RubyGems - ruby-stix2 - Versions diffs - 0.1.0 → 0.1.2 - Mend

ruby-stix2 0.1.0 → 0.1.2

Files changed (72) hide show

checksums.yaml +4 -4
data/.github/workflows/build.yml +4 -3
data/Gemfile +1 -1
data/Gemfile.lock +54 -1
data/README.md +49 -3
data/lib/stix2/base.rb +7 -0
data/lib/stix2/bundle.rb +1 -2
data/lib/stix2/common.rb +104 -22
data/lib/stix2/confidence_scale.rb +106 -0
data/lib/stix2/custom_object.rb +20 -0
data/lib/stix2/cyberobservable_objects/artifact.rb +1 -1
data/lib/stix2/cyberobservable_objects/directory.rb +1 -1
data/lib/stix2/cyberobservable_objects/domain_name.rb +1 -1
data/lib/stix2/cyberobservable_objects/email_message.rb +7 -7
data/lib/stix2/cyberobservable_objects/file.rb +2 -2
data/lib/stix2/cyberobservable_objects/ipv4_addr.rb +4 -4
data/lib/stix2/cyberobservable_objects/ipv6_addr.rb +4 -4
data/lib/stix2/cyberobservable_objects/network_traffic.rb +3 -3
data/lib/stix2/cyberobservable_objects/process.rb +17 -0
data/lib/stix2/cyberobservable_objects/software.rb +1 -1
data/lib/stix2/cyberobservable_objects/user_account.rb +4 -4
data/lib/stix2/cyberobservable_objects/x509_certificate.rb +4 -2
data/lib/stix2/domain_objects/attack_pattern.rb +3 -3
data/lib/stix2/domain_objects/campaign.rb +1 -1
data/lib/stix2/domain_objects/grouping.rb +1 -1
data/lib/stix2/domain_objects/identity.rb +1 -1
data/lib/stix2/domain_objects/indicator.rb +2 -2
data/lib/stix2/domain_objects/infrastructure.rb +3 -3
data/lib/stix2/domain_objects/intrusion-set.rb +3 -3
data/lib/stix2/domain_objects/malware.rb +9 -9
data/lib/stix2/domain_objects/malware_analysis.rb +3 -3
data/lib/stix2/domain_objects/note.rb +2 -2
data/lib/stix2/domain_objects/observed_data.rb +1 -1
data/lib/stix2/domain_objects/opinion.rb +2 -2
data/lib/stix2/domain_objects/report.rb +2 -2
data/lib/stix2/domain_objects/threat_actor.rb +6 -6
data/lib/stix2/domain_objects/tool.rb +3 -3
data/lib/stix2/enum.rb +81 -22
data/lib/stix2/extension_definition.rb +10 -0
data/lib/stix2/extensions/alternate_data_stream_type.rb +9 -0
data/lib/stix2/extensions/archive_file.rb +8 -0
data/lib/stix2/extensions/http_request.rb +12 -0
data/lib/stix2/extensions/icmp.rb +8 -0
data/lib/stix2/extensions/ntfs.rb +10 -0
data/lib/stix2/extensions/pdf.rb +11 -0
data/lib/stix2/extensions/raster_image.rb +10 -0
data/lib/stix2/extensions/socket.rb +13 -0
data/lib/stix2/extensions/tcp.rb +8 -0
data/lib/stix2/extensions/unix_account.rb +10 -0
data/lib/stix2/extensions/windows_pe_optional_header_type.rb +37 -0
data/lib/stix2/extensions/windows_pe_section_type.rb +10 -0
data/lib/stix2/extensions/windows_pebinary.rb +21 -0
data/lib/stix2/extensions/windows_process.rb +13 -0
data/lib/stix2/extensions/windows_service.rb +14 -0
data/lib/stix2/external_reference.rb +2 -6
data/lib/stix2/identifier.rb +2 -12
data/lib/stix2/kill_chain_phase.rb +3 -7
data/lib/stix2/languages.rb +236 -0
data/lib/stix2/meta_objects/data_markings/base.rb +1 -4
data/lib/stix2/meta_objects/data_markings/granular_marking.rb +2 -6
data/lib/stix2/meta_objects/data_markings/marking_definition.rb +2 -2
data/lib/stix2/meta_objects/data_markings/object_marking.rb +3 -13
data/lib/stix2/meta_objects/language_content.rb +1 -1
data/lib/stix2/ov.rb +266 -255
data/lib/stix2/relationship_objects/relationship.rb +155 -2
data/lib/stix2/relationship_objects/sighting.rb +3 -3
data/lib/stix2/storage.rb +21 -15
data/lib/stix2/version.rb +1 -1
data/lib/stix2.rb +100 -72
data/ruby-stix2.gemspec +25 -21
metadata +73 -11
data/lib/stix2/boolean.rb +0 -18

