Asset fingerprint (#276)

* Provide an asset fingerprint.

* Updating tests and adding platform to sql and mysql

* updating tests

* Improving asset platform and updating tests

Co-authored-by: Michael Fanning <[email protected]>

Src/Plugins/Security/SEC101_002.GoogleOAuthCredentialsValidator.cs

@@ -44,6 +44,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             {
                 Id = id,
                 Key = key,
+                Platform = nameof(AssetPlatform.Google),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_003.GoogleApiKeyValidator.cs

@@ -49,6 +49,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 Key = matchedPattern,
+                Platform = nameof(AssetPlatform.Google),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_004.FacebookAppCredentialsValidator.cs

@@ -53,6 +53,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             {
                 Id = id,
                 Key = key,
+                Platform = nameof(AssetPlatform.Facebook),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_005.SlackTokenValidator.cs

@@ -45,6 +45,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 Key = matchedPattern,
+                Platform = nameof(AssetPlatform.Slack),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_006.GitHubPatValidator.cs

@@ -88,6 +88,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 PersonalAccessToken = pat,
+                Platform = nameof(AssetPlatform.GitHub),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_007.GitHubAppCredentialsValidator.cs

@@ -53,6 +53,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             {
                 Id = id,
                 Key = key,
+                Platform = nameof(AssetPlatform.GitHub),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_008.AwsCredentialsValidator.cs

@@ -66,6 +66,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             {
                 Id = id,
                 Key = key,
+                Platform = nameof(AssetPlatform.Aws),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_009.LinkedInCredentialsValidator.cs

@@ -46,6 +46,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             {
                 Id = id,
                 Key = key,
+                Platform = nameof(AssetPlatform.LinkedIn),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_010.SquarePatValidator.cs

@@ -53,6 +53,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 PersonalAccessToken = key,
+                Platform = nameof(AssetPlatform.Square),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_011.SquareCredentialsValidator.cs

@@ -44,6 +44,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             {
                 Id = id,
                 Key = key,
+                Platform = nameof(AssetPlatform.Square),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_012.SlackWebhookValidator.cs

@@ -51,6 +51,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 Uri = matchedPattern,
+                Platform = nameof(AssetPlatform.Slack),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_014.FacebookAccessTokenValidator.cs

@@ -44,6 +44,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint()
             {
                 Key = key,
+                Platform = nameof(AssetPlatform.Facebook),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_015.GoogleGCMServiceAccountValidator.cs

@@ -37,6 +37,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint()
             {
                 Resource = matchedPattern,
+                Platform = nameof(AssetPlatform.Google),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_016.StripeApiKeyValidator.cs

@@ -55,6 +55,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 Key = key,
+                Platform = nameof(AssetPlatform.Stripe),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_017.NpmAuthorTokenValidator.cs

@@ -57,6 +57,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 Key = key,
+                Platform = nameof(AssetPlatform.Npm),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_023.AmazonMwsAuthTokenValidator.cs

@@ -44,6 +44,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprintText = new Fingerprint
             {
                 Key = key,
+                Platform = nameof(AssetPlatform.Aws),
             }.ToString();
 
             return nameof(ValidationState.Unknown);

Src/Plugins/Security/SEC101_046.SqlConnectionStringValidator.cs

@@ -76,15 +76,15 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             if (groups.ContainsKey("host") && groups.ContainsKey("database") && groups.ContainsKey("account") && groups.ContainsKey("password"))
             {
                 host = groups["host"];
-                database = groups["database"];
                 account = groups["account"];
+                database = groups["database"];
                 password = groups["password"];
             }
             else
             {
                 host = ParseExpression(RegexEngine, matchedPattern, HostExpression);
-                database = ParseExpression(RegexEngine, matchedPattern, DatabaseExpression);
                 account = ParseExpression(RegexEngine, matchedPattern, AccountExpression);
+                database = ParseExpression(RegexEngine, matchedPattern, DatabaseExpression);
                 password = ParseExpression(RegexEngine, matchedPattern, PasswordExpression);
             }
 
@@ -119,6 +119,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
                 Resource = database,
                 Account = account,
                 Password = password,
+                Platform = SharedUtilities.GetDatabasePlatformFromHost(host, out _),
             }.ToString();
 
             return nameof(ValidationState.Unknown);
@@ -141,7 +142,7 @@ protected override string IsValidDynamicHelper(ref string fingerprintText,
 
             string connString =
                 $"Server={host};Initial Catalog={database};User ID={account};Password={password};" +
-                "Trusted_Connection=False;Encrypt=True;Connection Timeout=30;";
+                "Trusted_Connection=False;Encrypt=True;Connection Timeout=3;";
             message = $"the '{account}' account was authenticated against database '{database}' hosted on '{host}'";
 
             // Validating ConnectionString with database.
@@ -153,7 +154,7 @@ protected override string IsValidDynamicHelper(ref string fingerprintText,
 
             connString =
                $"Server={host};User ID={account};Password={password};" +
-               "Trusted_Connection=False;Encrypt=True;Connection Timeout=30;";
+               "Trusted_Connection=False;Encrypt=True;Connection Timeout=3;";
             message = $"the '{account}' account is compromised for server '{host}'";
 
             // Validating ConnectionString without database.

Src/Plugins/Security/SEC101_047.MySqlConnectionStringValidator.cs

@@ -97,6 +97,7 @@ protected override string IsValidStaticHelper(ref string matchedPattern,
             fingerprint.Host = host.Replace("\"", string.Empty).Replace(",", ";");
             fingerprint.Resource = database;
             fingerprint.Port = port;
+            fingerprint.Platform = SharedUtilities.GetDatabasePlatformFromHost(fingerprint.Host, out _);
 
             fingerprintText = fingerprint.ToString();
 

Src/Plugins/Security/SEC101_102.AdoPatValidator.cs

@@ -97,6 +97,7 @@ public static string IsValidStatic(ref string matchedPattern,
                 fingerprintText = new Fingerprint()
                 {
                     PersonalAccessToken = pat,
+                    Platform = nameof(AssetPlatform.AzureDevOps),
                 }.ToString();
             }