Commit Graph

197 Commits (b2108e90c67637fdbefc8871e11fb7abb925b0dc)

Author SHA1 Message Date
Emmanuelle Vargas-Gonzalez c9bafaf5ae fix typo for Class X509V3ExtensionsType 2020-11-18 18:08:57 -05:00
Michael Chisholm f5bbbe7a3b Fix bug with reference type enforcement on property
where_sighted_refs on Sighting.
2020-11-16 15:04:24 -05:00
Emmanuelle Vargas-Gonzalez aa77f2b174 add test cases
additional file changes based on test cases
2020-11-10 21:09:17 -05:00
Emmanuelle Vargas-Gonzalez e4165f96aa major changes to support the extension mechanism
moved some version specific logic into their area, changes to decorators to support Object Registration with Extension
2020-11-10 18:32:58 -05:00
Emmanuelle Vargas-Gonzalez 22c4351688 flatten the extensions map, remove enclosing_type from ExtensionsProperty
other minor changes
2020-11-10 17:08:51 -05:00
Emmanuelle Vargas-Gonzalez 4340be13c4 changes to the ExtensionsProperty 2020-11-09 20:58:34 -05:00
Emmanuelle Vargas-Gonzalez 5cb52844dc fixing typos on Object types 2020-11-05 12:56:30 -05:00
Emmanuelle Vargas-Gonzalez b17f502e8f expose the "extensions" property on all object types
remove restriction on MarkingDefinition Object
2020-10-19 22:18:45 -04:00
Emmanuelle Vargas-Gonzalez 1bc11ce442 define the STIXExtension Object 2020-10-19 22:08:51 -04:00
Emmanuelle Vargas-Gonzalez 97dfe092f9 re-order properties 2020-10-19 19:23:30 -04:00
Chris Lenk 806389117f Allow mixing single objects and lists in bundles
...in bundle constructor