data/lib/stix2/external_reference.rb CHANGED Viewed

@@ -1,13 +1,9 @@
 module Stix2
-  class ExternalReference < Hashie::Dash
-    include Hashie::Extensions::Dash::PredefinedValues
-    include Hashie::Extensions::IndifferentAccess
-    include Hashie::Extensions::Dash::Coercion
+  class ExternalReference < Stix2::Base
     property :source_name, coerce: String, required: true
     property :description, coerce: String
     property :url, coerce: String
-    property :hashes, coerce: ->(hsh){ hash_dict(hsh) }
+    property :hashes, coerce: ->(hsh) { hash_dict(hsh) }
     property :external_id, coerce: String
   end
 end

data/lib/stix2/identifier.rb CHANGED Viewed

@@ -1,18 +1,8 @@
 module Stix2
-  class Identifier
+  class Identifier < String
     def initialize(value)
       value.match(/.*--.*/) || raise("Invalid identifier: #{value}")
-      @value = value
-    end
-    def to_s
-      @value
-    end
-    def pretty_print(pp)
-      # :nocov:
-      pp.text(@value.inspect)
-      # :nocov
+      super(value)
     end
   end
 end

data/lib/stix2/kill_chain_phase.rb CHANGED Viewed

@@ -1,10 +1,6 @@
 module Stix2
-  class KillChainPhase < Hashie::Dash
-    include Hashie::Extensions::Dash::PredefinedValues
-    include Hashie::Extensions::IndifferentAccess
-    include Hashie::Extensions::Dash::Coercion
-    property :kill_chain_name, coerce: String
-    property :phase_name, coerce: String
+  class KillChainPhase < Stix2::Base
+    property :kill_chain_name, required: true, coerce: String
+    property :phase_name, required: true, coerce: String
   end
 end

