def test_stix_transform(self): """ Objective: Test if our STIX xml can be validated. """ config = ConfigParser() config_file = os.path.join(os.path.dirname(__file__), '../conpot.cfg') config.read(config_file) config.set('taxii', 'enabled', True) config.set('taxii', 'use_contact_info', True) config.set('taxii', 'contact_name', 'conpot') config.set('taxii', 'contact_mail', '[email protected]') config.set('taxii', 'contact_domain', 'http://conpot.org/stix-1') test_event = {'remote': ('127.0.0.1', 54872), 'data_type': 's7comm', 'public_ip': '111.222.111.222', 'timestamp': datetime.now(), 'session_id': str(uuid.uuid4()), 'data': {0: {'request': 'who are you', 'response': 'mr. blue'}, 1: {'request': 'give me apples', 'response': 'no way'}}} dom = etree.parse('conpot/templates/default/template.xml') stixTransformer = StixTransformer(config, dom) stix_package_xml = stixTransformer.transform(test_event) xmlValidator = STIXValidator(None, True, False) result_dict = xmlValidator.validate(StringIO(stix_package_xml.encode('utf-8'))) errors = '' if 'errors' in result_dict: errors = ', '.join(result_dict['errors']) self.assertTrue(result_dict['result'], 'Error while validations STIX xml: {0}'. format(errors))
def test_stix_transform(self): """ Objective: Test if our STIX xml can be validated. """ config = ConfigParser() config_file = os.path.join(os.path.dirname(__file__), '../conpot.cfg') config.read(config_file) config.set('taxii', 'enabled', True) config.set('taxii', 'use_contact_info', True) config.set('taxii', 'contact_name', 'James Bond') config.set('taxii', 'contact_mail', '[email protected]') test_event = { 'remote': ('127.0.0.1', 54872), 'data_type': 's7comm', 'public_ip': '111.222.111.222', 'timestamp': datetime.now(), 'session_id': '101d9884-b695-4d8b-bf24-343c7dda1b68', 'data': { 0: { 'request': 'who are you', 'response': 'mr. blue' }, 1: { 'request': 'give me apples', 'response': 'no way' } } } dom = etree.parse('conpot/templates/default.xml') stixTransformer = StixTransformer(config, dom) stix_package_xml = stixTransformer.transform(test_event) xmlValidator = STIXValidator(None, True, False) result_dict = xmlValidator.validate( StringIO(stix_package_xml.encode('utf-8'))) errors = '' if 'errors' in result_dict: errors = ', '.join(result_dict['errors']) self.assertTrue(result_dict['result'], 'Error while validations STIX xml: {0}'.format(errors))
def test_stix_transform(self): """ Objective: Test if our STIX xml can be validated. """ config = ConfigParser() config_file = os.path.join(os.path.dirname(__file__), '../conpot.cfg') config.read(config_file) config.set('taxii', 'enabled', True) config.set('taxii', 'use_contact_info', True) config.set('taxii', 'contact_name', 'James Bond') config.set('taxii', 'contact_mail', '[email protected]') test_event = {'remote': ('127.0.0.1', 54872), 'data_type': 's7comm', 'public_ip': '111.222.111.222', 'timestamp': datetime.now(), 'session_id': '101d9884-b695-4d8b-bf24-343c7dda1b68', 'data': {0: {'request': 'who are you', 'response': 'mr. blue'}, 1: {'request': 'give me apples', 'response': 'no way'}}} stixTransformer = StixTransformer(config) stix_package_xml = stixTransformer.transform(test_event) xmlValidator = STIXValidator(None, True, False) (isvalid, validation_error, best_practice_warnings) = xmlValidator.validate(StringIO(stix_package_xml.encode('utf-8'))) self.assertTrue(isvalid, 'Error while parsing STIX xml: {0}'.format(validation_error))