Add tests for kill chain phases.

stix2/__init__.py

@@ -1,7 +1,7 @@
 """Python APIs for STIX 2."""
 
 from .bundle import Bundle
-from .common import ExternalReference
+from .common import ExternalReference, KillChainPhase
 from .sdo import AttackPattern, Campaign, CourseOfAction, Identity, Indicator, \
     IntrusionSet, Malware, ObservedData, Report, ThreatActor, Tool, \
     Vulnerability

stix2/test/test_kill_chain_phases.py

@@ -0,0 +1,58 @@
+"""Tests for stix.ExternalReference"""
+
+import pytest
+
+import stix2
+
+LMCO_RECON = """{
+    "kill_chain_name": "lockheed-martin-cyber-kill-chain",
+    "phase_name": "reconnaissance"
+}"""
+
+
+def test_lockheed_martin_cyber_kill_chain():
+    recon = stix2.KillChainPhase(
+        kill_chain_name="lockheed-martin-cyber-kill-chain",
+        phase_name="reconnaissance",
+    )
+
+    assert str(recon) == LMCO_RECON
+
+
+FOO_PRE_ATTACK = """{
+    "kill_chain_name": "foo",
+    "phase_name": "pre-attack"
+}"""
+
+
+def test_lockheed_martin_cyber_kill_chain():
+    preattack = stix2.KillChainPhase(
+        kill_chain_name="foo",
+        phase_name="pre-attack",
+    )
+
+    assert str(preattack) == FOO_PRE_ATTACK
+
+
+def test_kill_chain_required_fields():
+
+    with pytest.raises(ValueError) as excinfo:
+        stix2.KillChainPhase()
+
+    assert str(excinfo.value) == "Missing required field(s) for KillChainPhase: (kill_chain_name, phase_name)."
+
+
+def test_kill_chain_required_field_chain_name():
+
+    with pytest.raises(ValueError) as excinfo:
+        stix2.KillChainPhase(phase_name="weaponization")
+
+    assert str(excinfo.value) == "Missing required field(s) for KillChainPhase: (kill_chain_name)."
+
+
+def test_kill_chain_required_field_phase_name():
+
+    with pytest.raises(ValueError) as excinfo:
+        stix2.KillChainPhase(kill_chain_name="lockheed-martin-cyber-kill-chain")
+
+    assert str(excinfo.value) == "Missing required field(s) for KillChainPhase: (phase_name)."