ruby_stix 0.0.2-java

data/spec/units/campaign_spec.rb

@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe "Campaign" do
+  before do
+    @campaign = org.mitre.stix.campaign.CampaignType.new
+  end
+
+  it "should be able to add attribution" do
+    @campaign.add_attribution([{:threat_actor => org.mitre.stix.ta.ThreatActorType.new}])
+  end
+
+  it "should be able to add associated campaigns" do
+    @campaign.add_associated_campaign({:campaign => org.mitre.stix.campaign.CampaignType.new})
+  end
+end

data/spec/units/constructor_spec.rb

@@ -0,0 +1,61 @@
+require 'spec_helper'
+
+describe "The constructor helper" do
+
+  it "should allow assignments by hash" do
+    org.mitre.cybox.core.ObservableType.new(:title => 'Testing').title.should == 'Testing'
+    org.mitre.cybox.core.ObservableType.new('title' => 'Testing').title.should == 'Testing'
+  end
+
+  it "should raise an error when passing hashes with invalid values" do
+    expect { org.mitre.cybox.core.ObservableType.new(:blah => 'Testing') }.to raise_error
+  end
+
+  it "should work with XML names" do
+    org.mitre.cybox.core.ObservableType.new('Title' => 'Testing').title.should == 'Testing'
+  end
+
+  it "should allow assigning values automatically" do
+    org.mitre.cybox.common.StringObjectPropertyType.new('hi').value.should == 'hi'
+    obj = org.mitre.cybox.common.StringObjectPropertyType.new('hi', :regex_syntax => "mine")
+    obj.value.should == 'hi'
+    obj.regex_syntax.should == "mine"
+  end
+
+  it "should not assign IDs when they are suppressed" do
+    org.mitre.cybox.common.StringObjectPropertyType.new('hi').id.should == nil
+  end
+
+  it "should assign list items automatically" do
+    # Try it with actual objects
+    spec = org.mitre.data_marking.MarkingSpecificationType.new(:controlled_structure => "//node()")
+    marking = org.mitre.data_marking.MarkingType.new(:markings => [spec])
+    marking.markings.length.should == 1
+    marking.markings.first.should be_kind_of(org.mitre.data_marking.MarkingSpecificationType)
+
+    # Use hash constructor
+    marking = org.mitre.data_marking.MarkingType.new(:markings => [{:controlled_structure => "//node()"}])
+    marking.markings.length.should == 1
+    marking.markings.first.should be_kind_of(org.mitre.data_marking.MarkingSpecificationType)
+  end
+
+  it "should create list items automatically" do
+    org.mitre.cybox.common.ToolsInformationType.new([
+      {
+        :name => "Calamine",
+        :description => "COA_DESCRIPTION"
+      }
+    ])
+  end
+
+  it "should create list items when multi-level" do
+    ttp = org.mitre.stix.ttp.TTPType.new(
+      :title => 'Test',
+      :behavior => {
+        :attack_patterns => [{:description => 'Test'}]
+      }
+    )
+
+    ttp.behavior.attack_patterns.attack_patterns.first.description.value.should == 'Test'
+  end
+end

data/spec/units/id_helper_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper'
+
+describe "The ID helper" do
+
+  it "should create IDs when none are assigned" do
+    org.mitre.cybox.core.ObservableType.new.id.should_not be_nil
+  end
+
+  it "should not overwrite IDs when they are assigned" do
+    id = javax.xml.namespace.QName.new("testing-an-id")
+    org.mitre.cybox.core.ObservableType.new(:id => id).id.should == id
+  end
+
+  it "should not try to set IDs on objects that don't support it" do
+    expect {org.mitre.cybox.core.ObservablesType.new }.to_not raise_error
+  end
+
+end

data/spec/units/indicator_spec.rb

@@ -0,0 +1,44 @@
+require 'spec_helper' 
+
+describe Java::OrgMitreStixIndicator::IndicatorType do
+
+  context ".item=" do
+
+    before do
+      @indicator = org.mitre.stix.indicator.IndicatorType.new
+    end
+
+    it "should allow assigning an observable" do
+      observable = org.mitre.cybox.core.ObservableType.new
+      @indicator.item = observable
+      @indicator.observable.should == observable
+    end
+
+    it "should allow assigning an object or event" do
+      object = org.mitre.cybox.core.ObjectType.new
+      @indicator.item = object
+      @indicator.observable.object.should == object
+
+      event = org.mitre.cybox.core.EventType.new
+      @indicator.item = event
+      @indicator.observable.event.should == event
+    end
+
+    it "should allow assigning properties" do
+      properties = org.mitre.cybox.objects.file.FileObjectType.new
+      @indicator.item = properties
+      @indicator.observable.object.properties.should == properties
+    end
+
+    it "should accept a composition hash" do
+      file = org.mitre.cybox.objects.file.FileObjectType.new
+      indicator = org.mitre.stix.indicator.IndicatorType.new
+      @indicator.item = {:operator => "OR", :items => [file, indicator]}
+
+      @indicator.composite_indicator_expression.indicators[0].observable.object.properties.should == file
+      @indicator.composite_indicator_expression.indicators[1].should == indicator
+      @indicator.composite_indicator_expression.operator.should == org.mitre.stix.indicator.OperatorTypeEnum::OR
+    end
+  end
+
+end

data/spec/units/list_helper_spec.rb

@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe "The list helper" do
+
+  it "should correctly detect additions to plural types and add them" do
+    observables = org.mitre.cybox.core.ObservablesType.new
+    expect {observables.add_observable(org.mitre.cybox.core.ObservableType.new)}.to_not raise_error
+    observables.observables.length.should == 1
+  end
+
+  it "should raise an error on incorrect additions" do
+    observables = org.mitre.cybox.core.ObservablesType.new
+    expect {observables.add_nonsense(org.mitre.cybox.core.ObservableType.new)}.to raise_error
+  end
+
+end

data/spec/units/method_name_fixer_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+describe "The method name fixer" do
+  it "should fix TTPs" do
+    org.mitre.stix.ttp.TTPType.new.should respond_to(:related_ttps)
+  end
+end

data/spec/units/namespace_cleaner_spec.rb

@@ -0,0 +1,34 @@
+require 'spec_helper'
+require 'nokogiri'
+
+describe "Namespace cleaning" do
+
+  it "should remove unnecessary namespaces" do
+    stix = org.mitre.stix.core.STIXType.new
+    stix.indicators = org.mitre.stix.core.IndicatorsType.new
+    stix.indicators.add_indicator(org.mitre.stix.indicator.IndicatorType.new)
+    doc = Nokogiri::XML(stix.to_xml)
+
+    doc.root.namespaces.should == {
+      "xmlns:indicator" => "http://stix.mitre.org/Indicator-2",
+      "xmlns:stix" => "http://stix.mitre.org/stix-1",
+      "xmlns:xsi" => "http://www.w3.org/2001/XMLSchema-instance"
+    }
+  end
+
+  it "should not remove the ID namespace prefix" do
+    StixRuby.set_id_namespace("example.com", "example")
+    stix = org.mitre.stix.core.STIXType.new
+    stix.indicators = org.mitre.stix.core.IndicatorsType.new
+    stix.indicators.add_indicator(org.mitre.stix.indicator.IndicatorType.new)
+
+    doc = Nokogiri::XML(stix.to_xml)
+
+    doc.root.namespaces.should == {
+      "xmlns:indicator" => "http://stix.mitre.org/Indicator-2",
+      "xmlns:stix" => "http://stix.mitre.org/stix-1",
+      "xmlns:xsi" => "http://www.w3.org/2001/XMLSchema-instance",
+      "xmlns:example" => "example.com"
+    }
+  end
+end

