def main(): directory = os.path.dirname(__file__) if len(sys.argv) > 1: json_dir = sys.argv[1] else: json_dir = find_dir(directory, "idioms-json") if len(sys.argv) > 2: xml_dir = sys.argv[2] else: xml_dir = find_dir(directory, "idioms-xml") if not os.path.exists(json_dir): os.makedirs(json_dir) sys.setrecursionlimit(2000) for filename in sorted(os.listdir(xml_dir)): file_and_ext = filename.split(".") xml_path = os.path.join(xml_dir, filename) destination = os.path.join(json_dir, file_and_ext[0] + ".json") destination = os.path.abspath(destination) initialize_options() if file_and_ext[1] == "xml": sys.stdout.write(xml_path + "\n") json_output = elevate(xml_path) with io.open(destination, "w", encoding="utf-8") as f: f.write(json_output)
def _process_message(self, data: Dict) -> str: file_fetch = data["file_fetch"] file_uri = self.helper.opencti_url + file_fetch self.helper.log_info(f"Importing the file {file_uri}") file_content = self.helper.api.fetch_opencti_file(file_uri) if data["file_mime"] == "text/xml": self.helper.log_debug("Stix1 file. Attempting conversion") initialize_options() file_content = elevate(file_content) entity_id = data.get("entity_id", None) if entity_id: self.helper.log_debug("Contextual import.") bundle = parse(file_content)["objects"] if self._contains_report(bundle): self.helper.log_debug("Bundle contains report.") else: self.helper.log_debug("No Report in Stix file. Updating current report") bundle = self._update_report(bundle, entity_id) file_content = Bundle(objects=bundle).serialize() bundles_sent = self.helper.send_stix2_bundle(file_content) return "Sent " + str(len(bundles_sent)) + " stix bundle(s) for worker import"
def elevatefile(self, filename): """ Convert a STIX 1 XML file to a STIX 2 JSON :param filename: """ initialize_options() with open(filename, 'r') as stixfile: results = elevate(stixfile.read()) print(results)
def _process_message(self, data): file_fetch = data["file_fetch"] file_uri = self.helper.opencti_url + file_fetch self.helper.log_info("Importing the file " + file_uri) file_content = self.helper.api.fetch_opencti_file(file_uri) if data["file_mime"] == "text/xml": initialize_options() file_content = elevate(file_content) bundles_sent = self.helper.send_stix2_bundle(file_content) return "Sent " + str(len(bundles_sent)) + " stix bundle(s) for worker import"
def test_elevate_with_file(): setup_options() directory = os.path.dirname(__file__) xml_idioms_dir = find_dir(directory, "idioms-xml") archive_file = os.path.join(xml_idioms_dir, "141-TLP-marking-structures.xml") json_result = elevate(archive_file) assert json_result print(json_result)
def main(): # Parse stix2-elevator command-line args elevator_parser = _get_arg_parser() elevator_args = elevator_parser.parse_args() sys.setrecursionlimit(3000) initialize_options(options=elevator_args) result = elevate(elevator_args.file_) if result: sys.stdout.write(result + "\n") else: sys.exit(1)
def test_elevate_with_stix_package(): setup_options() directory = os.path.dirname(__file__) xml_idioms_dir = find_dir(directory, "idioms-xml") archive_file = os.path.join(xml_idioms_dir, "141-TLP-marking-structures.xml") with io.open(archive_file, mode="r", encoding="utf-8") as f: input_stix = f.read() json_result = elevate(STIXPackage.from_xml(StringIO(input_stix))) assert json_result print(json_result)
def test_elevate_with_binary_string(): setup_options() directory = os.path.dirname(__file__) xml_idioms_dir = find_dir(directory, "idioms-xml") archive_file = os.path.join(xml_idioms_dir, "141-TLP-marking-structures.xml") with io.open(archive_file, mode="rb") as f: input_stix = f.read() json_result = elevate(input_stix) assert json_result print(json_result)
def test_elevate_with_marking_container(): setup_options() directory = os.path.dirname(__file__) xml_idioms_dir = find_dir(directory, "idioms-xml") archive_file = os.path.join(xml_idioms_dir, "141-TLP-marking-structures.xml") with io.open(archive_file, mode="r", encoding="utf-8") as f: input_stix = f.read() container = stixmarx.parse(StringIO(input_stix)) json_result = elevate(container) assert json_result print(json_result)
