102 lines
3.2 KiB
Python
102 lines
3.2 KiB
Python
import datetime as dt
|
|
|
|
import pytest
|
|
import pytz
|
|
|
|
import stix2
|
|
|
|
from .constants import FAKE_TIME, MALWARE_ID, MALWARE_KWARGS
|
|
|
|
EXPECTED_MALWARE = """{
|
|
"created": "2016-05-12T08:17:27Z",
|
|
"id": "malware--fedcba98-7654-3210-fedc-ba9876543210",
|
|
"labels": [
|
|
"ransomware"
|
|
],
|
|
"modified": "2016-05-12T08:17:27Z",
|
|
"name": "Cryptolocker",
|
|
"type": "malware"
|
|
}"""
|
|
|
|
|
|
def test_malware_with_all_required_fields():
|
|
now = dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)
|
|
|
|
mal = stix2.Malware(
|
|
type="malware",
|
|
id=MALWARE_ID,
|
|
created=now,
|
|
modified=now,
|
|
labels=["ransomware"],
|
|
name="Cryptolocker",
|
|
)
|
|
|
|
assert str(mal) == EXPECTED_MALWARE
|
|
|
|
|
|
def test_malware_autogenerated_fields(malware):
|
|
assert malware.type == 'malware'
|
|
assert malware.id == 'malware--00000000-0000-0000-0000-000000000001'
|
|
assert malware.created == FAKE_TIME
|
|
assert malware.modified == FAKE_TIME
|
|
assert malware.labels == ['ransomware']
|
|
assert malware.name == "Cryptolocker"
|
|
|
|
assert malware['type'] == 'malware'
|
|
assert malware['id'] == 'malware--00000000-0000-0000-0000-000000000001'
|
|
assert malware['created'] == FAKE_TIME
|
|
assert malware['modified'] == FAKE_TIME
|
|
assert malware['labels'] == ['ransomware']
|
|
assert malware['name'] == "Cryptolocker"
|
|
|
|
|
|
def test_malware_type_must_be_malware():
|
|
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
|
stix2.Malware(type='xxx', **MALWARE_KWARGS)
|
|
|
|
assert excinfo.value.cls == stix2.Malware
|
|
assert excinfo.value.prop_name == "type"
|
|
assert excinfo.value.reason == "must equal 'malware'."
|
|
assert str(excinfo.value) == "Invalid value for Malware 'type': must equal 'malware'."
|
|
|
|
|
|
def test_malware_id_must_start_with_malware():
|
|
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
|
stix2.Malware(id='my-prefix--', **MALWARE_KWARGS)
|
|
|
|
assert excinfo.value.cls == stix2.Malware
|
|
assert excinfo.value.prop_name == "id"
|
|
assert excinfo.value.reason == "must start with 'malware--'."
|
|
assert str(excinfo.value) == "Invalid value for Malware 'id': must start with 'malware--'."
|
|
|
|
|
|
def test_malware_required_fields():
|
|
with pytest.raises(stix2.exceptions.MissingFieldsError) as excinfo:
|
|
stix2.Malware()
|
|
|
|
assert excinfo.value.cls == stix2.Malware
|
|
assert excinfo.value.fields == ["labels", "name"]
|
|
assert str(excinfo.value) == "Missing required field(s) for Malware: (labels, name)."
|
|
|
|
|
|
def test_malware_required_field_name():
|
|
with pytest.raises(stix2.exceptions.MissingFieldsError) as excinfo:
|
|
stix2.Malware(labels=['ransomware'])
|
|
|
|
assert excinfo.value.cls == stix2.Malware
|
|
assert excinfo.value.fields == ["name"]
|
|
assert str(excinfo.value) == "Missing required field(s) for Malware: (name)."
|
|
|
|
|
|
def test_cannot_assign_to_malware_attributes(malware):
|
|
with pytest.raises(ValueError) as excinfo:
|
|
malware.name = "Cryptolocker II"
|
|
|
|
assert str(excinfo.value) == "Cannot modify properties after creation."
|
|
|
|
|
|
def test_invalid_kwarg_to_malware():
|
|
with pytest.raises(TypeError) as excinfo:
|
|
stix2.Malware(my_custom_property="foo", **MALWARE_KWARGS)
|
|
assert str(excinfo.value) == "unexpected keyword arguments: ['my_custom_property']"
|