data/spec/units/object_spec.rb

@@ -0,0 +1,37 @@
+require 'spec_helper'
+
+describe Java::OrgMitreCyboxCore::ObjectType do
+  context ".add_related_object" do
+
+    before do
+      @object = org.mitre.cybox.core.ObjectType.new
+    end
+
+    it "should add an actual related object (of type RelatedObjectType)" do
+      related_object = org.mitre.cybox.core.RelatedObjectType.new
+      @object.add_related_object(related_object)
+      @object.related_objects.related_objects.first.should == related_object
+    end
+
+    it "should add a normal object (creating the Related_Object)" do
+      object = org.mitre.cybox.core.ObjectType.new
+      @object.add_related_object(object)
+      @object.related_objects.related_objects.first.idref == object.id
+    end
+
+    it "should match the vocabulary for relationship" do
+      object = org.mitre.cybox.core.ObjectType.new
+      @object.add_related_object(object, 'Child_Of')
+      @object.related_objects.related_objects.first.relationship.class.should == org.mitre.cybox.vocabularies.ObjectRelationshipVocab10
+      @object.related_objects.related_objects.first.relationship.value.should == "Child_Of"
+    end
+
+    it "should allow setting arbitrary values" do
+      object = org.mitre.cybox.core.ObjectType.new
+      @object.add_related_object(object, 'Nonsense')
+      @object.related_objects.related_objects.first.relationship.class.should == org.mitre.cybox.common.ControlledVocabularyStringType
+      @object.related_objects.related_objects.first.relationship.value.should == "Nonsense"
+    end
+
+  end
+end

data/spec/units/observable_spec.rb

@@ -0,0 +1,38 @@
+require 'spec_helper' 
+
+describe Java::OrgMitreCyboxCore::ObservableType do
+
+  context ".item=" do
+
+    before do
+      @observable = org.mitre.cybox.core.ObservableType.new
+    end
+
+    it "should allow assigning an object or event" do
+      object = org.mitre.cybox.core.ObjectType.new
+      @observable.item = object
+      @observable.object.should == object
+
+      event = org.mitre.cybox.core.EventType.new
+      @observable.item = event
+      @observable.event.should == event
+    end
+
+    it "should allow assigning properties" do
+      properties = org.mitre.cybox.objects.file.FileObjectType.new
+      @observable.item = properties
+      @observable.object.properties.should == properties
+    end
+
+    it "should accept a composition hash" do
+      file = org.mitre.cybox.objects.file.FileObjectType.new
+      observable = org.mitre.cybox.core.ObservableType.new
+      @observable.item = {:operator => "OR", :items => [file, observable]}
+
+      @observable.observable_composition.observables[0].object.properties.should == file
+      @observable.observable_composition.observables[1].should == observable
+      @observable.observable_composition.operator.should == org.mitre.cybox.core.OperatorTypeEnum::OR
+    end
+  end
+
+end

data/spec/units/setter_spec.rb

@@ -0,0 +1,52 @@
+require 'spec_helper'
+
+describe "The setter helper" do
+  before do
+    @package = org.mitre.stix.core.STIXType.new
+  end
+
+  it "should allow assignments by hash" do
+    @package.stix_header = {:title => "Testing"}
+    @package.stix_header.title.should == "Testing"
+
+    @package.stix_header = org.mitre.stix.core.STIXHeaderType.new(:title => "Testing")
+    @package.stix_header.title.should == "Testing"
+  end
+
+  it "should raise an error when passing hashes with invalid values" do
+    expect { @package.stix_header = {:something => "blah"} }.to raise_error
+  end
+
+  it "should work with Java names" do
+    @package.setSTIXHeader(:title => "Testing")
+    @package.stix_header.title.should == "Testing"
+  end
+
+  it "should allow assigning values automatically" do
+    header = org.mitre.stix.core.STIXHeaderType.new
+    header.package_intents.add(org.mitre.stix.vocabularies.PackageIntentVocab10.new("Indicators"))
+
+    header.package_intents[0].value.should == "Indicators"
+    # TODO: Is there a good way of automatically using the default vocabs? Probably
+    # would need to manually list them somewhere, but maybe it could be DSLed rather
+    # than code
+  end
+
+  it "should allow assign generic array lists automatically" do
+    is = org.mitre.stix.common.InformationSourceType.new({
+      :tools => [
+        {
+          :name => "Calamine",
+          :description => "COA_DESCRIPTION"
+        }
+      ]
+    })
+  end
+
+  it "should allow adding autocreatable values to list" do
+    campaign = org.mitre.stix.campaign.CampaignType.new
+
+    campaign.add_attribution([:threat_actor => {:idref => '1234'}])
+    campaign.attributions.first.should be_kind_of(org.mitre.stix.campaign.AttributionType)
+  end
+end

data/spec/units/stix_type_spec.rb

@@ -0,0 +1,66 @@
+require 'spec_helper'
+
+include StixRuby::Aliases
+
+describe Java::OrgMitreStixCore::STIXType do
+  context "instance" do
+    before do
+      @stix = STIXPackage.new
+    end
+
+    it "should have a default version" do
+      @stix.version.should == "1.0.1"
+    end
+
+    it "should allow adding observables" do
+      @stix.add_observable(Observable.new)
+      @stix.observables.observables.length.should == 1
+    end
+
+    it "should allow adding campaigns" do
+      @stix.add_campaign(Campaign.new)
+      @stix.campaigns.campaigns.length.should == 1
+    end
+
+    it "should allow adding courses of action" do
+      @stix.add_course_of_action(CourseOfAction.new)
+      @stix.courses_of_action.course_of_actions.length.should == 1
+    end
+
+    it "should allow adding exploit targets" do
+      @stix.add_exploit_target(ExploitTarget.new)
+      @stix.exploit_targets.exploit_targets.length.should == 1
+    end
+
+    it "should allow adding incidents" do
+      @stix.add_incident(Incident.new)
+      @stix.incidents.incidents.length.should == 1
+    end
+
+    it "should allow adding indicators" do
+      @stix.add_indicator(Indicator.new)
+      @stix.indicators.indicators.length.should == 1
+    end
+
+    it "should allow adding threat actors" do
+      @stix.add_threat_actor(ThreatActor.new)
+      @stix.threat_actors.threat_actors.length.should == 1
+    end
+
+    it "should allow adding TTPs" do
+      @stix.add_ttp(TTP.new)
+      @stix.ttps.ttps.length.should == 1
+    end
+  end
+
+  context "class" do
+
+    it "should read files from XML" do
+      stix = org.mitre.stix.core.STIXType.from_xml(File.read('spec/test_data/fireeye-pivy-report.xml'))
+
+      stix.stix_header.title.should == "Poison Ivy: Assessing Damage and Extracting Intelligence"
+    end
+
+  end
+
+end

metadata

@@ -0,0 +1,119 @@
+--- !ruby/object:Gem::Specification
+name: ruby_stix
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: java
+authors:
+- John Wunder
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2014-08-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  prerelease: false
+  type: :development
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+  prerelease: false
+  type: :runtime
+description: Bindings and APIs for STIX and CybOX
+email:
+- jwunder@mitre.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .ruby-version
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/cybox_bindings.jar
+- lib/ruby_stix.rb
+- lib/ruby_stix/api.rb
+- lib/ruby_stix/api/api_helper.rb
+- lib/ruby_stix/api/base_object_property_type.rb
+- lib/ruby_stix/api/indicator.rb
+- lib/ruby_stix/api/object.rb
+- lib/ruby_stix/api/observable.rb
+- lib/ruby_stix/api/observables_type.rb
+- lib/ruby_stix/api/stix_type.rb
+- lib/ruby_stix/marshall.rb
+- lib/ruby_stix/method_translations.rb
+- lib/ruby_stix/version.rb
+- lib/stix_bindings.jar
+- ruby_stix.gemspec
+- spec/spec_helper.rb
+- spec/test_data/fireeye-pivy-report.xml
+- spec/units/campaign_spec.rb
+- spec/units/constructor_spec.rb
+- spec/units/id_helper_spec.rb
+- spec/units/indicator_spec.rb
+- spec/units/list_helper_spec.rb
+- spec/units/method_name_fixer_spec.rb
+- spec/units/namespace_cleaner_spec.rb
+- spec/units/object_spec.rb
+- spec/units/observable_spec.rb
+- spec/units/setter_spec.rb
+- spec/units/stix_type_spec.rb
+homepage: ''
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.1.9
+signing_key:
+specification_version: 4
+summary: Bindings and APIs for STIX and CybOX
+test_files:
+- spec/spec_helper.rb
+- spec/test_data/fireeye-pivy-report.xml
+- spec/units/campaign_spec.rb
+- spec/units/constructor_spec.rb
+- spec/units/id_helper_spec.rb
+- spec/units/indicator_spec.rb
+- spec/units/list_helper_spec.rb
+- spec/units/method_name_fixer_spec.rb
+- spec/units/namespace_cleaner_spec.rb
+- spec/units/object_spec.rb
+- spec/units/observable_spec.rb
+- spec/units/setter_spec.rb
+- spec/units/stix_type_spec.rb