Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

new: [support for signing] added #1312

Merged
merged 1 commit into from
Dec 16, 2024
Merged

new: [support for signing] added #1312

merged 1 commit into from
Dec 16, 2024

Conversation

iglocska
Copy link
Member

@iglocska iglocska commented Dec 8, 2024

  • added new class CryptographicKeys

  • added functions to to_feed calls to include crypto keys

  • added protected boolean field to misp event

  • updated feed generator to support signing

    • if the new setting is set to True signing will be attempted for protected events
    • protected events are now passed to the /cryptographic_keys/serverSign endpoint of misp for signing
    • signatures are included as a .asc file in the output directory

  • TODO:

    • currently the JSON dumping is moved from a streamed dumping to an in memory dump before saving to disk
    • add a check for protected events and revert to streamed dumping for non protected events
    • alternatively use the already saved files to request signing from MISP

@iglocska
new: [support for signing] added
671c9fa 
- added new class CryptographicKeys
- added functions to to_feed calls to include crypto keys
- added protected boolean field to misp event

- updated feed generator to support signing
  - if the new setting is set to True signing will be attempted for protected events
  - protected events are now passed to the /cryptographic_keys/serverSign endpoint of misp for signing
  - signatures are included as a .asc file in the output directory

- TODO:
  - currently the JSON dumping is moved from a streamed dumping to an in memory dump before saving to disk
  - add a check for protected events and revert to streamed dumping for non protected events
  - alternatively use the already saved files to request signing from MISP
Rafiot
Rafiot reviewed Dec 9, 2024
View reviewed changes
pymisp/mispevent.py
@@ -1559,7 +1559,8 @@ def __repr__(self) -> str:
class MISPEvent(AnalystDataBehaviorMixin):

_fields_for_feed: set[str] = {'uuid', 'info', 'threat_level_id', 'analysis', 'timestamp',
'publish_timestamp', 'published', 'date', 'extends_uuid'}
'publish_timestamp', 'published', 'date', 'extends_uuid',
'protected'}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a note: we need to add in def _set_default an entry self.protected = False, to keep consistency with the other required fields.

I'm assuming protected set to false par default is the expected value.

@Rafiot Rafiot merged commit 671c9fa into MISP:main Dec 16, 2024
3 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Rafiot Rafiot Rafiot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@iglocska @Rafiot