96 lines
3.1 KiB
Python
96 lines
3.1 KiB
Python
#!/usr/bin/env python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
import json
|
|
from json import JSONEncoder
|
|
import os
|
|
import sys
|
|
import collections
|
|
from glob import glob
|
|
|
|
try:
|
|
import jsonschema
|
|
HAS_JSONSCHEMA = True
|
|
except ImportError:
|
|
HAS_JSONSCHEMA = False
|
|
|
|
|
|
class EncodeWarningLists(JSONEncoder):
|
|
def default(self, obj):
|
|
try:
|
|
return obj._json()
|
|
except AttributeError:
|
|
return JSONEncoder.default(self, obj)
|
|
|
|
|
|
class PyMISPWarningListsError(Exception):
|
|
def __init__(self, message):
|
|
super(PyMISPWarningListsError, self).__init__(message)
|
|
self.message = message
|
|
|
|
|
|
class WarningList():
|
|
|
|
def __init__(self, warninglist):
|
|
self.warninglist = warninglist
|
|
self.list = self.warninglist['list']
|
|
self.description = self.warninglist['description']
|
|
self.version = int(self.warninglist['version'])
|
|
self.name = self.warninglist['name']
|
|
if self.warninglist.get('type'):
|
|
self.type = self.warninglist['type']
|
|
if self.warninglist.get('matching_attributes'):
|
|
self.matching_attributes = self.warninglist['matching_attributes']
|
|
|
|
def _json(self):
|
|
to_return = {'list': self.list, 'name': self.name, 'description': self.description,
|
|
'version': self.version}
|
|
if hasattr(self, 'type'):
|
|
to_return['type'] = self.type
|
|
if hasattr(self, 'matching_attributes'):
|
|
to_return['matching_attributes'] = self.matching_attributes
|
|
return to_return
|
|
|
|
def has_match(self, value):
|
|
if value in self.list:
|
|
return True
|
|
return False
|
|
|
|
|
|
class WarningLists(collections.Mapping):
|
|
|
|
def __init__(self):
|
|
self.root_dir_warninglists = os.path.join(os.path.abspath(os.path.dirname(sys.modules['pymispwarninglists'].__file__)),
|
|
'data', 'misp-warninglists', 'lists')
|
|
self.warninglists = {}
|
|
for warninglist_file in glob(os.path.join(self.root_dir_warninglists, '*', 'list.json')):
|
|
with open(warninglist_file, 'r') as f:
|
|
warninglist = json.load(f)
|
|
self.warninglists[warninglist['name']] = WarningList(warninglist)
|
|
|
|
def validate_with_schema(self):
|
|
if not HAS_JSONSCHEMA:
|
|
raise ImportError('jsonschema is required: pip install jsonschema')
|
|
schema = os.path.join(os.path.abspath(os.path.dirname(sys.modules['pymispwarninglists'].__file__)),
|
|
'data', 'misp-warninglists', 'schema.json')
|
|
with open(schema, 'r') as f:
|
|
loaded_schema = json.load(f)
|
|
for w in self.warninglists.values():
|
|
jsonschema.validate(w.warninglist, loaded_schema)
|
|
|
|
def __getitem__(self, name):
|
|
return self.warninglists[name]
|
|
|
|
def __iter__(self):
|
|
return iter(self.warninglists)
|
|
|
|
def search(self, value):
|
|
matches = []
|
|
for name, wl in self.warninglists.items():
|
|
if wl.has_match(value):
|
|
matches.append(wl)
|
|
return matches
|
|
|
|
def __len__(self):
|
|
return len(self.warninglists)
|