data/lib/stix2/languages.rb ADDED Viewed

@@ -0,0 +1,236 @@
+module Stix2
+  RFC5646_LANGUAGE_TAGS = {
+    "af" => "Afrikaans",
+    "af-ZA" => "Afrikaans (South Africa)",
+    "ar" => "Arabic",
+    "ar-AE" => "Arabic (U.A.E.)",
+    "ar-BH" => "Arabic (Bahrain)",
+    "ar-DZ" => "Arabic (Algeria)",
+    "ar-EG" => "Arabic (Egypt)",
+    "ar-IQ" => "Arabic (Iraq)",
+    "ar-JO" => "Arabic (Jordan)",
+    "ar-KW" => "Arabic (Kuwait)",
+    "ar-LB" => "Arabic (Lebanon)",
+    "ar-LY" => "Arabic (Libya)",
+    "ar-MA" => "Arabic (Morocco)",
+    "ar-OM" => "Arabic (Oman)",
+    "ar-QA" => "Arabic (Qatar)",
+    "ar-SA" => "Arabic (Saudi Arabia)",
+    "ar-SY" => "Arabic (Syria)",
+    "ar-TN" => "Arabic (Tunisia)",
+    "ar-YE" => "Arabic (Yemen)",
+    "az" => "Azeri (Latin)",
+    "az-AZ" => "Azeri (Latin) (Azerbaijan)",
+    "az-Cyrl-AZ" => "Azeri (Cyrillic) (Azerbaijan)",
+    "be" => "Belarusian",
+    "be-BY" => "Belarusian (Belarus)",
+    "bg" => "Bulgarian",
+    "bg-BG" => "Bulgarian (Bulgaria)",
+    "bs-BA" => "Bosnian (Bosnia and Herzegovina)",
+    "ca" => "Catalan",
+    "ca-ES" => "Catalan (Spain)",
+    "cs" => "Czech",
+    "cs-CZ" => "Czech (Czech Republic)",
+    "cy" => "Welsh",
+    "cy-GB" => "Welsh (United Kingdom)",
+    "da" => "Danish",
+    "da-DK" => "Danish (Denmark)",
+    "de" => "German",
+    "de-AT" => "German (Austria)",
+    "de-CH" => "German (Switzerland)",
+    "de-DE" => "German (Germany)",
+    "de-LI" => "German (Liechtenstein)",
+    "de-LU" => "German (Luxembourg)",
+    "dv" => "Divehi",
+    "dv-MV" => "Divehi (Maldives)",
+    "el" => "Greek",
+    "el-GR" => "Greek (Greece)",
+    "en" => "English",
+    "en-AU" => "English (Australia)",
+    "en-BZ" => "English (Belize)",
+    "en-CA" => "English (Canada)",
+    "en-CB" => "English (Caribbean)",
+    "en-GB" => "English (United Kingdom)",
+    "en-IE" => "English (Ireland)",
+    "en-JM" => "English (Jamaica)",
+    "en-NZ" => "English (New Zealand)",
+    "en-PH" => "English (Republic of the Philippines)",
+    "en-TT" => "English (Trinidad and Tobago)",
+    "en-US" => "English (United States)",
+    "en-ZA" => "English (South Africa)",
+    "en-ZW" => "English (Zimbabwe)",
+    "eo" => "Esperanto",
+    "es" => "Spanish",
+    "es-AR" => "Spanish (Argentina)",
+    "es-BO" => "Spanish (Bolivia)",
+    "es-CL" => "Spanish (Chile)",
+    "es-CO" => "Spanish (Colombia)",
+    "es-CR" => "Spanish (Costa Rica)",
+    "es-DO" => "Spanish (Dominican Republic)",
+    "es-EC" => "Spanish (Ecuador)",
+    "es-ES" => "Spanish (Spain)",
+    "es-GT" => "Spanish (Guatemala)",
+    "es-HN" => "Spanish (Honduras)",
+    "es-MX" => "Spanish (Mexico)",
+    "es-NI" => "Spanish (Nicaragua)",
+    "es-PA" => "Spanish (Panama)",
+    "es-PE" => "Spanish (Peru)",
+    "es-PR" => "Spanish (Puerto Rico)",
+    "es-PY" => "Spanish (Paraguay)",
+    "es-SV" => "Spanish (El Salvador)",
+    "es-UY" => "Spanish (Uruguay)",
+    "es-VE" => "Spanish (Venezuela)",
+    "et" => "Estonian",
+    "et-EE" => "Estonian (Estonia)",
+    "eu" => "Basque",
+    "eu-ES" => "Basque (Spain)",
+    "fa" => "Farsi",
+    "fa-IR" => "Farsi (Iran)",
+    "fi" => "Finnish",
+    "fi-FI" => "Finnish (Finland)",
+    "fo" => "Faroese",
+    "fo-FO" => "Faroese (Faroe Islands)",
+    "fr" => "French",
+    "fr-BE" => "French (Belgium)",
+    "fr-CA" => "French (Canada)",
+    "fr-CH" => "French (Switzerland)",
+    "fr-FR" => "French (France)",
+    "fr-LU" => "French (Luxembourg)",
+    "fr-MC" => "French (Principality of Monaco)",
+    "gl" => "Galician",
+    "gl-ES" => "Galician (Spain)",
+    "gu" => "Gujarati",
+    "gu-IN" => "Gujarati (India)",
+    "he" => "Hebrew",
+    "he-IL" => "Hebrew (Israel)",
+    "hi" => "Hindi",
+    "hi-IN" => "Hindi (India)",
+    "hr" => "Croatian",
+    "hr-BA" => "Croatian (Bosnia and Herzegovina)",
+    "hr-HR" => "Croatian (Croatia)",
+    "hu" => "Hungarian",
+    "hu-HU" => "Hungarian (Hungary)",
+    "hy" => "Armenian",
+    "hy-AM" => "Armenian (Armenia)",
