MISP
/
cti-python-stix2
mirror of https://github.com/MISP/cti-python-stix2
2
0
Fork 0
Code Issues Releases Wiki Activity

new approach towards validation of tlp instances

master
Emmanuelle Vargas-Gonzalez 2019-05-03 09:59:07 -04:00
parent fff0e9e731
commit 46c47a0d08
3 changed files with 82 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
stix2/utils.py
View File

@ -11,7 +11,7 @@ import pytz
import stix2.base
from .exceptions import (
InvalidValueError, RevokeError, UnmodifiablePropertyError,
InvalidValueError, RevokeError, TLPMarkingDefinitionError, UnmodifiablePropertyError,
)
# Sentinel value for properties that should be set to the current time.
@ -404,3 +404,66 @@ def is_marking(obj_or_id):
result = obj_or_id.startswith("marking-definition--")
return result
def check_tlp_marking(marking_obj, spec_version):
# Specific TLP Marking validation case.
if marking_obj["definition_type"] == "tlp":
color = marking_obj["definition"]["tlp"]
if color == "white":
if spec_version == '2.0':
w = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "white"}, "definition_type": "tlp",'
' "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "type": "marking-definition"}')
else:
w = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "white"}, "definition_type": "tlp",'
' "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "type": "marking-definition",'
' "spec_version": "2.1"}')
if marking_obj["id"] != "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9":
raise TLPMarkingDefinitionError(marking_obj["id"], w)
elif format_datetime(marking_obj["created"]) != "2017-01-20T00:00:00.000Z":
raise TLPMarkingDefinitionError(format_datetime(marking_obj["created"]), w)
elif color == "green":
if spec_version == '2.0':
g = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "green"}, "definition_type": "tlp",'
' "id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da", "type": "marking-definition"}')
else:
g = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "green"}, "definition_type": "tlp",'
' "id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da", "type": "marking-definition",'
' "spec_version": "2.1"}')
if marking_obj["id"] != "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da":
raise TLPMarkingDefinitionError(marking_obj["id"], g)
elif format_datetime(marking_obj["created"]) != "2017-01-20T00:00:00.000Z":
raise TLPMarkingDefinitionError(format_datetime(marking_obj["created"]), g)
elif color == "amber":
if spec_version == '2.0':
a = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "amber"}, "definition_type": "tlp",'
' "id": "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82", "type": "marking-definition"}')
else:
a = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "amber"}, "definition_type": "tlp",'
' "id": "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82", "type": "marking-definition",'
' "spec_version": "2.1"}')
if marking_obj["id"] != "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82":
raise TLPMarkingDefinitionError(marking_obj["id"], a)
elif format_datetime(marking_obj["created"]) != "2017-01-20T00:00:00.000Z":
raise TLPMarkingDefinitionError(format_datetime(marking_obj["created"]), a)
elif color == "red":
if spec_version == '2.0':
r = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "red"}, "definition_type": "tlp",'
' "id": "marking-definition--5e57c739-391a-4eb3-b6be-7d15ca92d5ed", "type": "marking-definition"}')
else:
r = ('{"created": "2017-01-20T00:00:00.000Z", "definition": {"tlp": "red"}, "definition_type": "tlp",'
' "id": "marking-definition--5e57c739-391a-4eb3-b6be-7d15ca92d5ed", "type": "marking-definition",'
' "spec_version": "2.1"}')
if marking_obj["id"] != "marking-definition--5e57c739-391a-4eb3-b6be-7d15ca92d5ed":
raise TLPMarkingDefinitionError(marking_obj["id"], r)
elif format_datetime(marking_obj["created"]) != "2017-01-20T00:00:00.000Z":
raise TLPMarkingDefinitionError(format_datetime(marking_obj["created"]), r)
else:
raise TLPMarkingDefinitionError(marking_obj["id"], "Does not match any TLP Marking definition")

10
stix2/v20/common.py
View File

@ -10,7 +10,7 @@ from ..properties import (
HashesProperty, IDProperty, ListProperty, Property, ReferenceProperty,
SelectorProperty, StringProperty, TimestampProperty, TypeProperty,
)
from ..utils import NOW, _get_dict
from ..utils import NOW, _get_dict, check_tlp_marking
class ExternalReference(_STIXBase):
@ -134,6 +134,14 @@ class MarkingDefinition(_STIXBase, _MarkingsMixin):
super(MarkingDefinition, self).__init__(**kwargs)
def _check_object_constraints(self):
super(MarkingDefinition, self)._check_object_constraints()
check_tlp_marking(self, '2.0')
def serialize(self, pretty=False, include_optional_defaults=False, **kwargs):
check_tlp_marking(self, '2.0')
return super(MarkingDefinition, self).serialize(pretty, include_optional_defaults, **kwargs)
OBJ_MAP_MARKING = {
'tlp': TLPMarking,

10
stix2/v21/common.py
View File

@ -11,7 +11,7 @@ from ..properties import (
IntegerProperty, ListProperty, Property, ReferenceProperty,
SelectorProperty, StringProperty, TimestampProperty, TypeProperty,
)
from ..utils import NOW, _get_dict
from ..utils import NOW, _get_dict, check_tlp_marking
class ExternalReference(_STIXBase):
@ -174,6 +174,14 @@ class MarkingDefinition(_STIXBase, _MarkingsMixin):
super(MarkingDefinition, self).__init__(**kwargs)
def _check_object_constraints(self):
super(MarkingDefinition, self)._check_object_constraints()
check_tlp_marking(self, '2.1')
def serialize(self, pretty=False, include_optional_defaults=False, **kwargs):
check_tlp_marking(self, '2.1')
return super(MarkingDefinition, self).serialize(pretty, include_optional_defaults, **kwargs)
OBJ_MAP_MARKING = {
'tlp': TLPMarking,