Merge branch 'master' into 472-issue
commit
119364c889
|
@ -4,6 +4,7 @@ import time
|
||||||
|
|
||||||
from ...datastore import Filter
|
from ...datastore import Filter
|
||||||
from ...utils import STIXdatetime, parse_into_datetime
|
from ...utils import STIXdatetime, parse_into_datetime
|
||||||
|
from ..pattern import equivalent_patterns
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
@ -211,8 +212,7 @@ def custom_pattern_based(pattern1, pattern2):
|
||||||
float: Number between 0.0 and 1.0 depending on match criteria.
|
float: Number between 0.0 and 1.0 depending on match criteria.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
logger.warning("Indicator pattern equivalence is not fully defined; will default to zero if not completely identical")
|
return equivalent_patterns(pattern1, pattern2)
|
||||||
return exact_match(pattern1, pattern2) # TODO: Implement pattern based equivalence
|
|
||||||
|
|
||||||
|
|
||||||
def partial_external_reference_based(refs1, refs2):
|
def partial_external_reference_based(refs1, refs2):
|
||||||
|
|
|
@ -32,7 +32,7 @@ from .observables import (
|
||||||
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
||||||
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
||||||
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
||||||
X509Certificate, X509V3ExtenstionsType,
|
X509Certificate, X509V3ExtensionsType,
|
||||||
)
|
)
|
||||||
from .sdo import (
|
from .sdo import (
|
||||||
AttackPattern, Campaign, CourseOfAction, CustomObject, Identity, Indicator,
|
AttackPattern, Campaign, CourseOfAction, CustomObject, Identity, Indicator,
|
||||||
|
@ -123,7 +123,7 @@ __all__ = """
|
||||||
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
||||||
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
||||||
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
||||||
X509Certificate, X509V3ExtenstionsType,
|
X509Certificate, X509V3ExtensionsType,
|
||||||
|
|
||||||
AttackPattern, Campaign, CourseOfAction, CustomObject, Identity, Indicator,
|
AttackPattern, Campaign, CourseOfAction, CustomObject, Identity, Indicator,
|
||||||
IntrusionSet, Malware, ObservedData, Report, ThreatActor, Tool,
|
IntrusionSet, Malware, ObservedData, Report, ThreatActor, Tool,
|
||||||
|
|
|
@ -724,7 +724,7 @@ class WindowsRegistryKey(_Observable):
|
||||||
])
|
])
|
||||||
|
|
||||||
|
|
||||||
class X509V3ExtenstionsType(_STIXBase20):
|
class X509V3ExtensionsType(_STIXBase20):
|
||||||
"""For more detailed information on this object's properties, see
|
"""For more detailed information on this object's properties, see
|
||||||
`the STIX 2.0 specification <http://docs.oasis-open.org/cti/stix/v2.0/cs01/part4-cyber-observable-objects/stix-v2.0-cs01-part4-cyber-observable-objects.html#_Toc496716298>`__.
|
`the STIX 2.0 specification <http://docs.oasis-open.org/cti/stix/v2.0/cs01/part4-cyber-observable-objects/stix-v2.0-cs01-part4-cyber-observable-objects.html#_Toc496716298>`__.
