예제 #1
0
 def test_multiple_values_in_same_location(self):
     sio = StringIO(MULTIVALUE_INSTANCE_XML)
     parse_obj = parser.MarkingParser(sio)
     package = parse_obj.parse()
     o = package.observables[0]
     ip_address = o.object_.properties
     self.assertTrue(hasattr(ip_address, "__datamarkings__"))
     self.assertEqual(len(ip_address.__datamarkings__), 1)
예제 #2
0
    def test_same_value_different_location(self):
        """URL: https://github.com/mitre/stixmarx/pull/9"""
        sio = StringIO(ISSUE9_XML)
        parse_obj = parser.MarkingParser(sio)
        package = parse_obj.parse()

        for o in package.observables:
            file_obj = o.object_.properties
            size_in_bytes = file_obj.size_in_bytes
            hashes = file_obj.hashes
            self.assertTrue(hasattr(size_in_bytes, "__datamarkings__"))
            self.assertEqual(len(size_in_bytes.__datamarkings__), 1)
            for hash_ in hashes:
                self.assertTrue(hasattr(hash_, "__datamarkings__"))
                self.assertTrue(
                    hasattr(hash_.simple_hash_value, "__datamarkings__"))
                self.assertEqual(len(hash_.__datamarkings__), 1)
                self.assertEqual(len(hash_.simple_hash_value.__datamarkings__),
                                 1)
예제 #3
0
    def setUpClass(cls):
        indicator = Indicator(title="Indicator 1",
                              description="Description Indicator 1")

        indicator.alternative_id = "indicator:example1"
        indicator.observables = generate_observable()

        cls.stix_package = STIXPackage()
        cls.stix_package.add_indicator(indicator)

        cls.cybox = (address_object.Address(), address_object.EmailAddress(),
                     disk_object.Disk(),
                     win_executable_file_object.DOSHeader(),
                     win_process_object.StartupInfo(),
                     network_packet_object.NetworkPacket())

        sio = StringIO(cls.stix_package.to_xml().decode("utf-8"))
        cls.PARSER = parser.MarkingParser(sio)

        cls.msg = "For entity {0}: {1} not found in _FIELDS dictionary."
예제 #4
0
    def test_mapping_assertion(self):
        """Tests the mappings for objects."""
        indicator = self.stix_package.indicators[0]

        for properties in indicator.typed_fields_with_attrnames():
            attr, tf = properties
            selector = attrmap.xmlfield(indicator, attr)
            self.assertTrue(selector, self.msg.format(indicator, attr))

            if selector == "Title":
                prefix = indicator._ID_PREFIX

                cntrl = generate_control_exp(prefix, selector)
                xpath = etree.XPath(cntrl, namespaces=self.PARSER._root.nsmap)

                result = xpath(self.PARSER._root)
                self.assertEqual(len(result), 1)

                name = xml.localname(result[0])

                self.assertEqual(name, selector)
                self.assertEqual(result[0].text, getattr(indicator, attr))

                apply_markings(self.stix_package, prefix, selector)

        # re-parse the document with marking changes.
        sio = StringIO(self.stix_package.to_xml().decode("utf-8"))
        self.PARSER = parser.MarkingParser(sio)
        package = self.PARSER.parse()

        self.assertEqual(len(package.indicators), 1)

        # See if the indicator was not marked.
        indicator = package.indicators[0]
        self.assertTrue(indicator in self.PARSER._entities)
        self.assertFalse(hasattr(indicator, api._ATTR_DATA_MARKINGS))

        title = indicator.title
        self.assertTrue(
            isinstance(title, (types.MarkableText, types.MarkableBytes)))
        self.assertEqual(len(title.__datamarkings__), 1)
예제 #5
0
 def setUpClass(cls):
     sio = StringIO(XML_LIST)
     cls.PARSER = parser.MarkingParser(sio)
     cls.PACKAGE = cls.PARSER.parse()
예제 #6
0
 def setUpClass(cls):
     sio = StringIO(XML_GLOBAL)
     cls.PARSER = parser.MarkingParser(sio)