def schema_validate(fn, options):
"""Performs STIX/CybOX XML Schema validation against the input filename.
Args:
fn: A filename for a STIX/CybOX XML document
options: ValidationOptions instance with validation options for this
validation run.
Returns:
A dictionary of validation results
"""
info("Performing xml schema validation on %s" % fn)
results = sdv.validate_xml(
fn,
version=options.lang_version,
schemas=options.schema_dir,
schemaloc=options.use_schemaloc,
klass=options.xml_validation_class
)
if not results.is_valid:
raise SchemaInvalidError(results=results)
return results
def test_invalid(self):
xml = StringIO(CYBOX_INVALID)
results = sdv.validate_xml(xml)
# Assert that the document is identified as being invalid
self.assertFalse(results.is_valid)
# Assert that the badAttr attribute is the only error recorded
self.assertEqual(len(results.errors), 1)
def validate_xml(data):
try:
return {
"xml": sdv.validate_xml(StringIO.StringIO(data)).as_dict(),
"best_practices": sdv.validate_best_practices(StringIO.StringIO(data)).as_dict(),
"result": "validated"
}
except sdv.errors.ValidationError as e:
return {"result": "error", "message": str(e)}
def test_invalid(self):
xml = StringIO(CYBOX_INVALID)
results = sdv.validate_xml(xml)
# Assert that the document is identified as being invalid
self.assertFalse(results.is_valid)
# Assert that the badAttr attribute is the only error recorded
self.assertEqual(len(results.errors), 1)
def test_invalid(self):
xml = StringIO(STIX_INVALID)
results = sdv.validate_xml(xml)
# Assert that the document is identified as being invalid
self.assertFalse(results.is_valid)
# Assert that the badAttr attribute and stix:INVALID element are
# errors are recorded.
self.assertEqual(len(results.errors), 2)
def test_invalid(self):
xml = StringIO(STIX_INVALID)
results = sdv.validate_xml(xml)
# Assert that the document is identified as being invalid
self.assertFalse(results.is_valid)
# Assert that the badAttr attribute and stix:INVALID element are
# errors are recorded.
self.assertEqual(len(results.errors), 2)
def test_validate_indicators(indicator):
from TAXIIServer import get_stix_indicator, NAMESPACE_URI, NAMESPACE
# Arrange
stix_indicator = get_stix_indicator(indicator)
stix_xml = stix_indicator.to_xml(ns_dict={NAMESPACE_URI: NAMESPACE})
xml_file = lxml.etree.fromstring(stix_xml)
tree = lxml.etree.ElementTree(xml_file)
# Assert
assert sdv.validate_xml(tree)
def validate_stix(xml):
"""
Validate a STIX XML structure using stix-validator. Currently does not
support profile validation until we can find a way to provide a profile
file.
:param xml: The XML to validate.
:type xml: str
:returns: dict
"""
rdict = {'xml': None,
'best_practices': None,
#'profile': None,
}
xml = xml.encode('utf-8').strip()
f = StringIO(xml)
try:
result = sdv.validate_xml(f, schemaloc=True)
rdict['xml'] = result.as_dict()
except sdv.errors.UnknownSTIXVersionError, e:
rdict['xml'] = "Could not determine @version attribute: %s" % str(e)
def validate_stix(xml):
"""
Validate a STIX XML structure using stix-validator. Currently does not
support profile validation until we can find a way to provide a profile
file.
:param xml: The XML to validate.
:type xml: str
:returns: dict
"""
rdict = {'xml': None,
'best_practices': None,
#'profile': None,
}
xml = xml.encode('utf-8').strip()
f = BytesIO(xml)
try:
result = sdv.validate_xml(f, schemaloc=True)
rdict['xml'] = result.as_dict()
except sdv.errors.UnknownSTIXVersionError, e:
rdict['xml'] = "Could not determine @version attribute: %s" % str(e)
def schema_validate(fn, options):
"""Performs STIX/CybOX XML Schema validation against the input filename.
Args:
fn: A filename for a STIX/CybOX XML document
options: ValidationOptions instance with validation options for this
validation run.
Returns:
A dictionary of validation results
"""
info("Performing xml schema validation on %s" % fn)
results = sdv.validate_xml(fn,
version=options.lang_version,
schemas=options.schema_dir,
schemaloc=options.use_schemaloc,
klass=options.xml_validation_class)
if not results.is_valid:
raise SchemaInvalidError(results=results)
return results
def test_defined_version(self):
xml = StringIO(STIX_NO_VERSION_XML)
results = sdv.validate_xml(xml, version="1.1.1")
self.assertTrue(results.is_valid)
def test_valid(self):
xml = StringIO(STIX_1_1_1_XML)
results = sdv.validate_xml(xml)
self.assertTrue(results.is_valid)
def test_defined_version(self):
xml = StringIO(CYBOX_2_1_XML)
results = sdv.validate_xml(xml, version="2.1")
self.assertTrue(results.is_valid)
def test_defined_version(self):
xml = StringIO(STIX_NO_VERSION_XML)
results = sdv.validate_xml(xml, version="1.1.1")
self.assertTrue(results.is_valid)
def verify_content_is_valid(content, content_binding, taxii_message_id):
# Validate that the STIX content is actually STIX content with the
# STIX Validator
verify_results = namedtuple(u'VerifyResults', u'is_valid message')
# Handle whatever sort of bytes or strings we get
# and put it in a StringIO so that the Stix-validator will process
# it correctly
if isinstance(content, six.BytesIO):
content_to_validate = six.StringIO(content.decode())
elif isinstance(content, bytes):
content_to_validate = six.StringIO(content.decode())
else:
content_to_validate = six.StringIO(content)
if not isinstance(content_binding, str):
content_binding = str(content_binding.to_text())
try:
# Run the STIX data validator with the correct content binding
# Eliminates the chance of a client sending the wrong STIX file
# with the wrong content_binding.
if content_binding == CB_STIX_XML_10:
results = sdv.validate_xml(content_to_validate, u'1.0')
elif content_binding == CB_STIX_XML_101:
results = sdv.validate_xml(content_to_validate, u'1.0.1')
elif content_binding == CB_STIX_XML_11:
results = sdv.validate_xml(content_to_validate, u'1.1')
elif content_binding == CB_STIX_XML_111:
results = sdv.validate_xml(content_to_validate, u'1.1.1')
elif content_binding == CB_STIX_XML_12:
results = sdv.validate_xml(content_to_validate, u'1.2')
else:
# this is not a content type we can validate
# it might be a custom URN, so we need to just let it through
# without validation
return verify_results(
is_valid=True,
message=("The STIX content in the content block is valid "
"({})".format(content_binding)))
# Test the results of the validator to make sure the schema is valid
if not results.is_valid:
return verify_results(
is_valid=False,
message="The TAXII message {}".format(taxii_message_id) +
" contains invalid STIX {}".format(content_binding) +
" content in one of the content blocks (incorrect" +
" content binding supplied?)")
except Exception as ve:
return verify_results(
is_valid=False,
message="The TAXII message {} contains".format(taxii_message_id) +
" invalid STIX {} content".format(content_binding) +
" in one of the content blocks (incorrect content" +
" binding supplied?)")
return verify_results(
is_valid=True,
message="The STIX content in the content block is valid" +
"({})".format(content_binding))
def test_valid(self):
xml = StringIO(STIX_1_1_1_XML)
results = sdv.validate_xml(xml)
self.assertTrue(results.is_valid)
def test_defined_version(self):
xml = StringIO(CYBOX_2_1_XML)
results = sdv.validate_xml(xml, version="2.1")
self.assertTrue(results.is_valid)
