2018-07-03 13:00:18 +02:00
|
|
|
import datetime as dt
|
|
|
|
|
|
|
|
import pytest
|
|
|
|
import pytz
|
|
|
|
|
|
|
|
import stix2
|
|
|
|
|
|
|
|
from .constants import VULNERABILITY_ID
|
|
|
|
|
|
|
|
EXPECTED = """{
|
|
|
|
"type": "vulnerability",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "vulnerability--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
|
|
|
|
"created": "2016-05-12T08:17:27.000Z",
|
|
|
|
"modified": "2016-05-12T08:17:27.000Z",
|
|
|
|
"name": "CVE-2016-1234",
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"source_name": "cve",
|
|
|
|
"external_id": "CVE-2016-1234"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}"""
|
|
|
|
|
|
|
|
|
|
|
|
def test_vulnerability_example():
|
2018-07-03 15:40:51 +02:00
|
|
|
vulnerability = stix2.v21.Vulnerability(
|
2019-01-23 16:56:20 +01:00
|
|
|
id=VULNERABILITY_ID,
|
2018-07-03 13:00:18 +02:00
|
|
|
created="2016-05-12T08:17:27.000Z",
|
|
|
|
modified="2016-05-12T08:17:27.000Z",
|
|
|
|
name="CVE-2016-1234",
|
|
|
|
external_references=[
|
2018-07-13 17:10:05 +02:00
|
|
|
stix2.ExternalReference(
|
|
|
|
source_name='cve',
|
|
|
|
external_id="CVE-2016-1234",
|
|
|
|
),
|
2018-07-03 13:00:18 +02:00
|
|
|
],
|
|
|
|
)
|
|
|
|
|
|
|
|
assert str(vulnerability) == EXPECTED
|
|
|
|
|
|
|
|
|
2018-07-13 17:10:05 +02:00
|
|
|
@pytest.mark.parametrize(
|
|
|
|
"data", [
|
|
|
|
EXPECTED,
|
|
|
|
{
|
|
|
|
"created": "2016-05-12T08:17:27Z",
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"external_id": "CVE-2016-1234",
|
|
|
|
"source_name": "cve",
|
|
|
|
},
|
|
|
|
],
|
2019-01-23 16:56:20 +01:00
|
|
|
"id": VULNERABILITY_ID,
|
2018-07-13 17:10:05 +02:00
|
|
|
"modified": "2016-05-12T08:17:27Z",
|
|
|
|
"name": "CVE-2016-1234",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"type": "vulnerability",
|
|
|
|
},
|
|
|
|
],
|
|
|
|
)
|
2018-07-03 13:00:18 +02:00
|
|
|
def test_parse_vulnerability(data):
|
2018-07-03 15:40:51 +02:00
|
|
|
vuln = stix2.parse(data, version="2.1")
|
2018-07-03 13:00:18 +02:00
|
|
|
|
|
|
|
assert vuln.type == 'vulnerability'
|
2018-07-03 15:40:51 +02:00
|
|
|
assert vuln.spec_version == '2.1'
|
2018-07-03 13:00:18 +02:00
|
|
|
assert vuln.id == VULNERABILITY_ID
|
|
|
|
assert vuln.created == dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)
|
|
|
|
assert vuln.modified == dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)
|
|
|
|
assert vuln.name == "CVE-2016-1234"
|
|
|
|
assert vuln.external_references[0].external_id == "CVE-2016-1234"
|
|
|
|
assert vuln.external_references[0].source_name == "cve"
|
|
|
|
|
|
|
|
# TODO: Add other examples
|