From e0dbeb9991e1ff0c461d80c166a45b4b305fdcd3 Mon Sep 17 00:00:00 2001 From: DaveYesland Date: Wed, 17 Jan 2024 11:02:38 -0800 Subject: [PATCH] Create tests for secretfinder --- tests/test_secretfinder_regex_checker.py | 50 ++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 tests/test_secretfinder_regex_checker.py diff --git a/tests/test_secretfinder_regex_checker.py b/tests/test_secretfinder_regex_checker.py new file mode 100644 index 00000000..a4517824 --- /dev/null +++ b/tests/test_secretfinder_regex_checker.py @@ -0,0 +1,50 @@ +import pytest +from pacu.core.secretfinder.utils import regex_checker + +# Test data +TEST_DATA = [ + ("This is just a normal string.", False, None), + ("My AWS client ID is AKIA1234567890ABCDEF", True, "AWS_Client"), + ("GitHub token: ghp_1234567890abcdef1234567890abcdef1234", True, "GitHub Personal Token"), + ("GitHub token: ghs_1234567890abcdefghijklmnopqrstuvwxyzAB", True, "GitHub Actions Token"), + ("GitHub token: github_pat_abcdefghijABCDEFGHIJ12_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567", True, "GitHub Fine-grained Token"), + ("'GitHub': 'abcdefghijklmnopqrstuvwx1234567890123456'", True, "GitHub Generic"), + ("This text contains an IP: 192.168.1.1", True, "IPv4"), + ("Artifactory API key: AKCabcdefghijABCDEFGHIJ1234567890", True, "Artifactory_API"), + ("Artifactory Password: AP1ABCDabcdefghijABCDEFGHIJ12", True, "Artifactory_Password"), + ("Authorization: basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", True, "Basic_Auth"), + ("Authorization: bearer QWxhZGRpbjpvcGVuIHNlc2FtZQ==", True, "Bearer_Auth"), + ("AWS MWS Key: amzn.mws.4ea38b7b-6c4c-4d0f-a6f2-123456789012", True, "AWS_MWS"), + ("Generic API Key: 'api_key' = 'abcdefghijklmnopqrstuvwxyz12345678901234567890ABCDEF\"", True, "Generic API Key"), + ("Generic Secret: 'secret_key'= '_ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890123456789@$%^&0abcdef\"", True, "Generic Secret"), + ("Google API Key: AIzaSyC123456789012345678901234567890123", True, "Google API Key"), + ("Google Cloud Platform API Key: AIzaSyC123456789012345678901234567890123", True, "Google Cloud Platform API Key"), + ("Google Cloud Platform OAuth: 123456789012-abcd1234abcd1234abcd1234abcd1234.apps.googleusercontent.com", True, "Google Cloud Platform OAuth"), + ("Google Drive API Key: AIzaSyC123456789012345678901234567890123", True, "Google Drive API Key"), + ("Google Drive OAuth: 123456789012-abcd1234abcd1234abcd1234abcd1234.apps.googleusercontent.com", True, "Google Drive OAuth"), + ("Google Service Account: \"type\": \"service_account\"", True, "Google (GCP) Service-account"), + ("HEROKU API Key: hEroKu_1234567-ABC12345-AB12-CD34-12AB-123456789ABA", True, "HEROKU_API"), + ("IPv4 address: 192.168.1.1", True, "IPv4"), + ("MAILGUN API Key: key-abcdefghijklmnopqrstuvwxyz1234567890123456", True, "MAILGUN_API"), + ("MD5 Hash: 5f4dcc3b5aa765d61d8327deb882cf99", True, "MD5"), + ("Slack Token: xoxb-123456789012-ABCDEFGHIJKLMNOPQRSTUVWX", True, "SLACK_TOKEN"), + ("Slack Webhook: https://hooks.slack.com/services/T12345678/B12345678/abcdefghijklmnopqrstuvwxyz123456", True, "SLACK_WEBHOOK"), + ("RSA Private Key: -----BEGIN RSA PRIVATE KEY-----", True, "RSA private key"), + ("DSA Private Key: -----BEGIN DSA PRIVATE KEY-----", True, "SSH (DSA) private key"), + ("EC Private Key: -----BEGIN EC PRIVATE KEY-----", True, "SSH (EC) private key"), + ("PGP Private Key: -----BEGIN PGP PRIVATE KEY BLOCK-----", True, "PGP private key block"), + ("OpenSSH Private Key: -----BEGIN OPENSSH PRIVATE KEY-----", True, "OpenSSH private key"), + ("Twilio API Key: SKAbCdEf123AbCdEf123AbCdEf123AbCdE", True, "Twilio API Key"), + ("Twitter Access Token: twitter_1234567890123456789012345678901234567890-1234567890123456789012345678901234567890", True, "Twitter Access Token"), +] + +@pytest.mark.parametrize("test_input,expected_result,expected_key", TEST_DATA) +def test_regex_checker(test_input, expected_result, expected_key): + result = regex_checker(test_input) + + if expected_result: + assert result + assert expected_key in result + else: + assert not result +