ruby_stix 0.0.2-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,15 @@
1
+ require 'spec_helper'
2
+
3
+ describe "Campaign" do
4
+ before do
5
+ @campaign = org.mitre.stix.campaign.CampaignType.new
6
+ end
7
+
8
+ it "should be able to add attribution" do
9
+ @campaign.add_attribution([{:threat_actor => org.mitre.stix.ta.ThreatActorType.new}])
10
+ end
11
+
12
+ it "should be able to add associated campaigns" do
13
+ @campaign.add_associated_campaign({:campaign => org.mitre.stix.campaign.CampaignType.new})
14
+ end
15
+ end
@@ -0,0 +1,61 @@
1
+ require 'spec_helper'
2
+
3
+ describe "The constructor helper" do
4
+
5
+ it "should allow assignments by hash" do
6
+ org.mitre.cybox.core.ObservableType.new(:title => 'Testing').title.should == 'Testing'
7
+ org.mitre.cybox.core.ObservableType.new('title' => 'Testing').title.should == 'Testing'
8
+ end
9
+
10
+ it "should raise an error when passing hashes with invalid values" do
11
+ expect { org.mitre.cybox.core.ObservableType.new(:blah => 'Testing') }.to raise_error
12
+ end
13
+
14
+ it "should work with XML names" do
15
+ org.mitre.cybox.core.ObservableType.new('Title' => 'Testing').title.should == 'Testing'
16
+ end
17
+
18
+ it "should allow assigning values automatically" do
19
+ org.mitre.cybox.common.StringObjectPropertyType.new('hi').value.should == 'hi'
20
+ obj = org.mitre.cybox.common.StringObjectPropertyType.new('hi', :regex_syntax => "mine")
21
+ obj.value.should == 'hi'
22
+ obj.regex_syntax.should == "mine"
23
+ end
24
+
25
+ it "should not assign IDs when they are suppressed" do
26
+ org.mitre.cybox.common.StringObjectPropertyType.new('hi').id.should == nil
27
+ end
28
+
29
+ it "should assign list items automatically" do
30
+ # Try it with actual objects
31
+ spec = org.mitre.data_marking.MarkingSpecificationType.new(:controlled_structure => "//node()")
32
+ marking = org.mitre.data_marking.MarkingType.new(:markings => [spec])
33
+ marking.markings.length.should == 1
34
+ marking.markings.first.should be_kind_of(org.mitre.data_marking.MarkingSpecificationType)
35
+
36
+ # Use hash constructor
37
+ marking = org.mitre.data_marking.MarkingType.new(:markings => [{:controlled_structure => "//node()"}])
38
+ marking.markings.length.should == 1
39
+ marking.markings.first.should be_kind_of(org.mitre.data_marking.MarkingSpecificationType)
40
+ end
41
+
42
+ it "should create list items automatically" do
43
+ org.mitre.cybox.common.ToolsInformationType.new([
44
+ {
45
+ :name => "Calamine",
46
+ :description => "COA_DESCRIPTION"
47
+ }
48
+ ])
49
+ end
50
+
51
+ it "should create list items when multi-level" do
52
+ ttp = org.mitre.stix.ttp.TTPType.new(
53
+ :title => 'Test',
54
+ :behavior => {
55
+ :attack_patterns => [{:description => 'Test'}]
56
+ }
57
+ )
58
+
59
+ ttp.behavior.attack_patterns.attack_patterns.first.description.value.should == 'Test'
60
+ end
61
+ end
@@ -0,0 +1,18 @@
1
+ require 'spec_helper'
2
+
3
+ describe "The ID helper" do
4
+
5
+ it "should create IDs when none are assigned" do
6
+ org.mitre.cybox.core.ObservableType.new.id.should_not be_nil
7
+ end
8
+
9
+ it "should not overwrite IDs when they are assigned" do
10
+ id = javax.xml.namespace.QName.new("testing-an-id")
11
+ org.mitre.cybox.core.ObservableType.new(:id => id).id.should == id
12
+ end
13
+
14
+ it "should not try to set IDs on objects that don't support it" do
15
