signatures

package

v0.0.0-...-82180e8 Latest Latest Go to latest Published: Nov 13, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rumenvasilev/rvsecret

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func IsSafeText(sMatchString *string) bool
type DiscoverOutput
- func Discover(mf matchfile.MatchFile, change *object.Change, cfg *config.Config, ...) (dirtyFile bool, dirtyCommit bool, ignored int, results []DiscoverOutput)
type GenericSignature
type PatternSignature
type SafeFunctionSignature
type Signature
- func Load(filePath string, mLevel int) ([]Signature, string, error)
type SignatureConfig
type SignatureDef
type SignaturesMetaData
type SimpleSignature

Constants ¶

View Source

const (
	PartExtension = "extension" // file extension
	PartFilename  = "filename"  // file name
	PartPath      = "path"      // the path to the file
	PartContent   = "content"   // the content of the file
)

These are the various items that we are attempting to match against using either regex's or simple pattern matches.

Variables ¶

View Source

var SafeFunctionSignatures []SafeFunctionSignature

SafeFunctionSignatures is a collection of safe function sigs

Functions ¶

func IsSafeText ¶

func IsSafeText(sMatchString *string) bool

IsSafeText check against known "safe" (aka not a password) list

Types ¶

type DiscoverOutput ¶

type DiscoverOutput struct {
	Sig     Signature
	Content string
	LineNum int
}

func Discover ¶

func Discover(mf matchfile.MatchFile, change *object.Change, cfg *config.Config, sigs []Signature) (dirtyFile bool, dirtyCommit bool, ignored int, results []DiscoverOutput)

type GenericSignature ¶

type GenericSignature struct {
	// contains filtered or unexported fields
}

type PatternSignature ¶

type PatternSignature struct {
	GenericSignature
	// contains filtered or unexported fields
}

PatternSignature holds the information about a pattern signature which is a regex used to match content within a file

func (PatternSignature) ConfidenceLevel ¶

func (s PatternSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (PatternSignature) Description ¶

func (s PatternSignature) Description() string

Description sets the user comment of the signature

func (PatternSignature) Enable ¶

func (s PatternSignature) Enable() int

Enable sets whether as signature is active or not

func (PatternSignature) ExtractMatch ¶

func (s PatternSignature) ExtractMatch(file matchfile.MatchFile, change *object.Change, scanType api.ScanType) (bool, map[string]int)

ExtractMatch will try and find a match within the content of the file.

func (PatternSignature) Part ¶

func (s PatternSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (PatternSignature) SignatureID ¶

func (s PatternSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type SafeFunctionSignature ¶

type SafeFunctionSignature struct {
	GenericSignature
	// contains filtered or unexported fields
}

SafeFunctionSignature holds the information about a safe function, that is used to detect and mitigate false positives

func (SafeFunctionSignature) ConfidenceLevel ¶

func (s SafeFunctionSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (SafeFunctionSignature) Description ¶

func (s SafeFunctionSignature) Description() string

Description sets the user comment of the signature

func (SafeFunctionSignature) Enable ¶

func (s SafeFunctionSignature) Enable() int

Enable sets whether as signature is active or not

func (SafeFunctionSignature) ExtractMatch ¶

func (s SafeFunctionSignature) ExtractMatch(file matchfile.MatchFile, change *object.Change, scanType api.ScanType) (bool, map[string]int)

ExtractMatch is a placeholder to ensure min code complexity and allow the reuse of the functions

func (SafeFunctionSignature) Part ¶

func (s SafeFunctionSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (SafeFunctionSignature) SignatureID ¶

func (s SafeFunctionSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type Signature ¶

type Signature interface {
	Description() string
	Enable() int
	ExtractMatch(file matchfile.MatchFile, change *object.Change, scanType api.ScanType) (bool, map[string]int)
	ConfidenceLevel() int
	Part() string
	SignatureID() string // TODO change id -> ID
}

Signature is an expression that we are looking for in a file

func Load ¶

func Load(filePath string, mLevel int) ([]Signature, string, error)

Load will load all known signatures for the various match types into the session Returns a slice of loaded signatures, signatures bundle version and an error

type SignatureConfig ¶

type SignatureConfig struct {
	Meta                   SignaturesMetaData `yaml:"Meta"`
	PatternSignatures      []SignatureDef     `yaml:"PatternSignatures"`
	SimpleSignatures       []SignatureDef     `yaml:"SimpleSignatures"`
	SafeFunctionSignatures []SignatureDef     `yaml:"SafeFunctionSignatures"`
}

SignatureConfig holds the base file structure for the signatures file

type SignatureDef ¶

type SignatureDef struct {
	Comment         string  `yaml:"comment"`
	Description     string  `yaml:"description"`
	Match           string  `yaml:"match"`
	Part            string  `yaml:"part"`
	SignatureID     string  `yaml:"signatureid"`
	Enable          int     `yaml:"enable"`
	Entropy         float64 `yaml:"entropy"`
	ConfidenceLevel int     `yaml:"confidence-level"`
}

SignatureDef maps to a signature within the yaml file

type SignaturesMetaData ¶

type SignaturesMetaData struct {
	Date    string
	Version string
	Time    int
}

SignaturesMetaData is used by updateSignatures to determine if/how to update the signatures

type SimpleSignature ¶

type SimpleSignature struct {
	GenericSignature
	// contains filtered or unexported fields
}

SimpleSignature holds the information about a simple signature which is used to match a path or filename

func (SimpleSignature) ConfidenceLevel ¶

func (s SimpleSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (SimpleSignature) Description ¶

func (s SimpleSignature) Description() string

Description sets the user comment of the signature

func (SimpleSignature) Enable ¶

func (s SimpleSignature) Enable() int

Enable sets whether as signature is active or not

func (SimpleSignature) ExtractMatch ¶

func (s SimpleSignature) ExtractMatch(file matchfile.MatchFile, change *object.Change, scanType api.ScanType) (bool, map[string]int)

ExtractMatch will attempt to match a path or file name of the given file

func (SimpleSignature) Part ¶

func (s SimpleSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (SimpleSignature) SignatureID ¶

func (s SimpleSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL