MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
3,245 Commits
13 Branches
176 Tags
95 MiB
Commit Graph

342 Commits (main)

Author SHA1 Message Date
Christian Studer 614d2e0ca1
fix: [AnalystData] Added missing properties for Notes and Opinions 
- This is now needed because MISPNote and MISPOpinion
  are no longer part of AnalystDataBehaviorMixin and
  cannot then get them from there
 2024-12-24 09:55:07 +01:00
Christian Studer e38dfe33b0
Merge branch 'main' of github.com:misp/pymisp into analyst_data_fix 2024-12-18 10:40:07 +01:00
Raphaël Vinot 6c3e91cbc0
new: create a sign_blob method to sign events 2024-12-16 12:22:38 +01:00
iglocska 671c9fabf5
new: [support for signing] added 
- added new class CryptographicKeys
- added functions to to_feed calls to include crypto keys
- added protected boolean field to misp event

- updated feed generator to support signing
  - if the new setting is set to True signing will be attempted for protected events
  - protected events are now passed to the /cryptographic_keys/serverSign endpoint of misp for signing
  - signatures are included as a .asc file in the output directory

- TODO:
  - currently the JSON dumping is moved from a streamed dumping to an in memory dump before saving to disk
  - add a check for protected events and revert to streamed dumping for non protected events
  - alternatively use the already saved files to request signing from MISP
 2024-12-08 18:48:07 +01:00
Christian Studer 90b8f5883a
fix: [MISPAnalystData] Added missing typing 2024-11-20 13:36:19 +01:00
Christian Studer 6ca367dc25
fix: [MISPAnalystData] Reverted the declaration of Analyst data objects lists back to the mixin parent class 2024-11-20 13:21:35 +01:00
Christian Studer ea6ff20103
fix: [MISPAnalystData] Better handling of the different use cases 
- Additional checks for parent to support both
  the standalone and attached analyst data objects
- Standalone Analyst data objects with nested
  notes or opinions are defined with the nesting
  as they have no parent. When they are added to
  a parent data layer, the nested objects are then
  flattened
 2024-11-20 11:47:41 +01:00
Christian Studer df39554208
chg: [AnalystData] Flattening analyst data based on the recent changes on MISP standard format 
- Adding a note or an opinion will always add the
  new analyst data object to the list of notes or
  opinions at the parent data layer level
- `from_dict` on a JSON blob is also able to parse
  properly analyst data and generate flat lists
  regardless of whether the given data described
  in the new flat or previously nested format
 2024-11-19 13:49:53 +01:00
Christian Studer 8e288a4323
fix: [AnalystData] Typo... 2024-10-30 17:00:22 +01:00
Christian Studer 1dce13d61b
fix: [AnalystData] Avoiding issues with analyst data objects 2024-10-30 15:10:53 +01:00
Christian Studer d5e472b95d
fix: [AnalystData] A quick and simple typing fix 2024-10-30 12:19:11 +01:00
Raphaël Vinot b582999d7b new: Add delete role, test suite for roles 2024-07-26 11:43:20 +02:00
Sura De Silva 7c8df85a98 feat: Adds methods to get attribute by id/uuid 2024-06-25 06:38:13 +10:00
Raphaël Vinot 2cf5d99dc8 chg: A bit more refactoring 2024-05-06 16:39:07 +02:00
Raphaël Vinot 94a48a6fdd fix: Properly load AnalystData from dict 2024-05-06 15:24:04 +02:00
Raphaël Vinot 10ca6f191a fix: more changes to get the tests to pass 2024-05-06 14:40:25 +02:00
Raphaël Vinot 902ed5a92c chg: use from_dict in the mixin to initialize the objects 2024-05-06 12:19:04 +02:00
Sami Mokaddem 56be46320e
chg: [analyst-data] Added improvements, API endpoints and tests 2024-05-03 15:48:03 +02:00
Sami Mokaddem d03cea7a67
fix: [event-report] Make sure to generate an UUID 2024-04-29 15:08:47 +02:00
