Commit Graph

113 Commits (0d770972cfb79eaf328170aca64776f55e07ec1e)

Author SHA1 Message Date
Richard Piazza 6fa009e509 added object_paths
added more tests for pattern expressions
added "set" comparison expressions
implemented make_constant
fixed type name for EmailAddress
2017-07-18 20:30:02 +00:00
Richard Piazza c1b07ef505 Introduce constant objects for literals in pattern expressions
fixed idioms
2017-07-18 20:26:46 +00:00
Richard Piazza c8bcece6f6 added tests for expressions
fix __str__ methods
2017-07-18 20:26:46 +00:00
Richard Piazza c0467da5f9 added classes for Pattern Expressions 2017-07-18 20:26:44 +00:00
clenk e1330692c8 Move ObservableProperty, ExtensionsProperty, and Observable parsing code
into observables.py to prevent circular imports and fix #23.
2017-07-14 15:10:12 -04:00
clenk 0c47936ee0 Create ObjectFactory class
currently only supports created_by_ref
2017-07-12 11:36:15 -04:00
clenk 6f680be8a6 Add stix2.__version__ 2017-07-06 09:41:50 -04:00
clenk 1d3c59cc44 Move TLP constants up to stix2 namespace 2017-07-05 13:27:09 -04:00
clenk fdbb6ff337 Add custom Cyber Observables 2017-06-14 09:36:35 -04:00
clenk bcfb13f23c Add custom STIX Object types 2017-06-12 16:22:16 -04:00
clenk 8f1ae4e6d3 Add custom properties via 'allow_custom'
Custom properties can be specified by passing them to a STIX object
constructor in the 'custom_properties' argument, or with the
'allow_custom' argument set to True, which will add any unrecognized
keyword arguments as properties on the object. The 'allow_custom'
argument can also be used with the parse() and parse_observable()
functions.
An error is now raised when attempting to parse objects without a 'type'
property, such as external references, kill chain phases, and granular
markings. The object which contains them is what should be parsed, not
these objects themselves.
2017-06-12 13:04:20 -04:00
clenk 9761c37f20 Replace 'field' with 'property' to be consistent
with the specification
2017-05-16 12:27:30 -04:00
Richard Piazza 6456e490cc added rest of cyber observables extensions and embedded objects
set up EXT_MAPs
added FloatProperty
implemented ExtensionsProperty
2017-05-15 13:48:41 -04:00
clenk 0568a0e671 Add ExtensionsProperty and ArchiveExt 2017-05-12 11:22:23 -04:00
clenk 13245d28ce Add EnumProperty, use it in WindowsRegistryValueType 2017-05-10 11:52:59 -04:00
clenk bdd18be6c3 Switch to isort for checking import order
because it has a pre-commit hook
2017-05-09 15:10:53 -04:00
clenk f4c813d84b Merge branch 'parse-cyber-observables' 2017-05-09 12:39:17 -04:00
clenk 555c81d30f Add EmailMessage and EmbeddedObjectProperty (for embedded object types
like EmailMIMEComponent)
2017-05-09 11:03:19 -04:00
Richard Piazza 125f57e297 added basic cyber observables
added some test cases
in Observable constructor permit no _valid_refs in kwargs
in Observable._check_property ensure that the prop_name is in the kwargs
2017-05-08 21:03:15 -04:00
clenk 04e3a72a7d Add EmailAddress and ObjectReferenceProperty 2017-05-05 12:32:02 -04:00
clenk 1a75d830bb Add Autonomous System 2017-05-03 18:19:30 -04:00
clenk 2c67b90638 Add Artifact type 2017-05-03 17:35:33 -04:00
clenk fe4c4d78fc Fix typos, add to Property class documentation, small performance
