            return match vector.get(&metric_with_m) {
                Some(metric_value) => metric_value.to_string(),
                None => "".to_string(),
            };
        }
    }

    match vector.get(&metric) {
        Some(metric_value) => metric_value.to_string(),
        None => "".to_string(),
    }
}

fn get_eq_1(vector: HashMap<String, String>) -> u8 {
    let av_value: String = get_m(vector.clone(), "AV".to_string());
    let pr_value: String = get_m(vector.clone(), "PR".to_string());
    let ui_value: String = get_m(vector.clone(), "UI".to_string());

    if av_value == "N" && pr_value == "N" && ui_value == "N" {
        return 0;
    }

    if (av_value == "N" || pr_value == "N" || ui_value == "N")
        && !(av_value == "N" && pr_value == "N" && ui_value == "N")
        && !(av_value == "P")
    {
        return 1;
    }

    if av_value == "P" || !(av_value == "N" || pr_value == "N" || ui_value == "N") {
        return 2;
    }

    0
}
fn get_eq_2(vector: HashMap<String, String>) -> u8 {
    // EQ2: 0-(AC:L and AT:N)
    //      1-(not(AC:L and AT:N))
    let ac_value: String = get_m(vector.clone(), "AC".to_string());
    let at_value: String = get_m(vector.clone(), "AT".to_string());
    if ac_value == "L" && at_value == "N" {
        return 0;
    }

    if !(ac_value == "L" && at_value == "N") {
        return 1;
    }

    0
}
fn get_eq_3(vector: HashMap<String, String>) -> u8 {
    // EQ3: 0-(VC:H and VI:H)
    //      1-(not(VC:H and VI:H) and (VC:H or VI:H or VA:H))
    //      2-not (VC:H or VI:H or VA:H)
    let vc_value: String = get_m(vector.clone(), "VC".to_string());
    let vi_value: String = get_m(vector.clone(), "VI".to_string());
    let va_value: String = get_m(vector.clone(), "VA".to_string());

    if vc_value == "H" && vi_value == "H" {
        return 0;
    }

    if !(vc_value == "H" && vi_value == "H")
        && (vc_value == "H" || vi_value == "H" || va_value == "H")
    {
        return 1;
    }

    if !(vc_value == "H" || vi_value == "H" || va_value == "H") {
        return 2;
    }

    0
}

fn get_eq_4(vector: HashMap<String, String>) -> u8 {
    // EQ4: 0-(MSI:S or MSA:S)
    //      1-not (MSI:S or MSA:S) and (SC:H or SI:H or SA:H)
    //      2-not (MSI:S or MSA:S) and not (SC:H or SI:H or SA:H)

    let msi_value: String = get_m(vector.clone(), "MSI".to_string());
    let msa_value: String = get_m(vector.clone(), "MSA".to_string());
    let si_value: String = get_m(vector.clone(), "SI".to_string());
    let sa_value: String = get_m(vector.clone(), "SA".to_string());
    let sc_value: String = get_m(vector.clone(), "SC".to_string());

    if msi_value == "S" || msa_value == "S" {
        return 0;
    }

    if !(msi_value == "S" || msa_value == "S")
        && (sc_value == "H" || si_value == "H" || sa_value == "H")
    {
        return 1;
    }

    if !(msi_value == "S" || msa_value == "S")
        && !(sc_value == "H" || si_value == "H" || sa_value == "H")
    {
        return 2;
    }

    0
}

fn get_eq_5(vector: HashMap<String, String>) -> u8 {
    // EQ5: 0-E:A
    //      1-E:P
    //      2-E:U

    match get_m(vector.clone(), "E".to_string()).as_str() {
        "A" => 0,
        "P" => 1,
        "U" => 2,
        _ => 0,
    }
}

fn get_eq_6(vector: HashMap<String, String>) -> u8 {
    // EQ6: 0-(CR:H and VC:H) or (IR:H and VI:H) or (AR:H and VA:H)
    //      1-not[(CR:H and VC:H) or (IR:H and VI:H) or (AR:H and VA:H)]

    let cr_value: String = get_m(vector.clone(), "CR".to_string());
    let ir_value: String = get_m(vector.clone(), "IR".to_string());
    let ar_value: String = get_m(vector.clone(), "AR".to_string());

    let vc_value: String = get_m(vector.clone(), "VC".to_string());
    let vi_value: String = get_m(vector.clone(), "VI".to_string());
    let va_value: String = get_m(vector.clone(), "VA".to_string());

    if (cr_value == "H" && vc_value == "H")
        || (ir_value == "H" && vi_value == "H")
        || (ar_value == "H" && va_value == "H")
    {
        return 0;
    } else if !((cr_value == "H" && vc_value == "H")
        || (ir_value == "H" && vi_value == "H")
        || (ar_value == "H" && va_value == "H"))
    {
        return 1;
    }

    return 0;
}

fn calculate_macro_vector(vector: HashMap<String, String>) -> HashMap<String, u8> {
    HashMap::from([
        ("eq_1".to_string(), get_eq_1(vector.clone())),
        ("eq_2".to_string(), get_eq_2(vector.clone())),
        ("eq_3".to_string(), get_eq_3(vector.clone())),
        ("eq_4".to_string(), get_eq_4(vector.clone())),
        ("eq_5".to_string(), get_eq_5(vector.clone())),
        ("eq_6".to_string(), get_eq_6(vector.clone())),
    ])
}

fn build_max_composed() -> HashMap<String, HashMap<u8, Vec<String>>> {
    HashMap::from([
        (
            "eq1".to_string(),
            HashMap::from([
                (0, vec!["AV:N/PR:N/UI:N/".to_string()]),
                (
                    1,
                    vec![
                        "AV:A/PR:N/UI:N/".to_string(),
                        "AV:N/PR:L/UI:N/".to_string(),
                        "AV:N/PR:N/UI:P/".to_string(),
                    ],
                ),
                (
                    2,
                    vec!["AV:P/PR:N/UI:N/".to_string(), "AV:A/PR:L/UI:P/".to_string()],
                ),
            ]),
        ),
        (
            "eq2".to_string(),
            HashMap::from([
                (0, vec!["AC:L/AT:N/".to_string()]),
                (1, vec!["AC:H/AT:N/".to_string(), "AC:L/AT:P/".to_string()]),
            ]),
        ),
        (
            "eq4".to_string(),
            HashMap::from([
                (0 as u8, vec!["SC:H/SI:S/SA:S/".to_string()]),
                (1 as u8, vec!["SC:H/SI:H/SA:H/".to_string()]),
                (2 as u8, vec!["SC:L/SI:L/SA:L/".to_string()]),
            ]),
        ),
        (
            "eq5".to_string(),
            HashMap::from([
                (0 as u8, vec!["E:A/".to_string()]),
                (1 as u8, vec!["E:P/".to_string()]),
                (2 as u8, vec!["E:U/".to_string()]),
            ]),
        ),
    ])
}

fn build_max_composed_eq_3() -> HashMap<u8, HashMap<String, Vec<String>>> {
    HashMap::from([
        (
            0 as u8,
            HashMap::from([
                (
                    "0".to_string(),
                    vec!["VC:H/VI:H/VA:H/CR:H/IR:H/AR:H/".to_string()],
                ),
                (
                    "1".to_string(),
                    vec![
                        "VC:H/VI:H/VA:L/CR:M/IR:M/AR:H/".to_string(),
                        "VC:H/VI:H/VA:H/CR:M/IR:M/AR:M/".to_string(),
                    ],
                ),
            ]),
        ),
        (
            1 as u8,
            HashMap::from([
                (
                    "0".to_string(),
                    vec![
                        "VC:L/VI:H/VA:H/CR:H/IR:H/AR:H/".to_string(),
                        "VC:H/VI:L/VA:H/CR:H/IR:H/AR:H/".to_string(),
                    ],
                ),
                (
                    "1".to_string(),
                    vec![
                        "VC:L/VI:H/VA:L/CR:H/IR:M/AR:H/".to_string(),
                        "VC:L/VI:H/VA:H/CR:H/IR:M/AR:M/".to_string(),
                        "VC:H/VI:L/VA:H/CR:M/IR:H/AR:M/".to_string(),
                        "VC:H/VI:L/VA:L/CR:M/IR:H/AR:H/".to_string(),
                        "VC:L/VI:L/VA:H/CR:H/IR:H/AR:M/".to_string(),
                    ],
                ),
            ]),
        ),
        (
            2 as u8,
            HashMap::from([(
                "1".to_string(),
                vec!["VC:L/VI:L/VA:L/CR:H/IR:H/AR:H/".to_string()],
            )]),
        ),
    ])
}

fn get_eq_maxes(macro_vector: HashMap<String, u8>, eq: u8) -> Vec<String> {
    let eq_number = format!("eq{}", eq);
    let max_composed_value = &build_max_composed()[&eq_number];
    let macro_vector_value: u8 = macro_vector[&format!("eq_{}", eq).to_string()];
    max_composed_value[&macro_vector_value].clone()
}

fn get_eq_3_6_maxes(macro_vector: HashMap<String, u8>) -> Vec<String> {
    let max_composed_value = &build_max_composed_eq_3();
    let macro_vector_value: u8 = macro_vector["eq_3"];
    let result = max_composed_value[&macro_vector_value].clone();
    result[&macro_vector["eq_6"].to_string()].clone()
}

fn build_max_severity() -> HashMap<String, HashMap<i32, f64>> {
    HashMap::from([
        (
            "eq1".to_string(),
            HashMap::from([(0, 1.0), (1, 4.0), (2, 5.0)]),
        ),
        ("eq2".to_string(), HashMap::from([(0, 1.0), (1, 2.0)])),
        (
            "eq4".to_string(),
            HashMap::from([(0, 6.0), (1, 5.0), (2, 4.0)]),
        ),
        (
            "eq5".to_string(),
            HashMap::from([(0, 1.0), (1, 1.0), (2, 1.0)]),
        ),
    ])
}

fn build_eq3eq6_max_severity() -> HashMap<i32, HashMap<i32, f64>> {
    HashMap::from([
        (0, HashMap::from([(0, 7.0), (1, 6.0)])),
        (1, HashMap::from([(0, 8.0), (1, 8.0)])),
        (2, HashMap::from([(1, 10.0)])),
    ])
}

fn get_value_by_key(vector: HashMap<String, String>, key: String) -> String {
    match vector.get(&key) {
        Some(val) => (*val).clone(),
        None => "".to_string(),
    }
}

/// Calculate the score using the cvss vector of version 4.0
///
/// # Examples
///
/// ```
/// use cvss_tools::calculate_score_v_4;
///
/// let vector: String = "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N".to_string();
/// let score: f64 = calculate_score_v_4(vector);
///
/// assert_eq!(7.1, score);
/// ```
pub fn calculate_score_v_4(vector: String) -> f64 {
    let av_levels = build_av_levels();
    let pr_levels = build_pr_levels();
    let ui_levels = build_ui_levels();
    let ac_levels = build_ac_levels();
    let at_levels = build_at_levels();
    let vc_levels = build_vc_levels();
    let vi_levels = build_vi_levels();
    let va_levels = build_va_levels();
    let sc_levels = build_sc_levels();
    let si_levels = build_si_levels();
    let sa_levels = build_sa_levels();
    let cr_levels = build_cr_levels();
    let ir_levels = build_ir_levels();
    let ar_levels = build_ar_levels();

    let vector = preprocess_vector(vector);
    let vector = build_full_vector(vector);
    let macro_vector: HashMap<String, u8> = calculate_macro_vector(vector.clone());

    if ["VC", "VI", "VA", "SC", "SI", "SA"]
        .iter()
        .all(|&metric| get_m(vector.clone(), metric.to_string()) == "N")
    {
        return 0.0;
    }

    let macro_vector_ordered: Vec<u8> = vec![
        macro_vector["eq_1"],
        macro_vector["eq_2"],
        macro_vector["eq_3"],
        macro_vector["eq_4"],
        macro_vector["eq_5"],
        macro_vector["eq_6"],
    ];
    let mut score: f64 = match build_macro_vector_values().get(
        &macro_vector_ordered
            .iter()
            .map(|x| x.to_string())
            .collect::<Vec<String>>()
            .join(""),
    ) {
        Some(macro_vector_value) => *macro_vector_value,
        None => 0.0,
    };

    // compute next lower macro, it can also not exist
    let eq_1_next_lower_macro = vec![
        macro_vector["eq_1"] + 1,
        macro_vector["eq_2"],
        macro_vector["eq_3"],
        macro_vector["eq_4"],
        macro_vector["eq_5"],
        macro_vector["eq_6"],
    ]
    .iter()
    .map(|x| x.to_string())
    .collect::<Vec<String>>()
    .join("");

    let eq_2_next_lower_macro = vec![
        macro_vector["eq_1"],
        macro_vector["eq_2"] + 1,
        macro_vector["eq_3"],
        macro_vector["eq_4"],
        macro_vector["eq_5"],
        macro_vector["eq_6"],
    ]
    .iter()
    .map(|x| x.to_string())
    .collect::<Vec<String>>()
    .join("");

    // eq3 and eq6 are related
    let mut eq3eq6_next_lower_macro: String = String::new();
    let mut eq3eq6_next_lower_macro_left: String = String::new();
    let mut eq3eq6_next_lower_macro_right: String = String::new();
    let eq3: u8 = macro_vector["eq_3"];
    let eq6: u8 = macro_vector["eq_6"];
    if eq3 == 1 && eq6 == 1 {
        // 11 --> 21
        eq3eq6_next_lower_macro = vec![
            macro_vector["eq_1"],
            macro_vector["eq_2"],
            macro_vector["eq_3"] + 1,
            macro_vector["eq_4"],
            macro_vector["eq_5"],
            macro_vector["eq_6"],
        ]
        .iter()
        .map(|x| x.to_string())
        .collect::<Vec<String>>()
        .join("");
    } else if eq3 == 0 && eq6 == 1 {
        // 01 --> 11
        eq3eq6_next_lower_macro = vec![
            macro_vector["eq_1"],
            macro_vector["eq_2"],
            macro_vector["eq_3"] + 1,
            macro_vector["eq_4"],
            macro_vector["eq_5"],
            macro_vector["eq_6"],
        ]
        .iter()
        .map(|x| x.to_string())
        .collect::<Vec<String>>()
        .join("");
    } else if eq3 == 1 && eq6 == 0 {
        // 10 --> 11
        eq3eq6_next_lower_macro = vec![
            macro_vector["eq_1"],
            macro_vector["eq_2"],
            macro_vector["eq_3"],
            macro_vector["eq_4"],
            macro_vector["eq_5"],
            macro_vector["eq_6"] + 1,
        ]
        .iter()
        .map(|x| x.to_string())
        .collect::<Vec<String>>()
        .join("");
    } else if eq3 == 0 && eq6 == 0 {
        // 00 --> 01
        // 00 --> 10
        eq3eq6_next_lower_macro_left = vec![
            macro_vector["eq_1"],
            macro_vector["eq_2"],
            macro_vector["eq_3"],
            macro_vector["eq_4"],
            macro_vector["eq_5"],
            macro_vector["eq_6"] + 1,
        ]
        .iter()
        .map(|x| x.to_string())
        .collect::<Vec<String>>()
        .join("");
        eq3eq6_next_lower_macro_right = vec![
            macro_vector["eq_1"],
            macro_vector["eq_2"],
            macro_vector["eq_3"] + 1,
            macro_vector["eq_4"],
            macro_vector["eq_5"],
            macro_vector["eq_6"],
        ]
        .iter()
        .map(|x| x.to_string())
        .collect::<Vec<String>>()
        .join("");
    } else {
        // 21 --> 32 (do not exist)
        eq3eq6_next_lower_macro = vec![
            macro_vector["eq_1"],
            macro_vector["eq_2"],
            macro_vector["eq_3"] + 1,
            macro_vector["eq_4"],
            macro_vector["eq_5"],
            macro_vector["eq_6"] + 1,
        ]
        .iter()
        .map(|x| x.to_string())
        .collect::<Vec<String>>()
        .join("");
    }

