merging develop into master

Author: isaisabel

CHANGELOG.md

@@ -1,3 +1,11 @@
+# v1.9.0 - 23 March 2021
+## Improvements
+- [diff_stix.py](scripts/diff_stix.py) now supports an `--unchanged` argument which adds a section listing objects which did _not_ change between releases.
+## Fixes
+- [diff_stix.py](scripts/diff_stix.py) should no longer crash when exporting layers but with only one domain specified.
+- Fixed a bug in the layer library where layers could be imported improperly in specific contexts.
+- Fixed a bug with the layer to SVG exporter which was causing sub-technique scores colors to disappear.
+
 # v1.8.1 - 3 March 2021
 ## Fixes
 - Layer library should no longer throw errors when it encounters the "Network" and "PRE" platforms.

layers/exporters/svg_objects.py

@@ -260,7 +260,7 @@ def build(height, width, label, config, variant='text', t1text=None, t2text=None
             upper = G(tx=0, ty=2.1)
             internal.append(upper)
             if t1text is not None:
-                bu = t2text is not None and t2text is not ""
+                bu = t2text != None and t2text != ""
                 theight = (height-5)
                 if bu:
                     theight = theight / 2

layers/exporters/svg_templates.py

@@ -170,17 +170,12 @@ def get_tactic(self, tactic, height, width, config, colors=[], scores=[], subtec
         """
         offset = 0
         column = G(ty=2)
+        for a in tactic.subtechniques:
+            self._copy_scores(tactic.subtechniques[a],scores,tactic.tactic.name, exclude)
         for x in tactic.techniques:
             if any(x.id == y[0] and (y[1] == self.h.convert(tactic.tactic.name) or not y[1]) for y in exclude):
                 continue
-            found = False
-            for y in scores:
-                if x.id == y[0] and (y[1] == self.h.convert(tactic.tactic.name) or not y[1]):
-                    x.score = y[2]
-                    found = True
-                    continue
-            if not found:
-                x.score = None
+            self._copy_scores([x], scores, tactic.tactic.name, exclude)
             if any(x.id == y[0] and (y[1] == self.h.convert(tactic.tactic.name) or not y[1]) for y in subtechs):
                 a, offset = self.get_tech(offset, mode, x, tactic=self.h.convert(tactic.tactic.name),
                                           subtechniques=tactic.subtechniques.get(x.id, []), colors=colors,
@@ -286,4 +281,24 @@ def export(self, showName, showID, lhandle, config, sort=0, scores=[], colors=[]
         d.append(glob)
         if overlay:
             d.append(overlay)
-        return d
+        return d
+
+
+    def _copy_scores(self, listing, scores, tactic_name, exclude):
+        """
+            INTERNAL: Move scores over from the input object (scores) to the one used to build the zvg (listing)
+
+            :param listing: List of objects to apply scores to
+            :param scores: List of scores for this tactic
+            :param exclude: List of excluded techniques
+            :return: None - operates on the raw object itself
+        """
+        for b in listing:
+            found = False
+            for y in scores:
+                if b.id == y[0] and (y[1] == self.h.convert(tactic_name) or not y[1]):
+                    b.score = y[2]
+                    found = True
+                    continue
+            if not found:
+                b.score = None

layers/exporters/to_svg.py

@@ -7,6 +7,8 @@
     from ..core import Layer
     from ..exporters.svg_templates import SvgTemplates
 
+from layers.core import Layer as topLayer # alternative import for typechecking
+
 class NoLayer(Exception):
     pass
 
@@ -405,7 +407,7 @@ def to_svg(self, layer, filepath='example.svg'):
             :return: (meta) svg file at the targeted output location
         """
         if layer is not None:
-            if not isinstance(layer, Layer):
+            if not isinstance(layer, Layer) and not isinstance(layer, topLayer):
                 raise TypeError
 
         if layer is None:

scripts/diff_stix.py

@@ -37,23 +37,26 @@
     "minor_changes": "Minor {obj_type} changes",
     "deprecations": "{obj_type} deprecations",
     "revocations": "{obj_type} revocations",
-    "deletions": "{obj_type} deletions"
+    "deletions": "{obj_type} deletions",
+    "unchanged": "Unchanged {obj_type}"
 }
 statusToColor = { # color key for layers
     "additions": "#a1d99b",
     "changes": "#fcf3a2",
     "minor_changes": "#c7c4e0",
     "deletions": "#ff00e1", # this will probably never show up but just in case
     "revocations": "#ff9000",
-    "deprecations": "#ff6363"
+    "deprecations": "#ff6363",
+    "unchanged": "#ffffff"
 }
 statusDescriptions = { # explanation of modification types to data objects for legend in layer files
     "additions": "objects which are present in the new data and not the old",
     "changes": "objects which have a newer version number in the new data compared to the old",
     "minor_changes": "objects which have a newer last edit date in the new data than in the old, but the same version number",
     "revocations": "objects which are revoked in the new data but not in the old",
     "deprecations": "objects which are deprecated in the new data but not in the old",
-    "deletions": "objects which are present in the old data but not the new"
+    "deletions": "objects which are present in the old data but not the new",
+    "unchanged": "objects which did not change between the two versions"
 }
 
