Skip to content
Snippets Groups Projects
Select Git revision
  • 52383af76136ef3d6912f6428bc33c9c361e146b
  • master default protected
  • devel
  • misp
  • stix
  • cejkat-pr
6 results

test_idea.py

Blame
    • Jan Mach's avatar
    Added sort_keys default to True into to_json method.
    Jan Mach authored 
    This is very usefull both for unit testing and for readability.
    8f8bde48
    History
    Jan Mach's avatar 8f8bde48
    History
    test_idea.py 2.58 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94 
    

    

    

    #!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Copyright (c) 2016, CESNET, z. s. p. o.
# Use of this source is governed by an ISC license, see LICENSE file.

import unittest
import json
import difflib
from idea import lite
from idea import valid

raw_idea = {
   "Format": "IDEA0",
   "ID": "4390fc3f-c753-4a3e-bc83-1b44f24baf75",
   "CreateTime": "2012-11-03T10:00:02Z",
   "DetectTime": "2012-11-03T10:00:07Z",
   "WinStartTime": "2012-11-03T05:00:00Z",
   "WinEndTime": "2012-11-03T10:00:00Z",
   "EventTime": "2012-11-03T07:36:00Z",
   "CeaseTime": "2012-11-03T09:55:22Z",
   "Category": ["Fraud.Phishing"],
   "Ref": ["cve:CVE-1234-5678"],
   "Confidence": 1.0,
   "Note": "Synthetic example",
   "ConnCount": 20,
   "Source": [
      {
         "Type": ["Phishing"],
         "IP4": ["192.168.0.2-192.168.0.5", "192.168.0.10/25"],
         "IP6": ["2001:db8::ff00:42:0/112"],
         "Hostname": ["example.com"],
         "URL": ["http://example.com/cgi-bin/killemall"],
         "Proto": ["tcp", "http"],
         "AttachHand": ["att1"],
         "Netname": ["ripe:IANA-CBLK-RESERVED1"]
      }
   ],
   "Target": [
      {
         "Type": ["Backscatter", "OriginSpam"],
         "Email": ["innocent@example.com"],
         "Spoofed": True
      },
      {
         "Type": ["CasualIP"],
         "IP4": ["10.2.2.0/24"],
         "Port": [22, 25, 443],
         "Anonymised": True
      }
   ],
   "Attach": [
      {
         "Handle": "att1",
         "FileName": ["killemall"],
         "Type": ["Malware"],
         "ContentType": "application/octet-stream",
         "Hash": ["sha1:0c4a38c3569f0cc632e74f4c"],
         "Size": 46,
         "Ref": ["Trojan-Spy:W32/FinSpy.A"],
         "ContentEncoding": "base64",
         "Content": "TVpqdXN0a2lkZGluZwo="
      }
   ],
   "Node": [
      {
         "Name": "org.example.kippo_honey",
         "Realm": "cesnet.cz",
         "Tags": ["Protocol", "Honeypot"],
         "SW": ["Kippo"],
         "AggrWin": "00:05:00"
      }
   ]
}


class TestIdea(unittest.TestCase):

    def testLiteIdea(self):
        idea = lite.Idea(raw_idea)
        orig = json.dumps(raw_idea, indent=4, sort_keys=True)
        new = idea.to_json(indent=4)
        self.assertEqual(orig, new, "\n".join([l for l in difflib.context_diff(orig.split("\n"), new.split("\n"))]))

    def testValidIdea(self):
        idea = valid.Idea(raw_idea)
        orig = json.dumps(raw_idea, indent=4, sort_keys=True)
        new = idea.to_json(indent=4)
        self.assertEqual(orig, new, "\n".join([l for l in difflib.context_diff(orig.split("\n"), new.split("\n"))]))


if __name__ == '__main__':
    unittest.main()