    let eq4_next_lower_macro = vec![
        macro_vector["eq_1"],
        macro_vector["eq_2"],
        macro_vector["eq_3"],
        macro_vector["eq_4"] + 1,
        macro_vector["eq_5"],
        macro_vector["eq_6"],
    ]
    .iter()
    .map(|x| x.to_string())
    .collect::<Vec<String>>()
    .join("");

    let eq5_next_lower_macro = vec![
        macro_vector["eq_1"],
        macro_vector["eq_2"],
        macro_vector["eq_3"],
        macro_vector["eq_4"],
        macro_vector["eq_5"] + 1,
        macro_vector["eq_6"],
    ]
    .iter()
    .map(|x| x.to_string())
    .collect::<Vec<String>>()
    .join("");

    let score_eq1_next_lower_macro = match build_macro_vector_values().get(&eq_1_next_lower_macro) {
        Some(macro_vector_value) => *macro_vector_value,
        None => 0.0,
    };

    let score_eq2_next_lower_macro = match build_macro_vector_values().get(&eq_2_next_lower_macro) {
        Some(macro_vector_value) => *macro_vector_value,
        None => 0.0,
    };

    let mut score_eq3eq6_next_lower_macro: f64 = 0.0;
    if eq3 == 0 && eq6 == 0 {
        // multiple path take the one with higher score
        let score_eq3eq6_next_lower_macro_left =
            match build_macro_vector_values().get(&eq3eq6_next_lower_macro_left) {
                Some(value) => *value,
                None => 0.0,
            };

        let score_eq3eq6_next_lower_macro_right =
            match build_macro_vector_values().get(&eq3eq6_next_lower_macro_right) {
                Some(value) => *value,
                None => 0.0,
            };

        if score_eq3eq6_next_lower_macro_left > score_eq3eq6_next_lower_macro_right {
            score_eq3eq6_next_lower_macro = score_eq3eq6_next_lower_macro_left
        } else {
            score_eq3eq6_next_lower_macro = score_eq3eq6_next_lower_macro_right
        }
    } else {
        score_eq3eq6_next_lower_macro =
            match build_macro_vector_values().get(&eq3eq6_next_lower_macro) {
                Some(value) => *value,
                None => 0.0,
            };
    }

    let score_eq4_next_lower_macro = match build_macro_vector_values().get(&eq4_next_lower_macro) {
        Some(value) => *value,
        None => 0.0,
    };

    let score_eq5_next_lower_macro = match build_macro_vector_values().get(&eq5_next_lower_macro) {
        Some(value) => *value,
        None => 0.0,
    };

    //   b. The severity distance of the to-be scored vector from a
    //      highest severity vector in the same MacroVector is determined.
    let eq1_maxes = get_eq_maxes(macro_vector.clone(), 1);
    let eq2_maxes = get_eq_maxes(macro_vector.clone(), 2);
    let eq3_eq6_maxes = get_eq_3_6_maxes(macro_vector.clone());
    let eq4_maxes = get_eq_maxes(macro_vector.clone(), 4);
    let eq5_maxes = get_eq_maxes(macro_vector.clone(), 5);

    let mut max_vectors: Vec<String> = vec![];
    for eq1_max in &eq1_maxes {
        for eq2_max in &eq2_maxes {
            for eq3_eq6_max in &eq3_eq6_maxes {
                for eq4_max in &eq4_maxes {
                    for eq5_max in &eq5_maxes {
                        max_vectors.push(format!(
                            "{}{}{}{}{}",
                            eq1_max, eq2_max, eq3_eq6_max, eq4_max, eq5_max
                        ));
                    }
                }
            }
        }
    }

    let mut severity_distance_av: f64 = 0.0;
    let mut severity_distance_pr: f64 = 0.0;
    let mut severity_distance_ui: f64 = 0.0;
    let mut severity_distance_ac: f64 = 0.0;
    let mut severity_distance_at: f64 = 0.0;
    let mut severity_distance_vc: f64 = 0.0;
    let mut severity_distance_vi: f64 = 0.0;
    let mut severity_distance_va: f64 = 0.0;
    let mut severity_distance_sc: f64 = 0.0;
    let mut severity_distance_si: f64 = 0.0;
    let mut severity_distance_sa: f64 = 0.0;
    let mut severity_distance_cr: f64 = 0.0;
    let mut severity_distance_ir: f64 = 0.0;
    let mut severity_distance_ar: f64 = 0.0;