boosts, and let strings and booleans in a ListProperty be handled by
__call__().
2017-04-24 17:34:16 -04:00
clenk 76acd8c0c2 Merge branch 'master' into parsing 2017-04-19 15:22:36 -04:00
clenk d06df8b9da Fix parsing errors
- Typos in Attack Pattern tests
- Put MarkingDefinition, ExternalReference, and KillChainPhase together
  in a file for objects that aren't SDOs or SROs
- Create utility function to return dictionary from string or
  file-like object
- Put off testing parsing Cyber Observable Objects until a later commit
2017-04-19 14:32:56 -04:00
clenk fabfbe20ec Parse all SDOs and SROs 2017-04-19 09:22:08 -04:00
Greg Back 2aa1f5cedd Add exception for invalid Property values. 2017-04-18 14:19:16 -05:00
clenk bc8bdccece Merge branch 'master' into parsing 2017-04-11 15:05:22 -04:00
clenk 168105603b Parse dictionaries as well as strings and file-like objects 2017-04-10 10:42:07 -04:00
Richard Piazza 3c17c9259c Add Sighting object and data markings
- Update ReferenceProperty to allow specifying a particular object type
- Update ListProperty and add SelectorProperty
- Add description to Relationship
2017-04-07 16:07:17 -05:00
clenk 5e4ca9e882 Add parsing of Malware objects 2017-04-05 17:12:44 -04:00
Greg Back a0600b5ba4 Fix or ignore Flake8 warnings. 2017-03-22 08:05:59 -05:00
Greg Back 7ef6e20e9a Add tests for kill chain phases. 2017-02-24 12:53:57 -06:00
Greg Back 805c15c397 Add tests for all SDOs 2017-02-24 11:56:55 -06:00
Greg Back 96e880b49b Refactor library into separate files. 2017-02-10 15:35:02 -06:00
Greg Back 1a46a4b073 Add external references. 2017-02-02 10:58:46 -06:00
Greg Back 5d7ed643bd Check for required args first, and check for them all at once.
This is necessary for versions of Python <3.6, where dictionaries are
unordered by default, meaning we can't ensure the order in which fields
are checked.
2017-02-02 10:17:13 -06:00
Greg Back 1ba064734b Special handling for timestamp fields.
If a type has more than one timestamp field that should be automatically generated,
we want them to all be same, not vary by milliseconds.
2017-02-02 09:50:35 -06:00
Greg Back 675a29dbfb Add support for required fields with no default values. 2017-02-02 08:53:46 -06:00
Greg Back 67c3311672 Handle ID fields in a generic way. 2017-02-02 08:33:36 -06:00
Greg Back 724774900d Generic form of JSON serialization 2017-02-01 16:04:20 -06:00
Greg Back 2a1709a7de Allow passing objects to Bundle as args 2017-02-01 14:57:07 -06:00
Greg Back 58fccd7f7d Further refactoring bundle. 2017-02-01 14:52:18 -06:00
Greg Back ce31356839 start of automated property checking. 2017-02-01 14:35:41 -06:00
Greg Back b4eb6c1fd1 Refactor common ID check. 2017-02-01 13:44:57 -06:00
Greg Back b5ab54b6a9 WIP: convert bundle to using kwargs. 2017-02-01 13:34:44 -06:00
Greg Back 8843e9b190 WIP: refactor common fields. 2017-02-01 13:27:24 -06:00
Greg Back 855ca929fa Add initial Bundle implementation. 2017-01-18 16:58:25 -08:00
Greg Back e4e75e459b Update how fixtures work during testing. 2017-01-18 16:57:26 -08:00
Greg Back 4d9dcafbc6 Small fixups 2017-01-18 16:10:18 -08:00
Greg Back 742d9645d6 Allow shorter syntax for creating relationships. 2017-01-18 15:14:56 -08:00
Greg Back fd548a5f41 Allow creating relationships from objects, not just IDs. 2017-01-18 15:14:22 -08:00
Greg Back da75833400 Add Relationship class with required fields. 2017-01-18 10:59:28 -08:00
Greg Back 022f7c9166 Convert constructors to kwargs. 2017-01-17 17:25:40 -08:00
Greg Back 4eaa87660b Pull out __str__ function 2017-01-17 16:58:17 -08:00
Greg Back 3e7adef792 Add Malware object with required fields. 2017-01-17 16:53:27 -08:00
Greg Back ef0b80ad44 Allow attribute and key-based access. Make immutable. 2017-01-17 15:52:03 -08:00
Greg Back eeec5a4ce3 Allow key-based access along with attribute access 2017-01-17 15:03:56 -08:00
Greg Back 31cebdd34a Add tests for required fields. 2017-01-17 14:52:56 -08:00
Greg Back ebf6513445 Check for valid IDs and types on indicators. 2017-01-17 14:46:00 -08:00
Greg Back 6761d1fdfc Add required fields to Indicator. 2017-01-17 14:07:49 -08:00
Greg Back 2f8c2780c2 Initial tests for STIX 2 2017-01-17 12:37:47 -08:00
Greg Back 86585d229e Initial package files. 2017-01-17 08:54:39 -08:00