def from_dict(analysis_dict):
if not analysis_dict:
return None
analysis_ = Analysis(None)
analysis_.id = analysis_dict.get("id")
analysis_.method = analysis_dict.get("method")
analysis_.type = analysis_dict.get("type")
analysis_.ordinal_position = analysis_dict.get("ordinal_position")
analysis_.complete_datetime = analysis_dict.get("complete_datetime")
analysis_.start_datetime = analysis_dict.get("start_datetime")
analysis_.lastupdate_datetime = analysis_dict.get("lastupdate_datetime")
analysis_.source = Source.from_dict(analysis_dict.get("source"))
analysis_.analysts = Personnel.from_list(analysis_dict.get("analysts"))
analysis_.summary = StructuredText.from_dict(analysis_dict.get("summary"))
analysis_.comments = CommentList.from_list(analysis_dict.get("comments"))
if analysis_dict.get("findings_bundle_reference"):
analysis_.findings_bundle_reference = [
BundleReference.from_dict(x) for x in analysis_dict.get("findings_bundle_reference")
]
analysis_.tools = ToolList.from_list(analysis_dict.get("tools", []))
analysis_.dynamic_analysis_metadata = DynamicAnalysisMetadata.from_dict(
analysis_dict.get("dynamic_analysis_metadata")
)
analysis_.analysis_environment = AnalysisEnvironment.from_dict(analysis_dict.get("analysis_environment"))
analysis_.report = StructuredText.from_dict(analysis_dict.get("report"))
return analysis_
def test_plain(self):
text = StructuredText.from_dict("a string")
text2 = cybox.test.round_trip(text)
self.assertEqual(text.to_dict(), text2.to_dict())
text_dict = {'value': "a string"}
text3 = StructuredText.from_dict(text_dict)
self.assertEqual(text.to_dict(), text3.to_dict())
def test_plain(self):
text = StructuredText.from_dict("a string")
text2 = cybox.test.round_trip(text)
self.assertEqual(text.to_dict(), text2.to_dict())
text_dict = {'value': "a string"}
text3 = StructuredText.from_dict(text_dict)
self.assertEqual(text.to_dict(), text3.to_dict())
def from_dict(platform_specification_dict):
if not platform_specification_dict:
return None
platform_specification_ = PlatformSpecification()
platform_specification_.description = StructuredText.from_dict(platform_specification_dict.get('description'))
platform_specification_.identifiers = [PlatformIdentifier.from_dict(x) for x in platform_specification_dict.get('identifiers',[])]
return platform_specification_
def from_dict(observable_dict):
if not observable_dict:
return None
from cybox.core import PatternFidelity
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(
observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.event = Object.from_dict(observable_dict.get('event'))
obs.observable_composition = ObservableComposition.from_dict(
observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
obs.sighting_count = observable_dict.get('sighting_count')
if observable_dict.get('observable_source'):
obs.observable_source = [
MeasureSource.from_dict(x)
for x in observable_dict.get('observable_source')
]
obs.keywords = Keywords.from_dict(observable_dict.get('keywords'))
obs.pattern_fidelity = PatternFidelity.from_dict(
observable_dict.get('pattern_fidelity'))
return obs
def from_dict(platform_specification_dict):
if not platform_specification_dict:
return None
platform_specification_ = PlatformSpecification()
platform_specification_.description = StructuredText.from_dict(platform_specification_dict.get('description'))
platform_specification_.identifiers = [PlatformIdentifier.from_dict(x) for x in platform_specification_dict.get('identifiers',[])]
return platform_specification_
def from_dict(toolinfo_dict, tool_class=None):
if not toolinfo_dict:
return None
if not tool_class:
toolinfo = ToolInformation()
else:
toolinfo = tool_class
toolinfo.id_ = toolinfo_dict.get('id')
toolinfo.idref = toolinfo_dict.get('idref')
toolinfo.name = toolinfo_dict.get('name')
toolinfo.type_ = [
ToolType.from_dict(x) for x in toolinfo_dict.get('type', [])
]
toolinfo.description = StructuredText.from_dict(
toolinfo_dict.get('description'))
toolinfo.vendor = toolinfo_dict.get('vendor')
toolinfo.version = toolinfo_dict.get('version')
toolinfo.service_pack = toolinfo_dict.get('service_pack')
toolinfo.tool_hashes = HashList.from_list(
toolinfo_dict.get('tool_hashes'))
return toolinfo
def from_dict(comment_dict):
if not comment_dict:
return None
comment_ = StructuredText.from_dict(comment_dict, Comment())
comment_.author = comment_dict.get("author")
comment_.timestamp = comment_dict.get("timestamp")
comment_.observation_name = comment_dict.get("observation_name")