    for max_vector in &max_vectors {
        let max_vector_preprocessed = preprocess_vector(max_vector.to_string());
        severity_distance_av = av_levels[&get_m(vector.clone(), "AV".to_string())]
            - av_levels[&get_value_by_key(max_vector_preprocessed.clone(), "AV".to_string())];
        severity_distance_pr = pr_levels[&get_m(vector.clone(), "PR".to_string())]
            - pr_levels[&get_value_by_key(max_vector_preprocessed.clone(), "PR".to_string())];
        severity_distance_ui = ui_levels[&get_m(vector.clone(), "UI".to_string())]
            - ui_levels[&get_value_by_key(max_vector_preprocessed.clone(), "UI".to_string())];
        severity_distance_ac = ac_levels[&get_m(vector.clone(), "AC".to_string())]
            - ac_levels[&get_value_by_key(max_vector_preprocessed.clone(), "AC".to_string())];
        severity_distance_at = at_levels[&get_m(vector.clone(), "AT".to_string())]
            - at_levels[&get_value_by_key(max_vector_preprocessed.clone(), "AT".to_string())];
        severity_distance_vc = vc_levels[&get_m(vector.clone(), "VC".to_string())]
            - vc_levels[&get_value_by_key(max_vector_preprocessed.clone(), "VC".to_string())];
        severity_distance_vi = vi_levels[&get_m(vector.clone(), "VI".to_string())]
            - vi_levels[&get_value_by_key(max_vector_preprocessed.clone(), "VI".to_string())];
        severity_distance_va = va_levels[&get_m(vector.clone(), "VA".to_string())]
            - va_levels[&get_value_by_key(max_vector_preprocessed.clone(), "VA".to_string())];
        severity_distance_sc = sc_levels[&get_m(vector.clone(), "SC".to_string())]
            - sc_levels[&get_value_by_key(max_vector_preprocessed.clone(), "SC".to_string())];
        severity_distance_si = si_levels[&get_m(vector.clone(), "SI".to_string())]
            - si_levels[&get_value_by_key(max_vector_preprocessed.clone(), "SI".to_string())];
        severity_distance_sa = sa_levels[&get_m(vector.clone(), "SA".to_string())]
            - sa_levels[&get_value_by_key(max_vector_preprocessed.clone(), "SA".to_string())];
        severity_distance_cr = cr_levels[&get_m(vector.clone(), "CR".to_string())]
            - cr_levels[&get_value_by_key(max_vector_preprocessed.clone(), "CR".to_string())];
        severity_distance_ir = ir_levels[&get_m(vector.clone(), "IR".to_string())]
            - ir_levels[&get_value_by_key(max_vector_preprocessed.clone(), "IR".to_string())];
        severity_distance_ar = ar_levels[&get_m(vector.clone(), "AR".to_string())]
            - ar_levels[&get_value_by_key(max_vector_preprocessed.clone(), "AR".to_string())];

        if vec![
            severity_distance_av,
            severity_distance_pr,
            severity_distance_ui,
            severity_distance_ac,
            severity_distance_at,
            severity_distance_vc,
            severity_distance_vi,
            severity_distance_va,
            severity_distance_sc,
            severity_distance_si,
            severity_distance_sa,
            severity_distance_cr,
            severity_distance_ir,
            severity_distance_ar,
        ]
        .iter()
        .any(|x| x < &0.0)
        {
            continue;
        }

        break;
    }

    let current_severity_distance_eq1: f64 =
        severity_distance_av + severity_distance_pr + severity_distance_ui;
    let current_severity_distance_eq2: f64 = severity_distance_ac + severity_distance_at;
    let current_severity_distance_eq3eq6: f64 = severity_distance_vc
        + severity_distance_vi
        + severity_distance_va
        + severity_distance_cr
        + severity_distance_ir
        + severity_distance_ar;
    let current_severity_distance_eq4: f64 =
        severity_distance_sc + severity_distance_si + severity_distance_sa;

    let step: f64 = 0.1;

    // if the next lower macro score do not exist the result is Nan
    // Rename to maximal scoring difference (aka MSD)
    let mut available_distance_eq1: f64 = 0.0;
    if score_eq1_next_lower_macro != 0.0 {
        available_distance_eq1 = score - score_eq1_next_lower_macro;
    }

    let mut available_distance_eq2: f64 = 0.0;
    if score_eq2_next_lower_macro != 0.0 {
        available_distance_eq2 = score - score_eq2_next_lower_macro;
    }

    let mut available_distance_eq3eq6: f64 = 0.0;
    if score_eq3eq6_next_lower_macro != 0.0 {
        available_distance_eq3eq6 = score - score_eq3eq6_next_lower_macro;
    }

    let mut available_distance_eq4: f64 = 0.0;
    if score_eq4_next_lower_macro != 0.0 {
        available_distance_eq4 = score - score_eq4_next_lower_macro;
    }

    let mut available_distance_eq5: f64 = 0.0;
    if score_eq5_next_lower_macro != 0.0 {
        available_distance_eq5 = score - score_eq5_next_lower_macro;
    }