Sami Mokaddem f043718a76
Merge branch 'feature/analyst-data' into wip_analystdata 2024-04-29 14:40:35 +02:00
Sami Mokaddem 807c59cc05
chg: [analyst-data] Make sure to include note_type_name 2024-04-29 14:39:09 +02:00
Raphaël Vinot 40e7e4fa0b fix: pass kwargs to abstract 2024-04-29 14:05:57 +02:00
Raphaël Vinot ea8351df71 chg: Make mypy happy, change inheritance 2024-04-29 13:50:24 +02:00
Sami Mokaddem 34f22aa30d
chg: [analyst-data] Continued implementation of analyst-data support 2024-04-26 10:59:25 +02:00
Sami Mokaddem 0a0f0f2059
new: [analyst-data] Added initial support of analyst data concept and functions - WiP 2024-04-23 09:24:44 +02:00
Raphaël Vinot b5b4a5ef52 fix: More fixes to support responses from MISP 2024-02-01 17:24:24 +01:00
Raphaël Vinot 1da0d5adc1 chg: Add more strict typing, not done yet. 2024-02-01 14:40:12 +01:00
Raphaël Vinot 298e2f9035 chg: First batch of changes for strict typing 2024-01-30 12:51:23 +01:00
Raphaël Vinot 0562c63cec chg: Initial changes to use new annotations 2024-01-17 13:28:51 +01:00
Raphaël Vinot 1d24c1b3ce chg: make the publish_timestamp a string, as per specs 2024-01-09 12:40:09 +01:00
Jakub Onderka fca0b233cd new: [internal] Add support for orjson 
orjson is much faster library for decoding and encoding JSON formats
 2024-01-07 18:34:20 +01:00
Raphaël Vinot 6f6784ba88 chg: remove jsonschema from dependencies 2024-01-04 13:37:24 +01:00
Raphaël Vinot c921017cf7 fix: Avoid exception when the malware file name contains a "|" 2023-11-29 12:35:24 +01:00
Sura De Silva 10f4d30960 feat: introduce setter for galaxies 2023-07-03 12:57:52 +10:00
Raphaël Vinot bf541167fd chg: Include event reports by default in feed 2023-03-17 15:31:20 +01:00
UFOSmuggler 15e6bc2c18 Rename include_event_reports kwarg to with_event_reports, in-line with other kwarg naming 2023-03-15 13:32:45 +11:00
UFOSmuggler 80f242bbea Add kwarg to allow the inclusion of event reports into to_feed(), honour with_distribution and valid_distributions kwargs 2023-03-15 13:27:59 +11:00
Raphaël Vinot 1fb274821f chg: Re-order classes 2022-12-01 12:06:57 +01:00
Christian Studer 75a100a485
add: Added the `Galaxy` field to MISPAttribute using the MISPGalaxy class 
- Including an `add_galaxy` method similar to the
  one used for events
- `attribute.galaxies` gives the list of attached
  galaxy clusters
 2022-12-01 10:05:38 +01:00
Raphaël Vinot 2de22871d1 new: Basic support for listing, enabling and disabling decaying models 2022-11-22 14:48:23 +01:00
Raphaël Vinot fd05292d7c chg: Bump mypy 2022-11-09 13:29:06 +01:00
Raphaël Vinot 3ca8717e6c chg: Improve documentation for add_attribute 2022-08-10 10:48:07 +02:00
Raphaël Vinot 3ceba3feb1 fix: Mark all attributes in a soft deleted object as soft deleted too. 
Bump misp-objects, deps.
 2022-08-03 11:10:35 +02:00
Raphaël Vinot b85444a7ad chg: Improve warning on invalid template, bump deps 2022-07-28 15:10:42 +02:00
Christophe Vandeplas 4ddabe75b5 fig: [feed] fixes bugs during export with old data 2022-06-20 14:18:49 +02:00
Christophe Vandeplas 8b34993480 fix: [feed] fixes bug when template_uuid does not exist 2022-06-15 07:18:18 +02:00
Alexandre Dulaunoy cdf2ee08c1
chg: [FIPS] no clean way to support OpenSSL hashlib interface for FIPS 2022-01-27 15:56:16 +01:00
Alexandre Dulaunoy 14bf1f8189
chg: [FIPS] falling back on older version of Python not having usedforsecurity 2022-01-27 15:47:37 +01:00
Alexandre Dulaunoy 1efc735fb3
fix: [mispevent] cannot type 2022-01-27 15:34:18 +01:00
Alexandre Dulaunoy 6e018a4582
chg: [FIPS] in some cases, the `usedforsecurity` is not used. So fail if 
the FIPS compliance is required and then the `usedforsecurity` is
disabled
 2022-01-27 15:29:15 +01:00