Skip to content

Commit 0ad2a2d

Browse files
rjzakrjzak
committed
feat: initial Assemblyline support
Signed-off-by: Richard Zak <[email protected]>
1 parent 5bafa42 commit 0ad2a2d

File tree

7 files changed

+57
-1
lines changed

7 files changed

+57
-1
lines changed

Cargo.lock

Lines changed: 41 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ build = "build.rs"
1515
default = []
1616
admin = ["dep:dialoguer", "dep:flate2", "malwaredb-server/admin", "dep:chrono", "dep:walkdir", "dep:zip"]
1717
admin-gui = ["malwaredb-server/admin", "dep:slint", "dep:slint-build", "futures/executor"]
18+
assemblyline = ["malwaredb-server/assemblyline"]
1819
sqlite = ["malwaredb-server/sqlite"]
1920
vt = ["malwaredb-server/vt", "dep:malwaredb-virustotal"]
2021

@@ -99,6 +100,7 @@ aes-gcm = { version = "0.10.3", default-features = false }
99100
anyhow = { version = "1.0", default-features = false }
100101
app-memory-usage-fetcher = { version = "0.2.1", default-features = false }
101102
argon2 = { version = "0.5.3", default-features = false }
103+
assemblyline-markings = { version = "0.1.10", default-features = false }
102104
axum = { version = "0.8.4", default-features = false }
103105
axum-server = { version = "0.7.2", default-features = false }
104106
base64 = { version = "0.22.1", default-features = false }

crates/api/Cargo.toml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,12 @@ description = "Common API endpoints and data types for MalwareDB components."
1010
keywords.workspace = true
1111
categories = ["api-bindings", "data-structures"]
1212

13+
[features]
14+
default = []
15+
assemblyline = ["dep:assemblyline-markings"]
16+
1317
[dependencies]
18+
assemblyline-markings = { workspace = true, optional = true }
1419
chrono = { workspace = true, features = ["serde"] }
1520
hex = { workspace = true, features = ["alloc"] }
1621
serde = { workspace = true, features = ["derive", "std"] }

crates/api/src/lib.rs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@
66
#![deny(clippy::pedantic)]
77
#![forbid(unsafe_code)]
88

9+
/// Data types and API endpoints for Assemblyline integration
10+
#[cfg(feature = "assemblyline")]
11+
pub mod assemblyline;
912
/// Wrapper for fixed-size hash digests from hex strings
1013
pub mod digest;
1114

crates/server/Cargo.toml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ build = "build.rs"
1414
[features]
1515
default = []
1616
admin = []
17+
assemblyline = ["malwaredb-api/assemblyline"]
1718
sqlite = ["dep:rusqlite"]
1819
vt = ["dep:malwaredb-virustotal", "postgres/with-serde_json-1"]
1920

crates/server/src/db/malwaredb_pg.sql

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,8 @@ CREATE TABLE file (
3030
nonce bytea[],
3131
key int REFERENCES encryptionkey(id),
3232
parent bigint REFERENCES file(id),
33+
assemblyline_data json,
34+
assemblyline_tlp text,
3335
PRIMARY KEY (id)
3436
);
3537

crates/server/src/db/malwaredb_sqlite.sql

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,9 @@ CREATE TABLE file (
4646
confirmedmalicious integer, -- boolean
4747
nonce text, -- hex bytes
4848
key int REFERENCES encryptionkey(id),
49-
parent int REFERENCES file(id)
49+
parent int REFERENCES file(id),
50+
assemblyline_data text, -- JSON
51+
assemblyline_tlp text
5052
);
5153

5254

0 commit comments

Comments
 (0)