Nuget refinement (#514)

* Update SARIF SDK. * Update nuget rule. * Update refinement further. Update test. * Update nuget pattern and test. * Update SEC101_031.NuGetApiKey.sarif * Updating tests Co-authored-by: Eddy Nakamura <eddynaka@gmail.com> Co-authored-by: Eddy Nakamura <ednakamu@microsoft.com>
microsoft · Jul 27, 2021 · 6e9a22f · 6e9a22f
1 parent 23dc3fe
commit 6e9a22f
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/Src/Plugins/Security/Security.SharedStrings.txt b/Src/Plugins/Security/Security.SharedStrings.txt
@@ -61,7 +61,7 @@
   $SEC101/028.PlaintextPassword=(?i)ConvertTo-SecureString\s*(?:-[S]tring)?\s*["'](?P<secret>[^"')(?:]*)["']
   $SEC101/030.GoogleServiceAccountKeyConsoleFormat="private_key":\s*"-----BEGIN PRIVATE KEY-----\\n(?s)(?P<secret>[^"]+)(?-s)\\n-----END PRIVATE KEY-----\\n(?s).{1,200}(?-s)"client_id"\s*:\s*"(?P<id>[\w.-]+)"
   $SEC101/030.GoogleServiceAccountKeyConsoleRestFormat="name": "projects\/[\w-]+\/serviceAccounts\/[\w@.-]+\/keys\/(?P<secret>[^"]+)",
-  $SEC101/031.NuGetApiKey=\b(?P<secret>oy2[0-9a-z]{43})(?:^[0-9a-z]|$)
+  $SEC101/031.NuGetApiKey=\b(?P<secret>oy2[a-p][0-9a-z]{15}[aq][0-9a-z]{11}[eu][bdfhjlnprtvxz357][a-p][0-9a-z]{11}[aeimquy4])(?:^[0-9a-z]|$)  
   $SEC101/032.GpgCredentials=(?is)gpg[._-](?:gen_key_input|sign|decrypt_file)\s*\(\s*(?:name_email\s*=\s*["'](?P<id>[^"']*)["'])?.{0,50}passphrase\s*=\s*["'](?P<secret>[^"']*)["']
   $SEC101/034.CredentialObjectConstructor=(?:PSCredential|SqlCredential)\s*\(\s*"(?P<id>[^"]*)"\s*,\s*"(?P<secret>[^"]*)"
   $SEC101/034.CredentialObjectInitializer=(?s)(?:PSCredential|SqlCredential)\s*\(\)\s*{\s*.{0,50}User(?:Name|Id)\s*=\s*"(?P<id>[^"]*)"\s*,.{0,50}Password\s*=\s*"(?P<secret>[^"]*)"  

diff --git a/...sts.Security/TestData/SecurePlaintextSecrets/ExpectedOutputs/SEC101_031.NuGetApiKey.sarif b/...sts.Security/TestData/SecurePlaintextSecrets/ExpectedOutputs/SEC101_031.NuGetApiKey.sarif
@@ -44,7 +44,7 @@
           "message": {
             "id": "Default",
             "arguments": [
-              "oy20de…",
+              "oy2ade…",
               "an apparent ",
               "",
               "NuGet API Key",
@@ -67,20 +67,20 @@
                   "charOffset": 0,
                   "charLength": 46,
                   "snippet": {
-                    "text": "oy20deadbeef0deadbee500deadbeef0deadbee50dead0"
+                    "text": "oy2adeadbeef0deadbeaf00deadbeefedeadbee50deada"
                   }
                 }
               }
             }
           ],
           "fingerprints": {
             "AssetFingerprint/v1": "[platform=NuGet]",
-            "ValidationFingerprint/v1": "[secret=oy20deadbeef0deadbee500deadbeef0deadbee50dead0]",
-            "ValidationFingerprintHash/v1": "6811bdcc965a68f988f7d66d953af2618a73c079d8c3afcc14cde12706037436",
+            "ValidationFingerprint/v1": "[secret=oy2adeadbeef0deadbeaf00deadbeefedeadbee50deada]",
+            "ValidationFingerprintHash/v1": "bffc0dfed763580a72800bf5c2fc1effa0de2b2ba6dfe7be28b0b23a09a7755a",
             "AssetFingerprint/v2": "{\"platform\":\"NuGet\"}",
-            "ValidationFingerprint/v2": "{\"secret\":\"oy20deadbeef0deadbee500deadbeef0deadbee50dead0\"}"
+            "ValidationFingerprint/v2": "{\"secret\":\"oy2adeadbeef0deadbeaf00deadbeefedeadbee50deada\"}"
           },
-          "rank": 40.22
+          "rank": 39.75
         }
       ],
       "columnKind": "utf16CodeUnits"

diff --git a/Src/Plugins/Tests.Security/TestData/SecurePlaintextSecrets/Inputs/SEC101_031.NuGetApiKey.txt b/Src/Plugins/Tests.Security/TestData/SecurePlaintextSecrets/Inputs/SEC101_031.NuGetApiKey.txt
@@ -1 +1 @@
-oy20deadbeef0deadbee500deadbeef0deadbee50dead0
+oy2adeadbeef0deadbeaf00deadbeefedeadbee50deada