misp_stix_converter/converters/buildMISPAttribute.py

-Original file line number
+Diff line change
@@ Expand Up / @@ -215,9 +215,12 @@ def identifyHash(hsh): @@
         hashes = [x for x in hashlib.algorithms_guaranteed]
         for h in hashes:
-            if len(str(hsh)) == len(hashlib.new(h).hexdigest()):
-                possible_hashes.append(h)
-                possible_hashes.append("filename|{}".format(h))
+            try:
+                if len(str(hsh)) == len(hashlib.new(h).hexdigest()):
+                    possible_hashes.append(h)
+                    possible_hashes.append("filename|{}".format(h))
+            except TypeError:
+                pass
         return possible_hashes
@@ Expand Down @@

misp_stix_converter/stix-to-misp.py

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -9,10 +9,10 @@
  
    import argparse

    import logging

    import os

    import pyaml

    import time

    import sys

    import os

    import time

    from misp_stix_converter.servers import misp

    from misp_stix_converter.converters.convert import load_stix

    @@ -34,16 +34,14 @@
  
    log.addHandler(ch)

    # Set the config file

    if args.config:

        configfile = args.config

    else:

        configfile = os.path.expanduser("~/.misptostix/misp.login")

    cfg_path = args.config if args.config else os.path.expanduser(

        "~/.misptostix/misp.login")

    try:

        with open(configfile, "r") as f:

        with open(cfg_path, "r") as f:

            CONFIG = pyaml.yaml.load(f)

    except FileNotFoundError:

        log.fatal("Could not find config file %s", configfile)

        log.fatal("Could not find config file %s", cfg_path)

        sys.exit(1)

    # Backwards compatability, if users haven't updated config

    @@ -52,16 +50,18 @@
  
        time.sleep(1)

        CONFIG["MISP"]["SSL"] = False

    # This is just a file conversion

    # Relatively quick and easy

    MISP = misp.MISP(CONFIG["MISP"]["URL"], CONFIG["MISP"]["KEY"], CONFIG["MISP"].get("SSL", True))

    # Load the package

    log.info("Opening STIX file %s", args.file)

    # Sometimes it's thrown as bytes?

    fname = args.file

    with open(fname, "r") as f:

        pkg = load_stix(f)

    in_path = args.file

    log.info("Opening STIX file %s", in_path)

    try:

        with open(in_path, "r") as f:  # Sometimes it's thrown as bytes?

            pkg = load_stix(f)

    except OSError:

        log.fatal("Could not open STIX file %s", in_path)

        sys.exit(1)

    # This is just a file conversion - relatively quick and easy

    MISP = misp.MISP(CONFIG["MISP"]["URL"], CONFIG["MISP"]["KEY"], CONFIG["MISP"].get("SSL", True))

    # We'll use my nice little misp module

    log.info("Pushing to MISP...")

tests/test_stix-to-misp.py

-Original file line number
+Diff line change
@@ -1,6 +1,8 @@
     #!/usr/bin/env python
     import glob
     from misp_stix_converter.converters import convert
+    from misp_stix_converter.converters.buildMISPAttribute import uniq
+    from misp_stix_converter.converters.buildMISPAttribute import identifyHash
     from misp_stix_converter.servers import misp
@@ Expand All / @@ -11,3 +13,32 @@ def test_convert(): @@
         for test_file in test_files:
             with open(test_file, "r") as f:
                 convert.STIXtoMISP(f.read(), None)
+    def test_uniq():
+        """Utility function should match uniqueness expectation."""
+        uniques = (
+            [42],
+            [1, 2, "a", 3, -1, False, None, (), {}],
+            list(set([1, 2, 1, 2])),
+        )
+        redundants = (
+            [42, 42, 42],
+            [1, 2, "a", 3, -1, False, None, (), {}, False, 1, 2],
+            [1, 2, 1, 2],
+        )
+        for u, r in zip(uniques, redundants):
+            assert uniq(u) == u
+            assert uniq(r) == u
+    def test_identifyHash():
+        """Returned list of hashes should be not empty for valid hash lengths."""
+        fadeface_hashes = (
+            "fadeface" * 4,
+            "fadeface" * 8,
+            "fadeface" * 16,
+        )
+        for fadeface_hash in fadeface_hashes:
+            print(fadeface_hash, identifyHash(fadeface_hash))
+            assert identifyHash(fadeface_hash)

Some structure for the simple STIX to MISP filter - mainly cosmetics :-) #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

sthagen wants to merge 4 commits into MISP:master from sthagen:for-starters-converter-cosmetics

-Original file line number
+Diff line change
@@ Expand Up / @@ -215,9 +215,12 @@ def identifyHash(hsh): @@
         hashes = [x for x in hashlib.algorithms_guaranteed]
         for h in hashes:
-            if len(str(hsh)) == len(hashlib.new(h).hexdigest()):
-                possible_hashes.append(h)
-                possible_hashes.append("filename|{}".format(h))
+            try:
+                if len(str(hsh)) == len(hashlib.new(h).hexdigest()):
+                    possible_hashes.append(h)
+                    possible_hashes.append("filename|{}".format(h))
+            except TypeError:
+                pass
         return possible_hashes
@@ Expand Down @@

-Original file line number
+Diff line change
@@ -1,6 +1,8 @@
     #!/usr/bin/env python
     import glob
     from misp_stix_converter.converters import convert
+    from misp_stix_converter.converters.buildMISPAttribute import uniq
+    from misp_stix_converter.converters.buildMISPAttribute import identifyHash
     from misp_stix_converter.servers import misp
@@ Expand All / @@ -11,3 +13,32 @@ def test_convert(): @@
         for test_file in test_files:
             with open(test_file, "r") as f:
                 convert.STIXtoMISP(f.read(), None)
+    def test_uniq():
+        """Utility function should match uniqueness expectation."""
+        uniques = (
+            [42],
+            [1, 2, "a", 3, -1, False, None, (), {}],
+            list(set([1, 2, 1, 2])),
+        )
+        redundants = (
+            [42, 42, 42],
+            [1, 2, "a", 3, -1, False, None, (), {}, False, 1, 2],
+            [1, 2, 1, 2],
+        )
+        for u, r in zip(uniques, redundants):
+            assert uniq(u) == u
+            assert uniq(r) == u
+    def test_identifyHash():
+        """Returned list of hashes should be not empty for valid hash lengths."""
+        fadeface_hashes = (
+            "fadeface" * 4,
+            "fadeface" * 8,
+            "fadeface" * 16,
+        )
+        for fadeface_hash in fadeface_hashes:
+            print(fadeface_hash, identifyHash(fadeface_hash))
+            assert identifyHash(fadeface_hash)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Some structure for the simple STIX to MISP filter - mainly cosmetics :-) #27

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Some structure for the simple STIX to MISP filter - mainly cosmetics :-) #27

Are you sure you want to change the base?

Uh oh!

Some structure for the simple STIX to MISP filter - mainly cosmetics :-) #27

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing