def test_mixed_parse2(num_trials): # Test mixed parse settings: # STIXGenerator: parse=True # ReferenceGraphGenerator: parse=False stix_gen_config = stix2generator.generation.stix_generator.Config( parse=True) ref_graph_config = stix2generator.generation.reference_graph_generator \ .Config( parse=False ) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config, ref_graph_generator_config=ref_graph_config, stix_version="2.1") for _ in range(num_trials): graph = stix_gen.generate() # Now we have something to test. All objects should be parsed. for obj in graph.values(): assert isinstance(obj, stix2.base._STIXBase)
def test_complete_ref_properties_false(num_trials): stix_gen_config = stix2generator.generation.stix_generator.Config( complete_ref_properties=False) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config) for _ in range(num_trials): graph = stix_gen.generate() # I think that if complete_ref_properties is False, non-relationship # ref properties would always have to be dangling. If there are no # non-relationship ref properties, none would be dangling, because it # would be an error for a relationship to refer to a non-existent # object. for id_, obj in graph.items(): if not stix2generator.utils.is_sro(obj): first_ref = next(stix2generator.utils.find_references(obj), None) has_non_relationship_ref_props = first_ref is not None if has_non_relationship_ref_props: break else: has_non_relationship_ref_props = False if has_non_relationship_ref_props: assert stix2generator.test.utils.has_dangling_references(graph) else: assert not stix2generator.test.utils.has_dangling_references(graph)
def test_not_stix2_parsing(num_trials): stix_gen_config = stix2generator.generation.stix_generator.Config( parse=False) ref_graph_config = stix2generator.generation.reference_graph_generator \ .Config( parse=False ) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config, ref_graph_generator_config=ref_graph_config, stix_version="2.1") identity = stix2.v21.Identity(name="Alice") for _ in range(num_trials): graph1 = {identity.id: identity} graph2 = stix_gen.generate(preexisting_objects=graph1) # ensure graph2 absorbed graph1 assert graph1.keys() <= graph2.keys() # Ensure the only parsed object is our original identity. for id_, obj in graph2.items(): if id_ == identity.id: assert isinstance(obj, stix2.v21.Identity) else: assert isinstance(obj, dict)
def test_mixed_parse1(num_trials): # Test mixed parse settings: # STIXGenerator: parse=False # ReferenceGraphGenerator: parse=True stix_gen_config = stix2generator.generation.stix_generator.Config( parse=False ) ref_graph_config = stix2generator.generation.reference_graph_generator \ .Config( parse=True ) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config, ref_graph_generator_config=ref_graph_config, stix_version="2.1" ) for _ in range(num_trials): # Nothing much to check here; some objects may be parsed, some may be # plain dicts. Just make sure there are no errors? stix_gen.generate()
def test_observed_data_observable_container(num_trials): """ Because of observed-data special-casing which occurs in the codebase, this test is intended to ensure that SDO in particular isn't getting messed up. """ # To induce observed-data SDOs to have an "objects" property (as opposed to # the new "object_refs" property), configure the object generator to # minimize properties. This will inhibit "object_refs" (since that's a ref # property) and force "objects". obj_gen_config = stix2generator.generation.object_generator.Config( minimize_ref_properties=True ) stix_gen = stix2generator.create_stix_generator( object_generator_config=obj_gen_config ) for _ in range(num_trials): graph = stix_gen.generate("observed-data") for id_, obj in graph.items(): if obj["type"] == "observed-data": observable_container = obj["objects"] assert not _observable_container_has_dangling_references( observable_container )
def stix21_generator(): """ Creates a STIX generator with default config for STIX 2.1. """ gen = stix2generator.create_stix_generator(stix_version="2.1") return gen
def test_complete_ref_properties_true(num_trials): stix_gen_config = stix2generator.generation.stix_generator.Config( complete_ref_properties=True) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config) for _ in range(num_trials): graph = stix_gen.generate() assert not stix2generator.test.utils.has_dangling_references(graph)
def test_relationship_count(num_trials): stix_gen_config = stix2generator.generation.stix_generator.Config( min_relationships=2, max_relationships=5) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config) for _ in range(num_trials): graph = stix_gen.generate() rel_count = _count_relationships(graph) assert 2 <= rel_count <= 5
def test_probability_sighting(num_trials): stix_gen_config = stix2generator.generation.stix_generator.Config( probability_sighting=0) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config) for _ in range(num_trials): graph = stix_gen.generate() has_sighting = any(obj["type"] == "sighting" for obj in graph.values()) assert not has_sighting
def test_probability_reuse(num_trials): # There shouldn't be any "cycles" if probability_reuse=0, since every # SRO addition results in all new objects. I don't think there's any # invariant we can test when probability_reuse=1... stix_gen_config = stix2generator.generation.stix_generator.Config( probability_reuse=0) stix_gen = stix2generator.create_stix_generator( stix_generator_config=stix_gen_config, stix_version="2.1") for _ in range(num_trials): graph = stix_gen.generate() assert not _has_sro_cycle_undirected(graph)
def main(): args = parse_args() stix2generator.logging.config_logging(args.verbose) obj_gen_config = stix2generator.generation.object_generator.Config( # hard-code; we need this disabled for ref graph max-depth setting # to mean anything. minimize_ref_properties=False) ref_gen_config = stix2generator.generation.reference_graph_generator.Config( max_depth=args.ref_max_depth, probability_reuse=args.p_reuse) stix_gen_config = stix2generator.generation.stix_generator.Config( min_relationships=args.min_rels, max_relationships=args.max_rels, probability_reuse=args.p_reuse, probability_sighting=args.p_sighting, complete_ref_properties=not args.dangling_refs) stix_gen = stix2generator.create_stix_generator( object_generator_config=obj_gen_config, ref_graph_generator_config=ref_gen_config, stix_generator_config=stix_gen_config, stix_version=args.stix_version) graph = stix_gen.generate() if args.bundle: bundle = stix2generator.utils.make_bundle(list(graph.values()), args.stix_version) print(bundle.serialize(pretty=True)) else: for obj in graph.values(): print(obj.serialize(pretty=True))