How to use the stix2.base._STIXBase function in stix2
To help you get started, we’ve selected a few stix2 examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
oasis-open / cti-python-stix2 / stix2 / custom.py View on Github 
def __init__(self, **kwargs):
_STIXBase.__init__(self, **kwargs)
_cls_init(cls, self, kwargs)"""STIX 2 Bundle object"""
from .base import _STIXBase
from .properties import IDProperty, Property, TypeProperty
class Bundle(_STIXBase):
_type = 'bundle'
_properties = {
'type': TypeProperty(_type),
'id': IDProperty(_type),
'spec_version': Property(fixed="2.0"),
'objects': Property(),
}
def __init__(self, *args, **kwargs):
# Add any positional arguments to the 'objects' kwarg.
if args:
if isinstance(args[0], list):
kwargs['objects'] = args[0] + list(args[1:]) + kwargs.get('objects', [])
else:
kwargs['objects'] = list(args) + kwargs.get('objects', [])import stix2
from .base import _STIXBase
from .exceptions import CustomContentError, ParseError
from .markings import _MarkingsMixin
from .utils import _get_dict
STIX2_OBJ_MAPS = {}
class STIXDomainObject(_STIXBase, _MarkingsMixin):
pass
class STIXRelationshipObject(_STIXBase, _MarkingsMixin):
pass
def parse(data, allow_custom=False, version=None):
"""Convert a string, dict or file-like object into a STIX object.
Args:
data (str, dict, file-like object): The STIX 2 content to be parsed.
allow_custom (bool): Whether to allow custom properties as well unknown
custom objects. Note that unknown custom objects cannot be parsed
into STIX objects, and will be returned as is. Default: False.
version (str): If present, it forces the parser to use the version
provided. Otherwise, the library will make the best effort based
on checking the "spec_version" property. If none of the above are
possible, it will use the default version specified by the library.
"""For more detailed information on this object's properties, see
`the STIX 2.1 specification `__.
"""
_properties = OrderedDict([
('lang', StringProperty()),
('marking_ref', ReferenceProperty(valid_types='marking-definition', spec_version='2.1')),
('selectors', ListProperty(SelectorProperty, required=True)),
])
def _check_object_constraints(self):
super(GranularMarking, self)._check_object_constraints()
self._check_at_least_one_property(['lang', 'marking_ref'])
class LanguageContent(_STIXBase):
# TODO: Add link
"""For more detailed information on this object's properties, see
`the STIX 2.1 specification `__.
"""
_type = 'language-content'
_properties = OrderedDict([
('type', TypeProperty(_type)),
('spec_version', StringProperty(fixed='2.1')),
('id', IDProperty(_type, spec_version='2.1')),
('created_by_ref', ReferenceProperty(valid_types='identity', spec_version='2.1')),
('created', TimestampProperty(default=lambda: NOW, precision='millisecond')),
('modified', TimestampProperty(default=lambda: NOW, precision='millisecond')),
('object_ref', ReferenceProperty(valid_types=["SCO", "SDO", "SRO"], spec_version='2.1', required=True)),
# TODO: 'object_modified' it MUST be an exact match for the modified time of the STIX Object (SRO or SDO) being referenced.
('object_modified', TimestampProperty(precision='millisecond')),def is_marking(obj_or_id):
"""Determines whether the given object or object ID is/is for a marking
definition.
:param obj_or_id: A STIX object or object ID as a string.
:return: True if a marking definition, False otherwise.
"""
if isinstance(obj_or_id, (stix2.base._STIXBase, dict)):
result = obj_or_id["type"] == "marking-definition"
else:
# it's a string ID
result = obj_or_id.startswith("marking-definition--")
return resultversion (str): If present, it forces the parser to use the version
provided. Otherwise, the library will make the best effort based
on checking the "spec_version" property.
Note:
``stix_data`` can be a Bundle object, but each object in it will be
saved separately; you will be able to retrieve any of the objects
the Bundle contained, but not the Bundle itself.