    // some of them do not exist, we will find them by retrieving the score. If score null then do not exist
    let mut n_existing_lower: f64 = 0.0;

    let mut normalized_severity_eq1: f64 = 0.0;
    let mut normalized_severity_eq2: f64 = 0.0;
    let mut normalized_severity_eq3eq6: f64 = 0.0;
    let mut normalized_severity_eq4: f64 = 0.0;
    let mut normalized_severity_eq5: f64 = 0.0;

    let max_severity = build_max_severity();
    let max_severity_eq1 = max_severity[&"eq1".to_string()][&(macro_vector["eq_1"] as i32)] * step;
    let max_severity_eq2 = max_severity[&"eq2".to_string()][&(macro_vector["eq_2"] as i32)] * step;
    let max_severity_eq3eq6 = build_eq3eq6_max_severity()[&(macro_vector["eq_3"] as i32)]
        [&(macro_vector["eq_6"] as i32)]
        * step;
    let max_severity_eq4 = max_severity[&"eq4".to_string()][&(macro_vector["eq_4"] as i32)] * step;

    if available_distance_eq1 != 0.0 {
        n_existing_lower += 1.0;
        let percent_to_next_eq1_severity = current_severity_distance_eq1 / max_severity_eq1;
        normalized_severity_eq1 = available_distance_eq1 * percent_to_next_eq1_severity;
    }

    if available_distance_eq2 != 0.0 {
        n_existing_lower += 1.0;
        let percent_to_next_eq2_severity = current_severity_distance_eq2 / max_severity_eq2;
        normalized_severity_eq2 = available_distance_eq2 * percent_to_next_eq2_severity;
    }

    if available_distance_eq3eq6 != 0.0 {
        n_existing_lower += 1.0;
        let percent_to_next_eq3eq6_severity =
            current_severity_distance_eq3eq6 / max_severity_eq3eq6;
        normalized_severity_eq3eq6 = available_distance_eq3eq6 * percent_to_next_eq3eq6_severity;
    }

    if available_distance_eq4 != 0.0 {
        n_existing_lower += 1.0;
        let percent_to_next_eq4_severity = (current_severity_distance_eq4) / max_severity_eq4;
        normalized_severity_eq4 = available_distance_eq4 * percent_to_next_eq4_severity;
    }

    if available_distance_eq5 != 0.0 {
        // for eq5 is always 0 the percentage
        n_existing_lower += 1.0;
        let percent_to_next_eq5_severity = 0.0;
        normalized_severity_eq5 = available_distance_eq5 * percent_to_next_eq5_severity;
    }

    // sometimes we need to go up but there is nothing there, or down but there is nothing there so it's a change of 0.
    let mean_distance: f64 = match n_existing_lower {
        value if value == 0.0 => 0.0,
        _ => {
            (normalized_severity_eq1
                + normalized_severity_eq2
                + normalized_severity_eq3eq6
                + normalized_severity_eq4
                + normalized_severity_eq5)
                / n_existing_lower
        }
    };

    score -= mean_distance;
    if score < 0.0 {
        score = 0.0;
    }

    if score > 10.0 {
        score = 10.0;
    }

    (score * 10.0).round() / 10.0
}

/// Calculate the severity by the score value for cvss v4.0
///
/// # Examples
///
/// ```
/// use cvss_tools::calculate_severity_v_4;
///
/// let score: f64 = 7.1;
/// let answer = calculate_severity_v_4(score);
///
/// assert_eq!("High".to_string(), answer);
/// ```
pub fn calculate_severity_v_4(score: f64) -> String {
    if score == 0.0 {
        "None".to_string()
    } else if score < 4.0 {
        "Low".to_string()
    } else if score < 7.0 {
        "Medium".to_string()
    } else if score < 9.0 {
        "High".to_string()
    } else {
        "Critical".to_string()
    }
}

/// Calculate the value of the Base cvss vector of version 2
///
/// # Examples
///
/// ```
/// use cvss_tools::calculate_base_score_v_2;
///
/// let vector: String = "AV:N/AC:L/Au:N/C:N/I:N/A:C".to_string();
/// let score: f64 = calculate_base_score_v_2(vector);
///
/// assert_eq!(score, 7.8);
/// ```
pub fn calculate_base_score_v_2(vector: String) -> f64 {
    let vector: HashMap<String, String> = preprocess_vector(vector);

    let access_vector: f64 = match vector["AV"].as_str() {
        "L" => 0.395,
        "A" => 0.646,
        "N" => 1.0,
        _ => panic!("Invalid value for AccessVector (AV)."),
    };

    let access_complexity: f64 = match vector["AC"].as_str() {
        "H" => 0.35,
        "M" => 0.61,
        "L" => 0.71,
        _ => panic!("Invalid value for AccessComplexity (AC)."),
    };

    let authentication: f64 = match vector["Au"].as_str() {
        "M" => 0.45,
        "S" => 0.56,
        "N" => 0.704,
        _ => panic!("Invalid value for Authentication (Au)."),
    };

    let conf_impact: f64 = match vector["C"].as_str() {
        "N" => 0.0,
        "P" => 0.275,
        "C" => 0.660,
        _ => panic!("Invalid value for Confidence Impact (C)."),
    };

    let integ_impact: f64 = match vector["I"].as_str() {
        "N" => 0.0,
        "P" => 0.275,
        "C" => 0.660,
        _ => panic!("Invalid value for IntegImpact (I)."),
    };

    let avail_impact: f64 = match vector["A"].as_str() {
        "N" => 0.0,
        "P" => 0.275,
        "C" => 0.660,
        _ => panic!("Invalid value for IntegImpact (A)."),
    };

    let impact: f64 =
        10.41 * (1.0 - (1.0 - conf_impact) * (1.0 - integ_impact) * (1.0 - avail_impact));
    let exploitability: f64 = 20.0 * access_vector * access_complexity * authentication;
    let f_impact: f64 = match impact {
        value if value == 0.0 => 0.0,
        _ => 1.176,
    };
    let score: f64 = (0.6 * impact + (0.4 * exploitability - 1.5)) * f_impact;

    (score * 10.0).round() / 10.0
}

/// Calculate the value of the Temp cvss vector of version 2
///
/// # Examples
///
/// ```
/// use cvss_tools::calculate_temp_score_v_2;
///
/// let vector: String = "E:F/RL:OF/RC:C".to_string();
/// let score: f64 = calculate_temp_score_v_2(7.8, vector);
///
/// assert_eq!(score, 6.4);
/// ```
pub fn calculate_temp_score_v_2(base_score: f64, temp_vector: String) -> f64 {
    let vector: HashMap<String, String> = preprocess_vector(temp_vector);
    let exploitability: f64 = match vector["E"].as_str() {
        "U" => 0.85,
        "POC" => 0.9,
        "F" => 0.95,
        "H" => 1.0,
        "ND" => 1.0,
        _ => panic!("Invalid value for Exploitability (E)."),
    };
    let remediation_level: f64 = match vector["RL"].as_str() {
        "OF" => 0.87,
        "TF" => 0.90,
        "W" => 0.95,
        "U" => 1.0,
        "ND" => 1.0,
        _ => panic!("Invalid value for RemediationLevel (RL)."),
    };
    let report_confidence: f64 = match vector["RC"].as_str() {
        "UC" => 0.90,
        "UR" => 0.95,
        "C" => 1.0,
        "ND" => 1.0,
        _ => panic!("Invalid value for ReportConfidence (RC)"),
    };

    let score: f64 = base_score * exploitability * remediation_level * report_confidence;

    (score * 10.0).round() / 10.0
}

/// Calculate the value of the Env cvss vector of version 2
///
/// # Examples
///
/// ```
/// use cvss_tools::calculate_env_score_v_2;
///
/// let vector: String = "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:H".to_string();
/// let score: f64 = calculate_env_score_v_2(vector);
///
/// assert_eq!(score, 9.2);
/// ```
pub fn calculate_env_score_v_2(vector: String) -> f64 {
    let vector: HashMap<String, String> = preprocess_vector(vector);

    let conf_impact: f64 = match vector["C"].as_str() {
        "N" => 0.0,
        "P" => 0.275,
        "C" => 0.660,
        _ => panic!("Invalid value for Confidence Impact (C)."),
    };

    let integ_impact: f64 = match vector["I"].as_str() {
        "N" => 0.0,
        "P" => 0.275,
        "C" => 0.660,
        _ => panic!("Invalid value for IntegImpact (I)."),
    };

    let collateral_damage_potential: f64 = match vector["CDP"].as_str() {
        "N" => 0.0,
        "L" => 0.1,
        "LM" => 0.3,
        "MH" => 0.4,
        "H" => 0.5,
        "ND" => 0.0,
        _ => panic!("Invalid value for CollateralDamagePotential (CDP)"),
    };

    let target_distribution: f64 = match vector["TD"].as_str() {
        "N" => 0.0,
        "L" => 0.25,
        "M" => 0.75,
        "H" => 1.0,
        "ND" => 1.0,
        _ => panic!("Invalid value for TargetDistribution (TD)"),
    };

    let conf_req: f64 = match vector["CR"].as_str() {
        "L" => 0.5,
        "M" => 1.0,
        "H" => 1.51,
        "ND" => 1.0,
        _ => panic!("Invalid value for ConfReq (CR)"),
    };

    let integ_req: f64 = match vector["IR"].as_str() {
        "L" => 0.5,
        "M" => 1.0,
        "H" => 1.51,
        "ND" => 1.0,
        _ => panic!("Invalid value for IntegReq (IR)"),
    };

    let avail_req: f64 = match vector["AR"].as_str() {
        "L" => 0.5,
        "M" => 1.0,
        "H" => 1.51,
        "ND" => 1.0,
        _ => panic!("Invalid value for AvailReq (AR)"),
    };

    let avail_impact: f64 = match vector["A"].as_str() {
        "N" => 0.0,
        "P" => 0.275,
        "C" => 0.660,
        _ => panic!("Invalid value for IntegImpact (A)."),
    };

    let access_vector: f64 = match vector["AV"].as_str() {
        "L" => 0.395,
        "A" => 0.646,
        "N" => 1.0,
        _ => panic!("Invalid value for AccessVector (AV)."),
    };

    let access_complexity: f64 = match vector["AC"].as_str() {
        "H" => 0.35,
        "M" => 0.61,
        "L" => 0.71,
        _ => panic!("Invalid value for AccessComplexity (AC)."),
    };

    let authentication: f64 = match vector["Au"].as_str() {
        "M" => 0.45,
        "S" => 0.56,
        "N" => 0.704,
        _ => panic!("Invalid value for Authentication (Au)."),
    };

    let second_adjusted_impact: f64 = 10.41
        * (1.0
            - (1.0 - conf_impact * conf_req)
                * (1.0 - integ_impact * integ_req)
                * (1.0 - avail_impact * avail_req));

    let adjusted_impact: f64 = match second_adjusted_impact {
        value if value < 10.0 => value,
        _ => 10.0,
    };

    let impact: f64 =
        10.41 * (1.0 - (1.0 - conf_impact) * (1.0 - integ_impact) * (1.0 - avail_impact));
    let exploitability: f64 = 20.0 * access_vector * access_complexity * authentication;
    let f_impact: f64 = match impact {
        value if value == 0.0 => 0.0,
        _ => 1.176,
    };
    let adjusted_base: f64 = (0.6 * adjusted_impact + (0.4 * exploitability - 1.5)) * f_impact;

    let exploitability: f64 = match vector["E"].as_str() {
        "U" => 0.85,
        "POC" => 0.9,
        "F" => 0.95,
        "H" => 1.0,
        "ND" => 1.0,
        _ => panic!("Invalid value for Exploitability (E)."),
    };

    let remediation_level: f64 = match vector["RL"].as_str() {
        "OF" => 0.87,
        "TF" => 0.90,
        "W" => 0.95,
        "U" => 1.0,
        "ND" => 1.0,
        _ => panic!("Invalid value for RemediationLevel (RL)."),
    };

    let report_confidence: f64 = match vector["RC"].as_str() {
        "UC" => 0.90,
        "UR" => 0.95,
        "C" => 1.0,
        "ND" => 1.0,
        _ => panic!("Invalid value for ReportConfidence (RC)"),
    };

    let mut adjusted_temporal: f64 =
        adjusted_base * exploitability * remediation_level * report_confidence;
    adjusted_temporal = (adjusted_temporal * 10.0).round() / 10.0;

    let score: f64 = (adjusted_temporal + (10.0 - adjusted_temporal) * collateral_damage_potential)
        * target_distribution;

    (score * 10.0).round() / 10.0
}

/// Calculate Severity for cvss version 2
///
/// # Examples
///
/// ```
/// use cvss_tools::calculate_severity_v_2;
///
/// let severity: String = calculate_severity_v_2(7.8);
///
/// assert_eq!(severity, "High".to_string());
/// ```
pub fn calculate_severity_v_2(base_score: f64) -> String {
    if base_score < 4.0 {
        "Low".to_string()
    } else if base_score < 7.0 {
        "Medium".to_string()
    } else {
        "High".to_string()
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn calculate_base_score_v_2_positive() {
        assert_eq!(
            calculate_base_score_v_2("AV:N/AC:L/Au:N/C:N/I:N/A:C".to_string()),
            7.8
        );
    }

    #[test]
    fn calculate_temp_score_v_2_positive() {
        assert_eq!(
            calculate_temp_score_v_2(7.8, "E:F/RL:OF/RC:C".to_string()),
            6.4
        );
    }

    #[test]
    fn calculate_env_score_v_2_positive() {
        let vector: String =
            "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:H".to_string();
        assert_eq!(calculate_env_score_v_2(vector), 9.2);
    }

    #[test]
    fn calculate_severity_v_2_low_positive() {
        for score in vec![0.0, 3.7, 3.9] {
            assert_eq!(calculate_severity_v_2(score), "Low".to_string());
        }
    }

    #[test]
    fn calculate_severity_v_2_medium_positive() {
        for score in vec![4.0, 5.0, 6.9] {
            assert_eq!(calculate_severity_v_2(score), "Medium".to_string());
        }
    }

    #[test]
    fn calculate_severity_v_2_high_positive() {
        for score in vec![7.0, 7.8, 10.0] {
            assert_eq!(calculate_severity_v_2(score), "High".to_string());
        }
    }

    #[test]
    fn calculate_score_v_4_positive() {
        let file_obj: File = match File::open("src/test_data/base_score_cvss_v4_values.json") {
            Ok(value) => value,
            Err(_) => panic!("Can't read base_score_cvss_v4_values.json"),
        };
        let reader = BufReader::new(file_obj);
        let data: HashMap<String, f64> = match serde_json::from_reader(reader) {
            Ok(value) => value,
            Err(_) => panic!("Can't create HashMap<String, f64> from reader."),
        };
        for (vector, score) in data {
            assert_eq!(calculate_score_v_4(vector.clone()), score, "{}", vector);
        }
    }

    #[test]
    fn calculate_severity_v_4_positive() {
        let file_obj: File = match File::open("src/test_data/base_severity_cvss_v4_values.json") {
            Ok(value) => value,
            Err(_) => panic!("Can't read base_severity_cvss_v4_values.json"),
        };
        let reader = BufReader::new(file_obj);
        let data: HashMap<String, String> = match serde_json::from_reader(reader) {
            Ok(value) => value,
            Err(_) => panic!("Can't create HashMap<String, String> from reader."),
        };
        for (vector, severity) in data {
            let score: f64 = calculate_score_v_4(vector);
            assert_eq!(calculate_severity_v_4(score), severity)
        }
    }
}