Related: #429.
2020-07-20 00:24:36 -04:00
Michael Chisholm d888eb60e2 Remove protocol_family and its uses from the v21 network
socket SCO extension.  It's a 2.0 property that got copied into
the 2.1 code by mistake.
2020-07-08 14:26:02 -04:00
Chris Lenk 8e785cbd05 Remove outdated comment 2020-07-06 16:42:33 -04:00
Emmanuelle Vargas-Gonzalez 9a0cb02ab3 nit-pick on v21 Indicator constructor 2020-06-30 13:58:19 -04:00
Chris Lenk b2ee33208f Set STIX 2.1 as default, fix indicator.valid_from 2020-06-26 16:43:19 -04:00
Michael Chisholm 99bf4215a3 Change all uses of ObjectReferenceProperty in 2.1 SCO classes
to ReferenceProperty.  Add a unit test to ensure that when a
stix2 object is passed as a value of a ReferenceProperty, that
the ID is properly pulled out and used as the actual property
value, and that it doesn't affect the deterministic ID
calculation.
2020-06-08 17:24:33 -04:00
Michael Chisholm 7def04fd6f Add __all__'s to v20 and v21/__init__.py to ensure that
star-imports from those modules get the right symbols.  "base"
was a problem because it was getting imported via
stix2/__init__.py and overwriting stix2.base, making the actual
stix2/base.py module inaccessible.
2020-06-03 17:39:09 -04:00
Chris Lenk df92770d25
Merge pull request #384 from oasis-open/365-versioned-classes
Validate custom type/property name formats
2020-04-03 17:30:24 -04:00
Chris Lenk 9145bdf5e8
Merge pull request #374 from chisholm/version_precision
Support STIX 2.1 version precision
2020-04-03 15:52:42 -04:00
Chris Lenk 03cb225932 Merge branch 'master' into 365-versioned-classes 2020-04-02 06:02:20 -04:00
Chris Lenk c494a2e477 Use TypeProperty.clean() to verify type format 2020-04-01 21:52:04 -04:00
Rich Piazza 46219bf072 add 2.1 links 2020-03-27 09:36:10 -04:00
Chris Lenk 01ba190525 Reorganize bases, use isinstance to check version
Renamed STIXDomainObject -> _DomainObject.
Renamed STIXRelationshipObject -> _RelationshipObject.
2020-03-27 02:40:42 -04:00
Chris Lenk e8035863b8
Make swid an id-contributing property 2020-03-21 23:56:09 -04:00
Chris Lenk e31634c32b Rework spec version detection for _STIXBase objs 2020-03-21 22:22:36 -04:00
Michael Chisholm 4aa69fa7c9 Add support for enforcing STIX 2.1 minimum precision requirement
on versioning timestamps.
2020-03-16 20:25:38 -04:00
Chris Lenk 3dda25e976
Merge pull request #362 from chisholm/file_id_contrib_props
Add parent_directory_ref as an ID contributing property for file SCOs
2020-03-12 09:36:16 -04:00
Chris Lenk 5abc139e79 Merge branch 'khdesai-fix_issue_338'; Close #347 2020-03-12 09:30:52 -04:00
Chris Lenk 3dd9351d38 Bring back lang, confidence for Course of Action 2020-03-12 09:24:43 -04:00
Desai, Kartikey H 82517ae284 Fixes #338 2020-03-12 09:24:43 -04:00
Desai, Kartikey H 8885a757cb Fix properties spec version back to 2.1, and re-adjust tests. Fixes #338 2020-03-12 09:24:43 -04:00
Desai, Kartikey H 36f7035785 Fixes #338 2020-03-12 09:24:43 -04:00
Chris Lenk e782d095ea
Merge pull request #369 from chisholm/malware_os_refs
Change software SCO: os_execution_envs -> operating_system_refs
2020-03-11 23:47:14 -04:00
Chris Lenk 94e3cd7ca6
Merge pull request #360 from chisholm/enforce_hash_keys
Enforce hash keys on 2.1 external-references
2020-03-11 23:13:55 -04:00
Chris Lenk 87c5ef30ad
Merge pull request #358 from chisholm/software_cpe_swid
Add swid property to the software SCO
2020-03-11 23:03:18 -04:00
Chris Lenk 33fb31421b
Merge pull request #357 from chisholm/malware_analysis_result
Update malware-analysis SDO's av_result property
2020-03-11 09:16:34 -04:00
Chris Lenk bdf7cab8fe
Merge pull request #356 from chisholm/malware_analysis_sample_ref
Add the "sample_ref" property to malware-analysis SDOs
2020-03-11 09:12:02 -04:00
Chris Lenk 2429533e4f
Merge pull request #355 from chisholm/optional_type_properties
Changed several *_types properties to be optional due to STIX spec change
2020-03-11 09:08:42 -04:00
Michael Chisholm 792cc570d7 Change the os_execution_envs property of software SCOs to
operating_system_refs, and add a test for it.
2020-03-06 19:43:47 -05:00
Michael Chisholm a862b930be Add parent_directory_ref as an ID contributing property for the
file SCO.
2020-03-05 17:18:32 -05:00
Michael Chisholm a5dc514403 Fix external-references to force hash keys to come from
hash-algorithm-ov.
2020-03-04 20:55:52 -05:00
Desai, Kartikey H a5cd0fdc50 Change location of None-check for id_contrib_props. Fixes #351 2020-03-04 14:46:55 -05:00
Desai, Kartikey H fc95b400ff Change default parameters from empty lists to None. Fixes #351 2020-03-04 14:29:35 -05:00
Michael Chisholm 4e2b018272 Add a property to the software SCO, due to STIX spec change. 2020-03-02 16:57:18 -05:00
Michael Chisholm d2bff4d411 Update malware-analysis SDO's av_result property: replace it with
result and result_name properties.  Per:
https://github.com/oasis-tcs/cti-stix2/issues/213
2020-02-27 17:26:04 -05:00
Michael Chisholm 50eb188190 Add the "sample_ref" property to malware-analysis SDOs, per:
https://github.com/oasis-tcs/cti-stix2/issues/210