 class DiffStix(object):
@@ -66,6 +69,7 @@ def __init__(
         layers=None,
         markdown=None,
         minor_changes=False,
+        unchanged=False,
         new='new',
         old='old',
         show_key=False,
@@ -93,6 +97,7 @@ def __init__(
         self.layers = layers
         self.markdown = markdown
         self.minor_changes = minor_changes
+        self.unchanged = unchanged
         self.new = new
         self.old = old
         self.show_key = show_key
@@ -109,7 +114,8 @@ def __init__(
                     # changes: [],
                     # minor_changes: [],
                     # revocations: [],
-                    # deprecations: []
+                    # deprecations: [],
+                    # unchanged: []
                 # }
                 # mobile-attack...
             # }
@@ -236,6 +242,7 @@ def load_taxii(new=False):
                 minor_changes = set()
                 revocations = set()
                 deprecations = set()
+                unchanged = set()
 
                 # find changes, revocations and deprecations
                 for key in intersection:
@@ -281,6 +288,8 @@ def load_taxii(new=False):
                             new_date = dateparser.parse(new["id_to_obj"][key]["modified"])
                             if new_date > old_date:
                                 minor_changes.add(key)
+                            else :
+                                unchanged.add(key)
 
                 # set data
                 if obj_type not in self.data: self.data[obj_type] = {}
@@ -291,6 +300,11 @@ def load_taxii(new=False):
                 # only create minor_changes data if we want to display it later
                 if self.minor_changes:
                     self.data[obj_type][domain]["minor_changes"] = [new["id_to_obj"][key] for key in minor_changes]
+                
+                # ditto for unchanged
+                if self.unchanged:
+                    self.data[obj_type][domain]["unchanged"] = [new["id_to_obj"][key] for key in unchanged]
+
                 self.data[obj_type][domain]["revocations"] = [new["id_to_obj"][key] for key in revocations]
                 self.data[obj_type][domain]["deprecations"] = [new["id_to_obj"][key] for key in deprecations]
                 # only show deletions if objects were deleted
@@ -324,6 +338,8 @@ def get_md_key(self):
         )
         if self.minor_changes:
             key += "* Minor object changes: " + statusDescriptions['minor_changes'] + "\n"
+        if self.unchanged:
+            key += "* Unchanged objects: " + statusDescriptions['unchanged'] + "\n"
         key += (
             "* Object revocations: " + statusDescriptions['revocations'] + "\n"
             "* Object deprecations: " + statusDescriptions['deprecations']
@@ -474,7 +490,7 @@ def get_layers_dict(self):
                             "tactic": phase['phase_name'],
                             "enabled": True,
                             "color": statusToColor[status],
-                            "comment": status[:-1] # trim s off end of word
+                            "comment": status[:-1] if status != "unchanged" else status  # trim s off end of word
                         })
                         used_statuses.add(status)
 
@@ -528,8 +544,8 @@ def layers_dict_to_files(outfiles, layers):
     verboseprint("writing layers dict to layer files... ", end="", flush="true")
 
     # write each layer to separate files
-    json.dump(layers['enterprise-attack'], open(outfiles[0], "w"), indent=4)
-    json.dump(layers['mobile-attack'], open(outfiles[1], "w"), indent=4)
+    if 'enterprise-attack' in layers: json.dump(layers['enterprise-attack'], open(outfiles[0], "w"), indent=4)
+    if 'mobile-attack' in layers: json.dump(layers['mobile-attack'], open(outfiles[1], "w"), indent=4)
 
     verboseprint("done")
 
@@ -621,6 +637,11 @@ def layers_dict_to_files(outfiles, layers):
         help="show changes to objects which didn't increment the version number"
     )
 
+    parser.add_argument("--unchanged",
+        action="store_true",
+        help="show objects without changes in the markdown output"
+    )
+
     parser.add_argument("--use-taxii",
         action="store_true",
         help="Use content from the ATT&CK TAXII server for the -old data"
@@ -648,6 +669,7 @@ def layers_dict_to_files(outfiles, layers):
         layers=args.layers,
         markdown=args.markdown,
         minor_changes=args.minor_changes,
+        unchanged=args.unchanged,
         new=args.new,
         old=args.old,
         show_key=args.show_key,