From 30e584a8910742920606c68eae551085ce063354 Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Wed, 23 Jun 2021 12:18:46 +0200
Subject: [PATCH] Revert "chg: Remove legacy stix converter."

This reverts commit 94ce4a367bbde9284a6f29e6e6152c91de386879.

- breaks misp-stix converter, reverting it for now, let's find a way to deprecate this without outright removing it
---
 pymisp/__init__.py   |  1 +
 pymisp/tools/stix.py | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 pymisp/tools/stix.py

diff --git a/pymisp/__init__.py b/pymisp/__init__.py
index 4698d56..960b308 100644
--- a/pymisp/__init__.py
+++ b/pymisp/__init__.py
@@ -36,6 +36,7 @@ try:
                             MISPCorrelationExclusion)
     from .tools import AbstractMISPObjectGenerator  # noqa
     from .tools import Neo4j  # noqa
+    from .tools import stix  # noqa
     from .tools import openioc  # noqa
     from .tools import ext_lookups  # noqa
     from .tools import update_objects  # noqa
diff --git a/pymisp/tools/stix.py b/pymisp/tools/stix.py
new file mode 100644
index 0000000..0c0f605
--- /dev/null
+++ b/pymisp/tools/stix.py
@@ -0,0 +1,35 @@
+# -*- coding: utf-8 -*-
+
+try:
+    from misp_stix_converter.converters.buildMISPAttribute import buildEvent  # type: ignore
+    from misp_stix_converter.converters import convert  # type: ignore
+    from misp_stix_converter.converters.convert import MISPtoSTIX  # type: ignore
+    has_misp_stix_converter = True
+except ImportError:
+    has_misp_stix_converter = False
+
+
+def load_stix(stix, distribution: int = 3, threat_level_id: int = 2, analysis: int = 0):
+    '''Returns a MISPEvent object from a STIX package'''
+    if not has_misp_stix_converter:
+        raise Exception('You need to install misp_stix_converter: pip install git+https://github.com/MISP/MISP-STIX-Converter.git')
+    stix = convert.load_stix(stix)
+    return buildEvent(stix, distribution=distribution,
+                      threat_level_id=threat_level_id, analysis=analysis)
+
+
+def make_stix_package(misp_event, to_json: bool = False, to_xml: bool = False):
+    '''Returns a STIXPackage from a MISPEvent.
+
+       Optionally can return the package in json or xml.
+
+    '''
+    if not has_misp_stix_converter:
+        raise Exception('You need to install misp_stix_converter: pip install git+https://github.com/MISP/MISP-STIX-Converter.git')
+    package = MISPtoSTIX(misp_event)
+    if to_json:
+        return package.to_json()
+    elif to_xml:
+        return package.to_xml()
+    else:
+        return package