def main(): elevator_parser = _get_arg_parser(False) elevator_parser.add_argument( "dir_", help="A directory containing STIX 1.x documents to be elevated.", metavar="dir") elevator_parser.add_argument("--output-directory", help="output logs", dest="output_directory", action="store", default=None) elevator_args = elevator_parser.parse_args() initialize_options(elevator_args) set_option_value( "validator_args", get_option_value("validator_args") + " --version " + get_option_value("spec_version")) all_succeeded = True sys.setrecursionlimit(2000) for filename in sorted(os.listdir(elevator_args.dir_)): path = os.path.join(elevator_args.dir_, filename) if path.endswith(".xml"): sys.stdout.write("\n" + path + "\n") file_and_ext = filename.split(".") set_option_value("file_", file_and_ext[0]) result = elevate(path) if result: if elevator_args.output_directory: destination = os.path.join(elevator_args.output_directory, file_and_ext[0] + ".json") destination = os.path.abspath(destination) with io.open(destination, "w", encoding="utf-8") as f: f.write(result) else: sys.stdout.write(result + "\n") else: all_succeeded = False if not all_succeeded: sys.exit(1)
def idiom_elevator_mappings(before_file_path, stored_json, version, missing_policy, ignore): """Test fresh conversion from XML to JSON matches stored JSON samples.""" print("Checking - " + before_file_path) print("With Master - " + stored_json["id"]) initialize_options() set_option_value("missing_policy", missing_policy) set_option_value("log_level", "INFO") set_option_value("spec_version", version) set_option_value("validator_args", "--version " + version) if not get_option_value("policy") == "no_policy": print("'no_policy' is not allowed for testing") set_option_value("policy", "no_policy") sys.setrecursionlimit(3000) converted_json = elevate(before_file_path) print(converted_json) converted_json = json.loads(converted_json) return idiom_mappings(converted_json, stored_json, ignore)
def _process_message(self, data: Dict) -> str: file_fetch = data["file_fetch"] bypass_validation = data["bypass_validation"] file_uri = self.helper.opencti_url + file_fetch self.helper.log_info(f"Importing the file {file_uri}") file_content = self.helper.api.fetch_opencti_file(file_uri) if data["file_mime"] == "text/xml": self.helper.log_debug("Stix1 file. Attempting conversion") initialize_options() file_content = elevate(file_content) entity_id = data.get("entity_id", None) if entity_id: self.helper.log_info("Contextual import.") bundle = parse(file_content, allow_custom=True)["objects"] if self._contains_report(bundle): self.helper.log_info("Bundle contains report.") else: self.helper.log_info( "No Report in Stix file. Updating current report") bundle = self._update_report(bundle, entity_id) file_content = Bundle(objects=bundle, allow_custom=True).serialize() bundles_sent = self.helper.send_stix2_bundle( file_content, bypass_validation=bypass_validation, file_name=data["file_id"], entity_id=entity_id, ) if self.helper.get_validate_before_import() and not bypass_validation: return "Generated bundle sent for validation" else: return str( len(bundles_sent)) + " generated bundle(s) for worker import"
def idiom_elevator_mappings(before_file_path, stored_json, version, missing_policy, ignore): """Test fresh conversion from XML to JSON matches stored JSON samples.""" print("Checking - " + before_file_path) print("With Master - " + stored_json["id"]) initialize_options( options={ "spec_version": version, "missing_policy": missing_policy, "log_level": "WARN", "incidents": True, "validator_args": "--version " + version }) if not get_option_value("policy") == "no_policy": print("'no_policy' is the default for testing") set_option_value("policy", "no_policy") if version == "2.1": set_option_value("acs", True) sys.setrecursionlimit(3000) converted_json = elevate(before_file_path) print(converted_json) converted_json = json.loads(converted_json) return idiom_mappings(converted_json, stored_json, ignore)