2020-02-27 16:40:56 -05:00
Michael Chisholm 31c37a9b12 Changed several *_types properties which were formerly required,
to be optional, due to a STIX spec change.  Updated unit tests
accordingly.
2020-02-25 20:07:47 -05:00
Desai, Kartikey H 41e541959d Add _id_contributing_properties functionality to custom SCOs. Tests coming soon. Fixes #351 2020-02-24 21:11:42 -05:00
Desai, Kartikey H 8219b34ea4 Fix formatting issues. Fixes #336 2020-02-19 09:24:27 -05:00
Desai, Kartikey H 86f9e51a42 Fixes #336 2020-02-19 09:11:30 -05:00
Michael Chisholm 176cb980a2 Remove workaround for "values" being both a Mapping method name
and sometimes a STIX property name.  It didn't work (caused
crashes under some circumstances).  Now, attributes whose names
conflict with Mapping methods will have the Mapping
interpretation.  Same-named STIX object properties will not be
accessible as attributes.
2020-01-28 18:13:36 -05:00
Emmanuelle Vargas-Gonzalez 9463884170 add optional "name" StringProperty to MarkingDefinition
update TLP_* v21 constants according to spec
2020-01-28 13:19:23 -05:00
Desai, Kartikey H 4350680e79 Introduce and relocate version-based pattern checking. Fixes #307 2020-01-04 10:24:17 -05:00
Desai, Kartikey H a18612bdfb Fixes #307 2020-01-04 10:24:17 -05:00
Desai, Kartikey H e260dbb716 Fixes #309 2019-12-23 17:30:34 -05:00
Desai, Kartikey H 32d2a0a4fd Fixes #309 2019-12-23 17:30:34 -05:00
Chris Lenk cde57ce8f7
Merge pull request #315 from khdesai/fix_issue_308
Fix issue 308
2019-12-17 12:13:25 -05:00
Desai, Kartikey H 6df7da65b8 Fixes #308 2019-12-17 11:57:55 -05:00
Desai, Kartikey H 3a46d42aaa parse() handles observables in 2.1. Change mechanism for (in)valid_types in ReferenceProperty. Fix _custom_observable_builder to include ReferenceProperty instead of ObjectReferenceProperty, and added ID property to custom observables 2019-12-06 09:35:36 -05:00
Desai, Kartikey H aee296ea46 Fixes #296 2019-12-06 09:35:36 -05:00
Zach Rush 806c6c52d9 Added tests for other changes, and moved attribute defaults to an init function 2019-11-25 15:52:50 -05:00
Zach Rush 46f1778d04 Fixed all issues brought up in issue #305 by Chris Lenk 2019-11-22 13:24:09 -05:00
Chris Lenk 401c9ad950
Merge branch 'master' into stix2.1 2019-09-23 12:26:27 -04:00
Desai, Kartikey H f241ed5c6c Remove at_least_one=False from Artifact SCO 2019-09-18 10:56:42 -04:00
Desai, Kartikey H 3b1c922ba6 Fix observed data property check for at least one property existing 2019-09-18 10:29:07 -04:00
Desai, Kartikey H 8447c9fcd9 Add few tests to improve some code coverage 2019-09-11 14:21:41 -04:00
Zach Rush afa4af65c6 Fixing pre-commit things 2019-09-11 12:22:55 -04:00
Zach Rush e7a6554395 Fixing pre-commit issues 2019-09-11 12:12:26 -04:00
Zach Rush 53db47b447 Statement-type definitions will now match the timestamp precision given to them 2019-09-09 21:38:58 -04:00
Desai, Kartikey H abf2980336 Fix tests and ReferenceProperty 2019-09-04 19:08:34 -04:00
Desai, Kartikey H 44ebd64a16 Some test fixes. More coming soon 2019-08-30 03:47:47 -04:00
Desai, Kartikey H f69b13a006 Some more updates, primarily to ReferenceProperty (and related code) 2019-08-29 17:15:51 -04:00
Desai, Kartikey H 49077352d7 Updates and corrections for SCO WD 05 updates. Temp backup; testing and more fixes coming soon 2019-08-27 17:36:45 -04:00
Desai, Kartikey H bf1b8b567d Updates to allow existing tests to pass 2019-08-21 02:00:41 -04:00
Desai, Kartikey H 46359ead69 Modify a few things 2019-08-19 13:35:17 -04:00
Desai, Kartikey H ec55463398 Update SCO stuff to WD 05 2019-08-19 09:39:13 -04:00
Desai, Kartikey H dee2f1f60c Merge branch 'stix2.1' of https://github.com/oasis-open/cti-python-stix2 into wd05SCO 2019-08-12 08:16:00 -04:00
Michael Chisholm 5e5a03c001 Changed emitted deprecation warnings to a custom DeprecationWarning
subclass.  Changed the unit test to test for that specific
warning category, instead of any DeprecationWarning.
2019-08-07 10:16:18 -04:00
Michael Chisholm 27beec4060 Add a deprecation warning for the "objects" property of
observed-data.  Add a unit test to ensure we get the warning.
2019-07-29 16:35:38 -04:00
Michael Chisholm 8362d80206 Change "object_modified" property of LocationContent to be
optional.  Add a corresponding unit test.
2019-07-25 16:56:34 -04:00
Michael Chisholm 5589480980 Improved the exception class hierarchy:
- Removed all plain python base classes (e.g. ValueError, TypeError)
- Renamed InvalidPropertyConfigurationError -> PropertyPresenceError,
  since incorrect values could be considered a property config error, and
  I really just wanted this class to apply to presence (co-)constraint
  violations.
- Added ObjectConfigurationError as a superclass of InvalidValueError,
  PropertyPresenceError, and any other exception that could be raised
  during _STIXBase object init, which is when the spec compliance
  checks happen.  This class is intended to represent general spec
  violations.
- Did some class reordering in exceptions.py, so all the
  ObjectConfigurationError subclasses were together.