return comment_
def from_dict(observable_dict):
if not observable_dict:
return None
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
return obs
def from_dict(measure_source_dict):
if not measure_source_dict:
return None
measure_source_ = MeasureSource()
measure_source_.class_ = measure_source_dict.get('class')
measure_source_.source_type = measure_source_dict.get('source_type')
measure_source_.name = measure_source_dict.get('name')
measure_source_.information_source_type = VocabString.from_dict(measure_source_dict.get('information_source_type'))
measure_source_.tool_type = VocabString.from_dict(measure_source_dict.get('tool_type'))
measure_source_.description = StructuredText.from_dict(measure_source_dict.get('description'))
measure_source_.contributors = Personnel.from_list(measure_source_dict.get('contributors'))
measure_source_.time = Time.from_dict(measure_source_dict.get('time'))
measure_source_.tools = ToolInformationList.from_list(measure_source_dict.get('tools'))
measure_source_.platform = None #TODO: add support
measure_source_.system = ObjectProperties.from_dict(measure_source_dict.get('system'))
measure_source_.instance = ObjectProperties.from_dict(measure_source_dict.get('instance'))
return measure_source_
def from_dict(observable_dict):
if not observable_dict:
return None
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.event = Object.from_dict(observable_dict.get('event'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
obs.sighting_count = observable_dict.get('sighting_count')
if observable_dict.get('observable_source'):
obs.observable_source = [MeasureSource.from_dict(x) for x in observable_dict.get('observable_source')]
return obs
def from_dict(toolinfo_dict, toolinfo=None):
if not toolinfo_dict:
return None
if not toolinfo:
toolinfo = ToolInformation()
toolinfo.id_ = toolinfo_dict.get('id')
toolinfo.idref = toolinfo_dict.get('idref')
toolinfo.name = toolinfo_dict.get('name')
toolinfo.type_ = [VocabString.from_dict(x) for x in toolinfo_dict.get('type', [])]
toolinfo.description = StructuredText.from_dict(toolinfo_dict.get('description'))
toolinfo.vendor = toolinfo_dict.get('vendor')
toolinfo.version = toolinfo_dict.get('version')
toolinfo.service_pack = toolinfo_dict.get('service_pack')
toolinfo.tool_hashes = HashList.from_list(toolinfo_dict.get('tool_hashes'))
return toolinfo
def from_dict(observable_dict):
if not observable_dict:
return None
from cybox.core import PatternFidelity
obs = Observable()
obs.id_ = observable_dict.get('id')
obs.title = observable_dict.get('title')
obs.description = StructuredText.from_dict(observable_dict.get('description'))
obs.object_ = Object.from_dict(observable_dict.get('object'))
obs.event = Object.from_dict(observable_dict.get('event'))
obs.observable_composition = ObservableComposition.from_dict(observable_dict.get('observable_composition'))
obs.idref = observable_dict.get('idref')
obs.sighting_count = observable_dict.get('sighting_count')
if observable_dict.get('observable_source'):
obs.observable_source = [MeasureSource.from_dict(x) for x in observable_dict.get('observable_source')]
obs.keywords = Keywords.from_dict(observable_dict.get('keywords'))
obs.pattern_fidelity = PatternFidelity.from_dict(observable_dict.get('pattern_fidelity'))
return obs
def from_dict(action_dict, action_cls = None):
if not action_dict:
return None
if action_cls == None:
action_cls = Action()
action_ = action_cls
action_.id = action_dict.get('id')
action_.idref = action_dict.get('idref')
action_.ordinal_position = action_dict.get('ordinal_position')
action_.action_status = action_dict.get('action_status')
action_.context = action_dict.get('context')
action_.timestamp = action_dict.get('timestamp')
action_.type = VocabString.from_dict(action_dict.get('type'))
action_.name = VocabString.from_dict(action_dict.get('name'))
action_.description = StructuredText.from_dict(action_dict.get('description'))
action_.action_aliases = action_dict.get('action_aliases', [])
action_.action_arguments = ActionArguments.from_list(action_dict.get('action_arguments', []))
action_.discovery_method = MeasureSource.from_dict(action_dict.get('discovery_method'))
action_.associated_objects = AssociatedObjects.from_list(action_dict.get('associated_objects', []))
action_.relationships = ActionRelationships.from_list(action_dict.get('relationships', []))
#action_.frequency = Frequency.from_dict(action_dict.get('frequency')) #TODO: add support
return action_