+ expect {org.mitre.cybox.core.ObservablesType.new }.to_not raise_error
16
+ end
17
+
18
+ end
@@ -0,0 +1,44 @@
1
+ require 'spec_helper'
2
+
3
+ describe Java::OrgMitreStixIndicator::IndicatorType do
4
+
5
+ context ".item=" do
6
+
7
+ before do
8
+ @indicator = org.mitre.stix.indicator.IndicatorType.new
9
+ end
10
+
11
+ it "should allow assigning an observable" do
12
+ observable = org.mitre.cybox.core.ObservableType.new
13
+ @indicator.item = observable
14
+ @indicator.observable.should == observable
15
+ end
16
+
17
+ it "should allow assigning an object or event" do
18
+ object = org.mitre.cybox.core.ObjectType.new
19
+ @indicator.item = object
20
+ @indicator.observable.object.should == object
21
+
22
+ event = org.mitre.cybox.core.EventType.new
23
+ @indicator.item = event
24
+ @indicator.observable.event.should == event
25
+ end
26
+
27
+ it "should allow assigning properties" do
28
+ properties = org.mitre.cybox.objects.file.FileObjectType.new
29
+ @indicator.item = properties
30
+ @indicator.observable.object.properties.should == properties
31
+ end
32
+
33
+ it "should accept a composition hash" do
34
+ file = org.mitre.cybox.objects.file.FileObjectType.new
35
+ indicator = org.mitre.stix.indicator.IndicatorType.new
36
+ @indicator.item = {:operator => "OR", :items => [file, indicator]}
37
+
38
+ @indicator.composite_indicator_expression.indicators[0].observable.object.properties.should == file
39
+ @indicator.composite_indicator_expression.indicators[1].should == indicator
40
+ @indicator.composite_indicator_expression.operator.should == org.mitre.stix.indicator.OperatorTypeEnum::OR
41
+ end
42
+ end
43
+
44
+ end
@@ -0,0 +1,16 @@
1
+ require 'spec_helper'
2
+
3
+ describe "The list helper" do
4
+
5
+ it "should correctly detect additions to plural types and add them" do
6
+ observables = org.mitre.cybox.core.ObservablesType.new
7
+ expect {observables.add_observable(org.mitre.cybox.core.ObservableType.new)}.to_not raise_error
8
+ observables.observables.length.should == 1
9
+ end
10
+
11
+ it "should raise an error on incorrect additions" do
12
+ observables = org.mitre.cybox.core.ObservablesType.new
13
+ expect {observables.add_nonsense(org.mitre.cybox.core.ObservableType.new)}.to raise_error
14
+ end
15
+
16
+ end
@@ -0,0 +1,7 @@
1
+ require 'spec_helper'
2
+
3
+ describe "The method name fixer" do
4
+ it "should fix TTPs" do
5
+ org.mitre.stix.ttp.TTPType.new.should respond_to(:related_ttps)
6
+ end
7
+ end
@@ -0,0 +1,34 @@
1
+ require 'spec_helper'
2
+ require 'nokogiri'
3
+
4
+ describe "Namespace cleaning" do
5
+
6
+ it "should remove unnecessary namespaces" do
7
+ stix = org.mitre.stix.core.STIXType.new
8
+ stix.indicators = org.mitre.stix.core.IndicatorsType.new
9
+ stix.indicators.add_indicator(org.mitre.stix.indicator.IndicatorType.new)
10
+ doc = Nokogiri::XML(stix.to_xml)
11
+
12
+ doc.root.namespaces.should == {
13
+ "xmlns:indicator" => "http://stix.mitre.org/Indicator-2",
14
+ "xmlns:stix" => "http://stix.mitre.org/stix-1",
15
+ "xmlns:xsi" => "http://www.w3.org/2001/XMLSchema-instance"
16
+ }
17
+ end
18
+
19
+ it "should not remove the ID namespace prefix" do
20
+ StixRuby.set_id_namespace("example.com", "example")
21
+ stix = org.mitre.stix.core.STIXType.new
22
+ stix.indicators = org.mitre.stix.core.IndicatorsType.new
23
+ stix.indicators.add_indicator(org.mitre.stix.indicator.IndicatorType.new)
24
+
25
+ doc = Nokogiri::XML(stix.to_xml)
26
+
27
+ doc.root.namespaces.should == {
28
+ "xmlns:indicator" => "http://stix.mitre.org/Indicator-2",
29
+ "xmlns:stix" => "http://stix.mitre.org/stix-1",
30
+ "xmlns:xsi" => "http://www.w3.org/2001/XMLSchema-instance",
31
+ "xmlns:example" => "example.com"
32
+ }
33
+ end
34
+ end
@@ -0,0 +1,37 @@
1
+ require 'spec_helper'
2
+
3
+ describe Java::OrgMitreCyboxCore::ObjectType do
4
+ context ".add_related_object" do
5
+
6
+ before do
7
+ @object = org.mitre.cybox.core.ObjectType.new
8
+ end
9
+
10
+ it "should add an actual related object (of type RelatedObjectType)" do
11
+ related_object = org.mitre.cybox.core.RelatedObjectType.new
12
+ @object.add_related_object(related_object)
13
+ @object.related_objects.related_objects.first.should == related_object
14
+ end
15
+
16
+ it "should add a normal object (creating the Related_Object)" do
17
+ object = org.mitre.cybox.core.ObjectType.new
18
+ @object.add_related_object(object)
19
+ @object.related_objects.related_objects.first.idref == object.id
20
+ end
21
+
22
+ it "should match the vocabulary for relationship" do
23
+ object = org.mitre.cybox.core.ObjectType.new
24
+ @object.add_related_object(object, 'Child_Of')
25
+ @object.related_objects.related_objects.first.relationship.class.should == org.mitre.cybox.vocabularies.ObjectRelationshipVocab10
26
+ @object.related_objects.related_objects.first.relationship.value.should == "Child_Of"
27
+ end
28
+
29
+ it "should allow setting arbitrary values" do
30
+ object = org.mitre.cybox.core.ObjectType.new
31
+ @object.add_related_object(object, 'Nonsense')
32
+ @object.related_objects.related_objects.first.relationship.class.should == org.mitre.cybox.common.ControlledVocabularyStringType
33
+ @object.related_objects.related_objects.first.relationship.value.should == "Nonsense"
34
+ end
35
+
36
+ end
37
+ end
@@ -0,0 +1,38 @@
1
+ require 'spec_helper'
2
+
3
+ describe Java::OrgMitreCyboxCore::ObservableType do
4
+
5
+ context ".item=" do
6
+
7
+ before do
8
+ @observable = org.mitre.cybox.core.ObservableType.new
9
+ end
10
+
11
+ it "should allow assigning an object or event" do
12
+ object = org.mitre.cybox.core.ObjectType.new
13
+ @observable.item = object
14
+ @observable.object.should == object
15
+
16
+ event = org.mitre.cybox.core.EventType.new
17
+ @observable.item = event
18
+ @observable.event.should == event
19
+ end
20
+
21
+ it "should allow assigning properties" do
22
+ properties = org.mitre.cybox.objects.file.FileObjectType.new
23
+ @observable.item = properties
24
+ @observable.object.properties.should == properties
25
+ end
26
+
27
+ it "should accept a composition hash" do
28
+ file = org.mitre.cybox.objects.file.FileObjectType.new
29
+ observable = org.mitre.cybox.core.ObservableType.new
30
+ @observable.item = {:operator => "OR", :items => [file, observable]}
31
+
32
+ @observable.observable_composition.observables[0].object.properties.should == file
33
+ @observable.observable_composition.observables[1].should == observable
34
+ @observable.observable_composition.operator.should == org.mitre.cybox.core.OperatorTypeEnum::OR
35
+ end
36
+ end
37
+
38
+ end
@@ -0,0 +1,52 @@
1
+ require 'spec_helper'
2
+
3
+ describe "The setter helper" do
4
+ before do
5
+ @package = org.mitre.stix.core.STIXType.new
6
+ end
7
+
8
+ it "should allow assignments by hash" do
