Documentation: #250
Description
http://stix.readthedocs.org/en/stable/getting_started.html#parsing-stix-xml
I was reading this in the context of parsing STIX out of a libtaxii object. I think it would be nice if the example included getting a handle on a STIX document out of libtaxii.
For instance, take this stub Inbox Message:
<taxii_11:Inbox_Message xmlns:taxii_11="http://taxii.mitre.org/messages/taxii_xml_binding-1.1"
message_id="1">
<taxii_11:Content_Block>
<taxii_11:Content_Binding binding_id="urn:stix.mitre.org:xml:1.1.1"/>
<taxii_11:Content>
<stix:STIX_Package xmlns:stix="http://stix.mitre.org/stix-1" version="1.1.1"/>
</taxii_11:Content>
</taxii_11:Content_Block>
</taxii_11:Inbox_Message>To get a libtaxii handle on the message, you'd do (I did not double check to see if this is well documented or not, so perhaps there's a corresponding issue for libtaxii...):
import libtaxii.messages_11 as tm11
taxii_xml = '<taxii_11:Inbox_Message>...</taxii_11:Inbox_Message>' # Use the above XML
msg = tm11.InboxMessage.from_xml(taxii_xml)
# This prints out the STIX XML
print msg.content_blocks[0].contentHowever, there's no obvious/documented connection to how to get a stix.core.STIXPackage object from here. I ended up with:
from StringIO import StringIO
from stix.core import STIXPackage
package = STIXPackage(StringIO(msg.content_blocks[0].content))
# <stix.core.stix_package.STIXPackage object at 0x7f6d19d6a5d0>This issue has a couple items:
- Is this right? Or is there a cleaner way to go from
libtaxiitopython-stix - Whatever the "right" way is, it probably makes sense to add it to RTD
- If it makes sense, I could add a mechanism to libtaxii to get the content etree directly (currently possible, but hacky).
Thank you.
-Mark