Changed how property "cleaning" errors were handled:
- Previous docs said they should all be ValueErrors, but that would require
  extra exception check-and-replace complexity in the property
  implementations, so that requirement is removed.  Doc is changed to just
  say that cleaning problems should cause exceptions to be raised.
  _STIXBase._check_property() now handles most exception types, not just
  ValueError.
- Decided to try chaining the original clean error to the InvalidValueError,
  in case the extra diagnostics would be helpful in the future.  This is
  done via 'six' adapter function and only works on python3.
- A small amount of testing was removed, since it was looking at custom
  exception properties which became unavailable once the exception was
  replaced with InvalidValueError.

Did another pass through unit tests to fix breakage caused by the changed
exception class hierarchy.

Removed unnecessary observable extension handling code from
parse_observable(), since it was all duplicated in ExtensionsProperty.
The redundant code in parse_observable() had different exception behavior
than ExtensionsProperty, which makes the API inconsistent and unit tests
more complicated.  (Problems in ExtensionsProperty get replaced with
InvalidValueError, but extensions problems handled directly in
parse_observable() don't get the same replacement, and so the exception
type is different.)

Redid the workbench monkeypatching.  The old way was impossible to make
work, and had caused ugly ripple effect hackage in other parts of the
codebase.  Now, it replaces the global object maps with factory functions
which behave the same way when called, as real classes.  Had to fix up a
few unit tests to get them all passing with this monkeypatching in place.
Also remove all the xfail markings in the workbench test suite, since all
tests now pass.

Since workbench monkeypatching isn't currently affecting any unit tests,
tox.ini was simplified to remove the special-casing for running the
workbench tests.

Removed the v20 workbench test suite, since the workbench currently only
works with the latest stix object version.
2019-07-19 14:50:11 -04:00
Desai, Kartikey H 4660d5ea28 Update SCO specs per WD 05 specs 2019-07-17 15:48:09 -04:00
Michael Chisholm 1b7abaf228 WIP: updating objects to be compliant with stix2.1 WD05. This
includes SDO/SRO class updates, but no unit test updates.  The
class updates broke unit tests, so that still needs to be
addressed.
2019-07-14 15:34:31 -04:00
Desai, Kartikey H ae35d2ab01 Add and update tests to conform code to WD04 SDO specs 2019-07-02 13:17:43 -04:00
Desai, Kartikey H c98fcafb1a Update tests to address conformance to WD04 specs 2019-07-01 15:26:30 -04:00
Desai, Kartikey H ef408e1971 preliminary changes to make stix2 code conform to WD 04 specs 2019-07-01 11:52:55 -04:00
Chris Lenk 953a91ba8e
Merge pull request #273 from chisholm/update_course_of_action
Update course of action for stix2.1 (again)
2019-06-28 12:32:14 -04:00
Chris Lenk 266516ebbc
Merge pull request #272 from chisholm/malware_analysis
Add stix2.1 malware-analysis SDO
2019-06-28 09:57:47 -04:00
chrisr3d 6aff018695
fix: Avoid issues with custom objects
- Custom objects type is dict, which makes it fail
  when the attribute 'id' is called
2019-06-27 17:19:05 +02:00
Michael Chisholm de93a2ee32 Fix stix2.1 course-of-action SDO class properties action_reference
and action_bin to have the correct types.
2019-06-26 19:54:28 -04:00
Michael Chisholm 5c92db9861 Add stix2.1 malware-analysis SDO 2019-06-26 17:06:26 -04:00
Chris Lenk b8c5bec101 Merge branch 'master' into stix2.1 2019-06-26 12:22:40 -04:00
Chris Lenk 28ac284b84 Remove unnecessary ObservedData constraint
first_observed and last_observed are both required, so this co-constraint was removed from WD04.
2019-06-26 11:18:47 -04:00
Michael Chisholm 58ff89f112 Update observed-data SDO class, adding the new stix2.1 property
"object_refs".  Added a couple tests for it.
2019-06-21 15:44:04 -04:00
Michael Chisholm a150b0f4aa Change all uses of IDProperty and ReferenceProperty to specify
a particular spec_version.
2019-06-14 17:58:51 -04:00
Michael Chisholm 4f593e6d16 Changes from the add-trailing-comma pre-commit hook 2019-06-12 14:49:34 -04:00
Michael Chisholm caa1d45ae2 Update stix2.1 course-of-action support to the latest spec. 2019-06-11 18:10:02 -04:00
Chris Lenk a6fa3ff1d7 Slightly change bundle error message 2019-05-22 11:05:01 -04:00
Desai, Kartikey H 86790a736f Fixes #257 2019-05-20 15:29:01 -05:00
Desai, Kartikey H 45d3020518 Fixes #257 2019-05-17 14:21:35 -05:00