def main():
directory = os.path.dirname(__file__)
if len(sys.argv) > 1:
json_dir = sys.argv[1]
else:
json_dir = find_dir(directory, "idioms-json")
if len(sys.argv) > 2:
xml_dir = sys.argv[2]
else:
xml_dir = find_dir(directory, "idioms-xml")
if not os.path.exists(json_dir):
os.makedirs(json_dir)
sys.setrecursionlimit(2000)
for filename in sorted(os.listdir(xml_dir)):
file_and_ext = filename.split(".")
xml_path = os.path.join(xml_dir, filename)
destination = os.path.join(json_dir, file_and_ext[0] + ".json")
destination = os.path.abspath(destination)
initialize_options()
if file_and_ext[1] == "xml":
sys.stdout.write(xml_path + "\n")
json_output = elevate(xml_path)
with io.open(destination, "w", encoding="utf-8") as f:
f.write(json_output)
def _process_message(self, data: Dict) -> str:
file_fetch = data["file_fetch"]
file_uri = self.helper.opencti_url + file_fetch
self.helper.log_info(f"Importing the file {file_uri}")
file_content = self.helper.api.fetch_opencti_file(file_uri)
if data["file_mime"] == "text/xml":
self.helper.log_debug("Stix1 file. Attempting conversion")
initialize_options()
file_content = elevate(file_content)
entity_id = data.get("entity_id", None)
if entity_id:
self.helper.log_debug("Contextual import.")
bundle = parse(file_content)["objects"]
if self._contains_report(bundle):
self.helper.log_debug("Bundle contains report.")
else:
self.helper.log_debug("No Report in Stix file. Updating current report")
bundle = self._update_report(bundle, entity_id)
file_content = Bundle(objects=bundle).serialize()
bundles_sent = self.helper.send_stix2_bundle(file_content)
return "Sent " + str(len(bundles_sent)) + " stix bundle(s) for worker import"
def elevatefile(self, filename):
"""
Convert a STIX 1 XML file to a STIX 2 JSON
:param filename:
"""
initialize_options()
with open(filename, 'r') as stixfile:
results = elevate(stixfile.read())
print(results)
def _process_message(self, data):
file_fetch = data["file_fetch"]
file_uri = self.helper.opencti_url + file_fetch
self.helper.log_info("Importing the file " + file_uri)
file_content = self.helper.api.fetch_opencti_file(file_uri)
if data["file_mime"] == "text/xml":
initialize_options()
file_content = elevate(file_content)
bundles_sent = self.helper.send_stix2_bundle(file_content)
return "Sent " + str(len(bundles_sent)) + " stix bundle(s) for worker import"
def test_elevate_with_file():
setup_options()
directory = os.path.dirname(__file__)
xml_idioms_dir = find_dir(directory, "idioms-xml")
archive_file = os.path.join(xml_idioms_dir,
"141-TLP-marking-structures.xml")
json_result = elevate(archive_file)
assert json_result
print(json_result)
def main():
# Parse stix2-elevator command-line args
elevator_parser = _get_arg_parser()
elevator_args = elevator_parser.parse_args()
sys.setrecursionlimit(3000)
initialize_options(options=elevator_args)
result = elevate(elevator_args.file_)
if result:
sys.stdout.write(result + "\n")
else:
sys.exit(1)
def test_elevate_with_stix_package():
setup_options()
directory = os.path.dirname(__file__)
xml_idioms_dir = find_dir(directory, "idioms-xml")
archive_file = os.path.join(xml_idioms_dir,
"141-TLP-marking-structures.xml")
with io.open(archive_file, mode="r", encoding="utf-8") as f:
input_stix = f.read()
json_result = elevate(STIXPackage.from_xml(StringIO(input_stix)))
assert json_result
print(json_result)
def test_elevate_with_binary_string():
setup_options()
directory = os.path.dirname(__file__)
xml_idioms_dir = find_dir(directory, "idioms-xml")
archive_file = os.path.join(xml_idioms_dir,
"141-TLP-marking-structures.xml")
with io.open(archive_file, mode="rb") as f:
input_stix = f.read()
json_result = elevate(input_stix)
assert json_result
print(json_result)
def test_elevate_with_marking_container():
setup_options()
directory = os.path.dirname(__file__)
xml_idioms_dir = find_dir(directory, "idioms-xml")
archive_file = os.path.join(xml_idioms_dir,
"141-TLP-marking-structures.xml")
with io.open(archive_file, mode="r", encoding="utf-8") as f:
input_stix = f.read()
container = stixmarx.parse(StringIO(input_stix))
json_result = elevate(container)
assert json_result
print(json_result)
def main():
elevator_parser = _get_arg_parser(False)
elevator_parser.add_argument(
"dir_",
help="A directory containing STIX 1.x documents to be elevated.",
metavar="dir")
elevator_parser.add_argument("--output-directory",
help="output logs",
dest="output_directory",
action="store",
default=None)
elevator_args = elevator_parser.parse_args()
initialize_options(elevator_args)
set_option_value(
"validator_args",
get_option_value("validator_args") + " --version " +
get_option_value("spec_version"))
all_succeeded = True
sys.setrecursionlimit(2000)
for filename in sorted(os.listdir(elevator_args.dir_)):
path = os.path.join(elevator_args.dir_, filename)
if path.endswith(".xml"):
sys.stdout.write("\n" + path + "\n")
file_and_ext = filename.split(".")
set_option_value("file_", file_and_ext[0])
result = elevate(path)
if result:
if elevator_args.output_directory:
destination = os.path.join(elevator_args.output_directory,
file_and_ext[0] + ".json")
destination = os.path.abspath(destination)
with io.open(destination, "w", encoding="utf-8") as f:
f.write(result)
else:
sys.stdout.write(result + "\n")
else:
all_succeeded = False
if not all_succeeded:
sys.exit(1)
def idiom_elevator_mappings(before_file_path, stored_json, version,
missing_policy, ignore):
"""Test fresh conversion from XML to JSON matches stored JSON samples."""
print("Checking - " + before_file_path)
print("With Master - " + stored_json["id"])
initialize_options()
set_option_value("missing_policy", missing_policy)
set_option_value("log_level", "INFO")
set_option_value("spec_version", version)
set_option_value("validator_args", "--version " + version)
if not get_option_value("policy") == "no_policy":
print("'no_policy' is not allowed for testing")
set_option_value("policy", "no_policy")
sys.setrecursionlimit(3000)
converted_json = elevate(before_file_path)
print(converted_json)
converted_json = json.loads(converted_json)
return idiom_mappings(converted_json, stored_json, ignore)
def _process_message(self, data: Dict) -> str:
file_fetch = data["file_fetch"]
bypass_validation = data["bypass_validation"]
file_uri = self.helper.opencti_url + file_fetch
self.helper.log_info(f"Importing the file {file_uri}")
file_content = self.helper.api.fetch_opencti_file(file_uri)
if data["file_mime"] == "text/xml":
self.helper.log_debug("Stix1 file. Attempting conversion")
initialize_options()
file_content = elevate(file_content)
entity_id = data.get("entity_id", None)
if entity_id:
self.helper.log_info("Contextual import.")
bundle = parse(file_content, allow_custom=True)["objects"]
if self._contains_report(bundle):
self.helper.log_info("Bundle contains report.")
else:
self.helper.log_info(
"No Report in Stix file. Updating current report")
bundle = self._update_report(bundle, entity_id)
file_content = Bundle(objects=bundle,
allow_custom=True).serialize()
bundles_sent = self.helper.send_stix2_bundle(
file_content,
bypass_validation=bypass_validation,
file_name=data["file_id"],
entity_id=entity_id,
)
if self.helper.get_validate_before_import() and not bypass_validation:
return "Generated bundle sent for validation"
else:
return str(
len(bundles_sent)) + " generated bundle(s) for worker import"
def idiom_elevator_mappings(before_file_path, stored_json, version,
missing_policy, ignore):
"""Test fresh conversion from XML to JSON matches stored JSON samples."""
print("Checking - " + before_file_path)
print("With Master - " + stored_json["id"])
initialize_options(
options={
"spec_version": version,
"missing_policy": missing_policy,
"log_level": "WARN",
"incidents": True,
"validator_args": "--version " + version
})
if not get_option_value("policy") == "no_policy":
print("'no_policy' is the default for testing")
set_option_value("policy", "no_policy")
if version == "2.1":
set_option_value("acs", True)
sys.setrecursionlimit(3000)
converted_json = elevate(before_file_path)
print(converted_json)
converted_json = json.loads(converted_json)
return idiom_mappings(converted_json, stored_json, ignore)