+    "id" => "Indonesian",
+    "id-ID" => "Indonesian (Indonesia)",
+    "is" => "Icelandic",
+    "is-IS" => "Icelandic (Iceland)",
+    "it" => "Italian",
+    "it-CH" => "Italian (Switzerland)",
+    "it-IT" => "Italian (Italy)",
+    "ja" => "Japanese",
+    "ja-JP" => "Japanese (Japan)",
+    "ka" => "Georgian",
+    "ka-GE" => "Georgian (Georgia)",
+    "kk" => "Kazakh",
+    "kk-KZ" => "Kazakh (Kazakhstan)",
+    "kn" => "Kannada",
+    "kn-IN" => "Kannada (India)",
+    "ko" => "Korean",
+    "ko-KR" => "Korean (Korea)",
+    "kok" => "Konkani",
+    "kok-IN" => "Konkani (India)",
+    "ky" => "Kyrgyz",
+    "ky-KG" => "Kyrgyz (Kyrgyzstan)",
+    "lt" => "Lithuanian",
+    "lt-LT" => "Lithuanian (Lithuania)",
+    "lv" => "Latvian",
+    "lv-LV" => "Latvian (Latvia)",
+    "mi" => "Maori",
+    "mi-NZ" => "Maori (New Zealand)",
+    "mk" => "FYRO Macedonian",
+    "mk-MK" => "FYRO Macedonian (Former Yugoslav Republic of Macedonia)",
+    "mn" => "Mongolian",
+    "mn-MN" => "Mongolian (Mongolia)",
+    "mr" => "Marathi",
+    "mr-IN" => "Marathi (India)",
+    "ms" => "Malay",
+    "ms-BN" => "Malay (Brunei Darussalam)",
+    "ms-MY" => "Malay (Malaysia)",
+    "mt" => "Maltese",
+    "mt-MT" => "Maltese (Malta)",
+    "nb" => "Norwegian (Bokm?l)",
+    "nb-NO" => "Norwegian (Bokm?l) (Norway)",
+    "nl" => "Dutch",
+    "nl-BE" => "Dutch (Belgium)",
+    "nl-NL" => "Dutch (Netherlands)",
+    "nn-NO" => "Norwegian (Nynorsk) (Norway)",
+    "ns" => "Northern Sotho",
+    "ns-ZA" => "Northern Sotho (South Africa)",
+    "pa" => "Punjabi",
+    "pa-IN" => "Punjabi (India)",
+    "pl" => "Polish",
+    "pl-PL" => "Polish (Poland)",
+    "ps" => "Pashto",
+    "ps-AR" => "Pashto (Afghanistan)",
+    "pt" => "Portuguese",
+    "pt-BR" => "Portuguese (Brazil)",
+    "pt-PT" => "Portuguese (Portugal)",
+    "qu" => "Quechua",
+    "qu-BO" => "Quechua (Bolivia)",
+    "qu-EC" => "Quechua (Ecuador)",
+    "qu-PE" => "Quechua (Peru)",
+    "ro" => "Romanian",
+    "ro-RO" => "Romanian (Romania)",
+    "ru" => "Russian",
+    "ru-RU" => "Russian (Russia)",
+    "sa" => "Sanskrit",
+    "sa-IN" => "Sanskrit (India)",
+    "se" => "Sami",
+    "se-FI" => "Sami (Finland)",
+    "se-NO" => "Sami (Norway)",
+    "se-SE" => "Sami (Sweden)",
+    "sk" => "Slovak",
+    "sk-SK" => "Slovak (Slovakia)",
+    "sl" => "Slovenian",
+    "sl-SI" => "Slovenian (Slovenia)",
+    "sq" => "Albanian",
+    "sq-AL" => "Albanian (Albania)",
+    "sr-BA" => "Serbian (Latin) (Bosnia and Herzegovina)",
+    "sr-Cyrl-BA" => "Serbian (Cyrillic) (Bosnia and Herzegovina)",
+    "sr-SP" => "Serbian (Latin) (Serbia and Montenegro)",
+    "sr-Cyrl-SP" => "Serbian (Cyrillic) (Serbia and Montenegro)",
+    "sv" => "Swedish",
+    "sv-FI" => "Swedish (Finland)",
+    "sv-SE" => "Swedish (Sweden)",
+    "sw" => "Swahili",
+    "sw-KE" => "Swahili (Kenya)",
+    "syr" => "Syriac",
+    "syr-SY" => "Syriac (Syria)",
+    "ta" => "Tamil",
+    "ta-IN" => "Tamil (India)",
+    "te" => "Telugu",
+    "te-IN" => "Telugu (India)",
+    "th" => "Thai",
+    "th-TH" => "Thai (Thailand)",
+    "tl" => "Tagalog",
+    "tl-PH" => "Tagalog (Philippines)",
+    "tn" => "Tswana",
+    "tn-ZA" => "Tswana (South Africa)",
+    "tr" => "Turkish",
+    "tr-TR" => "Turkish (Turkey)",
+    "tt" => "Tatar",
+    "tt-RU" => "Tatar (Russia)",
+    "ts" => "Tsonga",
+    "uk" => "Ukrainian",
+    "uk-UA" => "Ukrainian (Ukraine)",
+    "ur" => "Urdu",
+    "ur-PK" => "Urdu (Islamic Republic of Pakistan)",
+    "uz" => "Uzbek (Latin)",
+    "uz-UZ" => "Uzbek (Latin) (Uzbekistan)",
+    "uz-Cyrl-UZ" => "Uzbek (Cyrillic) (Uzbekistan)",
+    "vi" => "Vietnamese",
+    "vi-VN" => "Vietnamese (Viet Nam)",
+    "xh" => "Xhosa",
+    "xh-ZA" => "Xhosa (South Africa)",
+    "zh" => "Chinese",
+    "zh-CN" => "Chinese (S)",
+    "zh-HK" => "Chinese (Hong Kong)",
+    "zh-MO" => "Chinese (Macau)",
+    "zh-SG" => "Chinese (Singapore)",
+    "zh-TW" => "Chinese (T)",
+    "zu" => "Zulu",
+    "zu-ZA" => "Zulu (South Africa)"
+  }
+end

data/lib/stix2/meta_objects/data_markings/base.rb CHANGED Viewed

@@ -1,10 +1,7 @@
 module Stix2
   module MetaObject
     module DataMarking
-      class Base < Hashie::Dash
-        include Hashie::Extensions::Dash::PredefinedValues
-        include Hashie::Extensions::IndifferentAccess
-        include Hashie::Extensions::Dash::Coercion
+      class Base < Stix2::Base
       end
     end
   end

data/lib/stix2/meta_objects/data_markings/granular_marking.rb CHANGED Viewed

@@ -1,14 +1,10 @@
 module Stix2
   module MetaObject
     module DataMarking
-      class GranularMarking < Hashie::Dash
-        include Hashie::Extensions::Dash::PredefinedValues
-        include Hashie::Extensions::IndifferentAccess
-        include Hashie::Extensions::Dash::Coercion
+      class GranularMarking < Stix2::Base
         property :lang, coerce: String
         property :marking_ref, coerce: Identifier
-        property :selectors, coerce: Array[String]
+        property :selectors, coerce: [String]
       end
     end
   end

data/lib/stix2/meta_objects/data_markings/marking_definition.rb CHANGED Viewed

@@ -4,13 +4,13 @@ module Stix2
       class MarkingDefinition < Stix2::Common
         property :name, coerce: String
         property :definition_type, required: true, coerce: String
-        property :definition, required: true, coerce: Hash[String => String]
+        property :definition, required: true, coerce: {String => String}
         def initialize(args)
           super(args)
           raise("Property 'definition' must contain a single key") if definition.size > 1
           if definition_type != definition.keys.first
-            raise("Property 'definition_type' and 'definition' must have a matching key")
+            raise("Property 'definition_type' and 'definition' must have a matching key")
           end
         end
       end

data/lib/stix2/meta_objects/data_markings/object_marking.rb CHANGED Viewed

@@ -1,22 +1,12 @@
 module Stix2
   module MetaObject
     module DataMarking
-      class ObjectMarking
+      class ObjectMarking < String
         def initialize(value)
           value.match(/marking-definition--.*/) || raise("Invalid value: #{value}")
-          @value = value
-        end
-        def to_s
-          @value
-        end
-        def pretty_print(pp)
-          # :nocov:
-          pp.text(@value.inspect)
-          # :nocov
+          super(value)
         end
       end
     end
   end
-end
+end

data/lib/stix2/meta_objects/language_content.rb CHANGED Viewed

@@ -3,7 +3,7 @@ module Stix2
     class LanguageContent < Base
       property :object_ref, coerce: Identifier
       property :object_modified, coerce: Time
-      property :contents, coerce: Hash # TODO
+      property :contents, coerce: ->(hsh) { validate_array(hsh.keys, Stix2::RFC5646_LANGUAGE_TAGS.keys) && hsh }
     end
   end
 end