"""
if isinstance(stix_data, (v20.Bundle, v21.Bundle)):
# recursively add individual STIX objects
for stix_obj in stix_data.get("objects", []):
self.add(stix_obj, version=version)
elif isinstance(stix_data, _STIXBase):
# adding python STIX object
self._check_path_and_write(stix_data)
elif isinstance(stix_data, (str, dict)):
stix_data = parse(stix_data, allow_custom=self.allow_custom, version=version)
self.add(stix_data, version=version)
elif isinstance(stix_data, list):
# recursively add individual STIX objects
for stix_obj in stix_data:
self.add(stix_obj)
else:
raise TypeError(
"stix_data must be a STIX object (or list of), "
"JSON formatted STIX (or list of), "def clean(self, value):
try:
iter(value)
except TypeError:
raise ValueError("must be an iterable.")
if isinstance(value, (_STIXBase, string_types)):
value = [value]
result = []
for item in value:
try:
valid = self.contained.clean(item)
except ValueError:
raise
except AttributeError:
# type of list has no clean() function (eg. built in Python types)
# TODO Should we raise an error here?
valid = item
if type(self.contained) is EmbeddedObjectProperty:
obj_type = self.contained.type
elif type(self.contained).__name__ == "STIXObjectProperty":class ExternalReference(_STIXBase):
_properties = OrderedDict()
_properties.update([
('source_name', StringProperty(required=True)),
('description', StringProperty()),
('url', StringProperty()),
('external_id', StringProperty()),
])
def _check_object_constraints(self):
super(ExternalReference, self)._check_object_constraints()
self._check_at_least_one_property(["description", "external_id", "url"])
class KillChainPhase(_STIXBase):
_properties = OrderedDict()
_properties.update([
('kill_chain_name', StringProperty(required=True)),
('phase_name', StringProperty(required=True)),
])
class GranularMarking(_STIXBase):
_properties = OrderedDict()
_properties.update([
('marking_ref', ReferenceProperty(required=True, type="marking-definition")),
('selectors', ListProperty(SelectorProperty, required=True)),
])
class TLPMarking(_STIXBase):"""
_properties = OrderedDict([
('source_name', StringProperty(required=True)),
('description', StringProperty()),
('url', StringProperty()),
('hashes', HashesProperty(spec_version='2.1')),
('external_id', StringProperty()),
])
def _check_object_constraints(self):
super(ExternalReference, self)._check_object_constraints()
self._check_at_least_one_property(['description', 'external_id', 'url'])
class KillChainPhase(_STIXBase):
# TODO: Add link
"""For more detailed information on this object's properties, see
`the STIX 2.1 specification `__.
"""
_properties = OrderedDict([
('kill_chain_name', StringProperty(required=True)),
('phase_name', StringProperty(required=True)),
])
class GranularMarking(_STIXBase):
# TODO: Add link
"""For more detailed information on this object's properties, see
`the STIX 2.1 specification `__.
"""class RasterImageExt(_Extension):
# TODO: Add link
"""For more detailed information on this object's properties, see
`the STIX 2.1 specification `__.
"""
_type = 'raster-image-ext'
_properties = OrderedDict([
('image_height', IntegerProperty()),
('image_width', IntegerProperty()),
('bits_per_pixel', IntegerProperty()),
('exif_tags', DictionaryProperty(spec_version='2.1')),
])
class WindowsPEOptionalHeaderType(_STIXBase):
# TODO: Add link
"""For more detailed information on this object's properties, see
`the STIX 2.1 specification `__.
"""
_properties = OrderedDict([
('magic_hex', HexProperty()),
('major_linker_version', IntegerProperty()),
('minor_linker_version', IntegerProperty()),
('size_of_code', IntegerProperty(min=0)),
('size_of_initialized_data', IntegerProperty(min=0)),
('size_of_uninitialized_data', IntegerProperty(min=0)),
('address_of_entry_point', IntegerProperty()),
('base_of_code', IntegerProperty()),
('base_of_data', IntegerProperty()),
('image_base', IntegerProperty()),
Popular stix2 functions
- stix2.base._Extension
- stix2.base._Observable
- stix2.base._STIXBase
- stix2.core.parse
- stix2.datastore.filters.Filter
- stix2.datastore.filters.FilterSet
- stix2.Filter
- stix2.Indicator
- stix2.MemoryStore
- stix2.properties.IDProperty
- stix2.properties.ListProperty
- stix2.properties.Property
- stix2.properties.ReferenceProperty
- stix2.properties.StringProperty
- stix2.properties.TypeProperty
- stix2.Relationship
- stix2.StringConstant
- stix2.TAXIICollectionSource
- stix2.v20.Bundle
- stix2.v21.properties.Property