9
+ @package.stix_header = {:title => "Testing"}
10
+ @package.stix_header.title.should == "Testing"
11
+
12
+ @package.stix_header = org.mitre.stix.core.STIXHeaderType.new(:title => "Testing")
13
+ @package.stix_header.title.should == "Testing"
14
+ end
15
+
16
+ it "should raise an error when passing hashes with invalid values" do
17
+ expect { @package.stix_header = {:something => "blah"} }.to raise_error
18
+ end
19
+
20
+ it "should work with Java names" do
21
+ @package.setSTIXHeader(:title => "Testing")
22
+ @package.stix_header.title.should == "Testing"
23
+ end
24
+
25
+ it "should allow assigning values automatically" do
26
+ header = org.mitre.stix.core.STIXHeaderType.new
27
+ header.package_intents.add(org.mitre.stix.vocabularies.PackageIntentVocab10.new("Indicators"))
28
+
29
+ header.package_intents[0].value.should == "Indicators"
30
+ # TODO: Is there a good way of automatically using the default vocabs? Probably
31
+ # would need to manually list them somewhere, but maybe it could be DSLed rather
32
+ # than code
33
+ end
34
+
35
+ it "should allow assign generic array lists automatically" do
36
+ is = org.mitre.stix.common.InformationSourceType.new({
37
+ :tools => [
38
+ {
39
+ :name => "Calamine",
40
+ :description => "COA_DESCRIPTION"
41
+ }
42
+ ]
43
+ })
44
+ end
45
+
46
+ it "should allow adding autocreatable values to list" do
47
+ campaign = org.mitre.stix.campaign.CampaignType.new
48
+
49
+ campaign.add_attribution([:threat_actor => {:idref => '1234'}])
50
+ campaign.attributions.first.should be_kind_of(org.mitre.stix.campaign.AttributionType)
51
+ end
52
+ end
@@ -0,0 +1,66 @@
1
+ require 'spec_helper'
2
+
3
+ include StixRuby::Aliases
4
+
5
+ describe Java::OrgMitreStixCore::STIXType do
6
+ context "instance" do
7
+ before do
8
+ @stix = STIXPackage.new
9
+ end
10
+
11
+ it "should have a default version" do
12
+ @stix.version.should == "1.0.1"
13
+ end
14
+
15
+ it "should allow adding observables" do
16
+ @stix.add_observable(Observable.new)
17
+ @stix.observables.observables.length.should == 1
18
+ end
19
+
20
+ it "should allow adding campaigns" do
21
+ @stix.add_campaign(Campaign.new)
22
+ @stix.campaigns.campaigns.length.should == 1
23
+ end
24
+
25
+ it "should allow adding courses of action" do
26
+ @stix.add_course_of_action(CourseOfAction.new)
27
+ @stix.courses_of_action.course_of_actions.length.should == 1
28
+ end
29
+
30
+ it "should allow adding exploit targets" do
31
+ @stix.add_exploit_target(ExploitTarget.new)
32
+ @stix.exploit_targets.exploit_targets.length.should == 1
33
+ end
34
+
35
+ it "should allow adding incidents" do
36
+ @stix.add_incident(Incident.new)
37
+ @stix.incidents.incidents.length.should == 1
38
+ end
39
+
40
+ it "should allow adding indicators" do
41
+ @stix.add_indicator(Indicator.new)
42
+ @stix.indicators.indicators.length.should == 1
43
+ end
44
+
45
+ it "should allow adding threat actors" do
46
+ @stix.add_threat_actor(ThreatActor.new)
47
+ @stix.threat_actors.threat_actors.length.should == 1
48
+ end
49
+
50
+ it "should allow adding TTPs" do
51
+ @stix.add_ttp(TTP.new)
52
+ @stix.ttps.ttps.length.should == 1
53
+ end
54
+ end
55
+
56
+ context "class" do
57
+
58
+ it "should read files from XML" do
59
+ stix = org.mitre.stix.core.STIXType.from_xml(File.read('spec/test_data/fireeye-pivy-report.xml'))
60
+
61
+ stix.stix_header.title.should == "Poison Ivy: Assessing Damage and Extracting Intelligence"
62
+ end
63
+
64
+ end
65
+
66
+ end
metadata ADDED
@@ -0,0 +1,119 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: ruby_stix
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: java
6
+ authors:
7
+ - John Wunder
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-08-24 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: nokogiri
15
+ version_requirements: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ requirement: !ruby/object:Gem::Requirement
21
+ requirements:
22
+ - - '>='
23
+ - !ruby/object:Gem::Version
24
+ version: '0'
25
+ prerelease: false
26
+ type: :development
27
+ - !ruby/object:Gem::Dependency
28
+ name: activesupport
29
+ version_requirements: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: 4.0.0
34
+ requirement: !ruby/object:Gem::Requirement
35
+ requirements:
36
+ - - '>='
37
+ - !ruby/object:Gem::Version
38
+ version: 4.0.0
39
+ prerelease: false
40
+ type: :runtime
41
+ description: Bindings and APIs for STIX and CybOX
42
+ email:
43
+ - jwunder@mitre.org
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - .gitignore
49
+ - .rspec
50
+ - .ruby-version
51
+ - Gemfile
52
+ - LICENSE.txt
53
+ - README.md
54
+ - Rakefile
55
+ - lib/cybox_bindings.jar
56
+ - lib/ruby_stix.rb
57
+ - lib/ruby_stix/api.rb
58
+ - lib/ruby_stix/api/api_helper.rb
59
+ - lib/ruby_stix/api/base_object_property_type.rb
60
+ - lib/ruby_stix/api/indicator.rb
61
+ - lib/ruby_stix/api/object.rb
62
+ - lib/ruby_stix/api/observable.rb
63
+ - lib/ruby_stix/api/observables_type.rb
64
+ - lib/ruby_stix/api/stix_type.rb
65
+ - lib/ruby_stix/marshall.rb
66
+ - lib/ruby_stix/method_translations.rb
67
+ - lib/ruby_stix/version.rb
68
+ - lib/stix_bindings.jar
69
+ - ruby_stix.gemspec
70
+ - spec/spec_helper.rb
71
+ - spec/test_data/fireeye-pivy-report.xml
72
+ - spec/units/campaign_spec.rb
73
+ - spec/units/constructor_spec.rb
74
+ - spec/units/id_helper_spec.rb
75
+ - spec/units/indicator_spec.rb
76
+ - spec/units/list_helper_spec.rb
77
+ - spec/units/method_name_fixer_spec.rb
78
+ - spec/units/namespace_cleaner_spec.rb
79
+ - spec/units/object_spec.rb
80
+ - spec/units/observable_spec.rb
81
+ - spec/units/setter_spec.rb
82
+ - spec/units/stix_type_spec.rb
83
+ homepage: ''
84
+ licenses: []
85
+ metadata: {}
86
+ post_install_message:
87
+ rdoc_options: []
88
+ require_paths:
89
+ - lib
90
+ required_ruby_version: !ruby/object:Gem::Requirement
91
+ requirements:
92
+ - - '>='
93
+ - !ruby/object:Gem::Version
94
+ version: '0'
95
+ required_rubygems_version: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - '>='
98
+ - !ruby/object:Gem::Version
99
+ version: '0'
100
+ requirements: []
101
+ rubyforge_project:
102
+ rubygems_version: 2.1.9
103
+ signing_key:
104
+ specification_version: 4
105
+ summary: Bindings and APIs for STIX and CybOX
106
+ test_files:
107
+ - spec/spec_helper.rb
108
+ - spec/test_data/fireeye-pivy-report.xml
109
+ - spec/units/campaign_spec.rb
110
+ - spec/units/constructor_spec.rb
111
+ - spec/units/id_helper_spec.rb
112
+ - spec/units/indicator_spec.rb
113
+ - spec/units/list_helper_spec.rb
114
+ - spec/units/method_name_fixer_spec.rb
115
+ - spec/units/namespace_cleaner_spec.rb
116
+ - spec/units/object_spec.rb
117
+ - spec/units/observable_spec.rb
118
+ - spec/units/setter_spec.rb
119
+ - spec/units/stix_type_spec.rb