|
||||||
""" # noqa
|
""" # noqa
|
||||||
|
@ -770,7 +770,7 @@ class X509Certificate(_Observable):
|
||||||
('subject_public_key_algorithm', StringProperty()),
|
('subject_public_key_algorithm', StringProperty()),
|
||||||
('subject_public_key_modulus', StringProperty()),
|
('subject_public_key_modulus', StringProperty()),
|
||||||
('subject_public_key_exponent', IntegerProperty()),
|
('subject_public_key_exponent', IntegerProperty()),
|
||||||
('x509_v3_extensions', EmbeddedObjectProperty(type=X509V3ExtenstionsType)),
|
('x509_v3_extensions', EmbeddedObjectProperty(type=X509V3ExtensionsType)),
|
||||||
('extensions', ExtensionsProperty(spec_version="2.0", enclosing_type=_type)),
|
('extensions', ExtensionsProperty(spec_version="2.0", enclosing_type=_type)),
|
||||||
])
|
])
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,7 @@ from .observables import (
|
||||||
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
||||||
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
||||||
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
||||||
X509Certificate, X509V3ExtenstionsType,
|
X509Certificate, X509V3ExtensionsType,
|
||||||
)
|
)
|
||||||
from .sdo import (
|
from .sdo import (
|
||||||
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
||||||
|
@ -131,7 +131,7 @@ __all__ = """
|
||||||
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
UNIXAccountExt, UserAccount, WindowsPEBinaryExt,
|
||||||
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
WindowsPEOptionalHeaderType, WindowsPESection, WindowsProcessExt,
|
||||||
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
WindowsRegistryKey, WindowsRegistryValueType, WindowsServiceExt,
|
||||||
X509Certificate, X509V3ExtenstionsType,
|
X509Certificate, X509V3ExtensionsType,
|
||||||
|
|
||||||
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
||||||
Indicator, Infrastructure, IntrusionSet, Location, Malware,
|
Indicator, Infrastructure, IntrusionSet, Location, Malware,
|
||||||
|
|
|
@ -851,7 +851,7 @@ class WindowsRegistryKey(_Observable):
|
||||||
_id_contributing_properties = ["key", "values"]
|
_id_contributing_properties = ["key", "values"]
|
||||||
|
|
||||||
|
|
||||||
class X509V3ExtenstionsType(_STIXBase21):
|
class X509V3ExtensionsType(_STIXBase21):
|
||||||
"""For more detailed information on this object's properties, see
|
"""For more detailed information on this object's properties, see
|
||||||
`the STIX 2.1 specification <https://docs.oasis-open.org/cti/stix/v2.1/cs01/stix-v2.1-cs01.html#_c1kt4dheb6vz>`__.
|
`the STIX 2.1 specification <https://docs.oasis-open.org/cti/stix/v2.1/cs01/stix-v2.1-cs01.html#_c1kt4dheb6vz>`__.
|
||||||
"""
|
"""
|
||||||
|
@ -899,7 +899,7 @@ class X509Certificate(_Observable):
|
||||||
('subject_public_key_algorithm', StringProperty()),
|
('subject_public_key_algorithm', StringProperty()),
|
||||||
('subject_public_key_modulus', StringProperty()),
|
('subject_public_key_modulus', StringProperty()),
|
||||||
('subject_public_key_exponent', IntegerProperty()),
|
('subject_public_key_exponent', IntegerProperty()),
|
||||||
('x509_v3_extensions', EmbeddedObjectProperty(type=X509V3ExtenstionsType)),
|
('x509_v3_extensions', EmbeddedObjectProperty(type=X509V3ExtensionsType)),
|
||||||
('object_marking_refs', ListProperty(ReferenceProperty(valid_types='marking-definition', spec_version='2.1'))),
|
('object_marking_refs', ListProperty(ReferenceProperty(valid_types='marking-definition', spec_version='2.1'))),
|
||||||
('granular_markings', ListProperty(GranularMarking)),
|
('granular_markings', ListProperty(GranularMarking)),
|
||||||
('defanged', BooleanProperty(default=lambda: False)),
|
('defanged', BooleanProperty(default=lambda: False)),
|
||||||
|
|
|
@ -55,7 +55,7 @@ from . import ( # noqa: F401
|
||||||
WindowsPEBinaryExt, WindowsPEOptionalHeaderType,
|
WindowsPEBinaryExt, WindowsPEOptionalHeaderType,
|
||||||
WindowsPESection, WindowsProcessExt, WindowsRegistryKey,
|
WindowsPESection, WindowsProcessExt, WindowsRegistryKey,
|
||||||
WindowsRegistryValueType, WindowsServiceExt, X509Certificate,
|
WindowsRegistryValueType, WindowsServiceExt, X509Certificate,
|
||||||
X509V3ExtenstionsType
|
X509V3ExtensionsType
|
||||||
)
|
)
|
||||||
from .datastore.filters import FilterSet
|
from .datastore.filters import FilterSet
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue