vin dbg

Samsung · Aug 3, 2023 · 20450c6 · 20450c6
1 parent cda354e
commit 20450c6
Show file tree

Hide file tree

Showing 10 changed files with 150 additions and 6 deletions.
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
@@ -22,7 +22,8 @@ jobs:
     - name: Checkout CredData
       uses: actions/checkout@v3
       with:
-        repository: Samsung/CredData
+        repository: babenek/CredData
+        ref: main
 
     - name: Cache data
       id: cache-data
@@ -62,7 +63,8 @@ jobs:
     - name: Checkout CredData
       uses: actions/checkout@v3
       with:
-        repository: Samsung/CredData
+        repository: babenek/CredData
+        ref: main
 
     - name: Cache data
       id: cache-data

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -45,6 +45,10 @@ jobs:
       run: |
         pip install .
 
+    - name: Debug check packages
+      run: |
+        pip freeze
+
     - name: Remove sources dir to check installation
       if: runner.os != 'Windows'
       run: rm -rf credsweeper

diff --git a/credsweeper/filters/__init__.py b/credsweeper/filters/__init__.py
@@ -38,4 +38,5 @@
 from credsweeper.filters.value_token_base64_check import ValueTokenBase64Check
 from credsweeper.filters.value_token_check import ValueTokenCheck
 from credsweeper.filters.value_useless_word_check import ValueUselessWordCheck
+from credsweeper.filters.value_vin_check import ValueVinCheck
 from credsweeper.filters.variable_not_allowed_pattern_check import VariableNotAllowedPatternCheck
diff --git a/credsweeper/filters/value_vin_check.py b/credsweeper/filters/value_vin_check.py
@@ -0,0 +1,53 @@
+import contextlib
+
+from credsweeper.config import Config
+from credsweeper.credentials import LineData
+from credsweeper.file_handler.analysis_target import AnalysisTarget
+from credsweeper.filters import Filter
+
+
+class ValueVinCheck(Filter):
+    """Check that value is a VIN"""
+    WEIGHTS = [8, 7, 6, 5, 4, 3, 2, 10, 0, 9, 8, 7, 6, 5, 4, 3, 2]
+    TRANSLITERATIONS = {
+        "0": 0, "1": 1, "2": 2, "3": 3, "4": 4, "5": 5, "6": 6, "7": 7, "8": 8, "9": 9,
+        "A": 1, "B": 2, "C": 3, "D": 4, "E": 5, "F": 6, "G": 7, "H": 8, "J": 1, "K": 2,
+        "L": 3, "M": 4, "N": 5, "P": 7, "R": 9, "S": 2, "T": 3, "U": 4, "V": 5, "W": 6,
+        "X": 7, "Y": 8, "Z": 9,
+    }
+
+    def __init__(self, config: Config = None) -> None:
+        pass
+
+    def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
+        """Run filter checks on received credential candidate data 'line_data'.
+
+        Args:
+            line_data: credential candidate data
+            target: multiline target from which line data was obtained
+
+        Return:
+            False, if the sequence is not card number. True if it is
+
+        """
+        if line_data.value is None or 17 != len(line_data.value):
+            return True
+
+        with contextlib.suppress(Exception):
+            int(line_data.value)
+            return True
+
+        # NHTSA (National Highway Traffic Safety Administration)
+        # https://en.wikipedia.org/wiki/Vehicle_identification_number
+        with contextlib.suppress(Exception):
+            s = 0
+            for w, v in zip(ValueVinCheck.WEIGHTS, line_data.value):
+                s += w * ValueVinCheck.TRANSLITERATIONS[v]
+            r = s % 11
+            if "X" == line_data.value[8] and 10 == r:
+                return False
+            elif int(line_data.value[8]) == r:
+                return False
+
+        # return False when the sequence has wrong check digit
+        return True
diff --git a/credsweeper/rules/config.yaml b/credsweeper/rules/config.yaml
@@ -1,3 +1,15 @@
+- name: VIN
+  severity: info
+  type: pattern
+  values:
+    - (^|[^0-9A-Za-z])(?P<value>[A-HJ-NPR-Z0-9]{17})([^=0-9A-Za-z]|$)
+  filter_type:
+    - ValueVinCheck
+    - ValuePatternCheck
+  min_line_len: 16
+  required_regex: "[a-zA-Z0-9_/+-]{15,}"
+  doc_available: false
+
 - name: Credit card number
   severity: info
   type: pattern

diff --git a/tests/__init__.py b/tests/__init__.py
@@ -1,14 +1,14 @@
 from pathlib import Path
 
 # total number of files in test samples
-SAMPLES_FILES_COUNT: int = 107
+SAMPLES_FILES_COUNT: int = 108
 
 # credentials count after scan
-SAMPLES_CRED_COUNT: int = 104
-SAMPLES_CRED_LINE_COUNT: int = 115
+SAMPLES_CRED_COUNT: int = 105
+SAMPLES_CRED_LINE_COUNT: int = 116
 
 # credentials count after post-processing
-SAMPLES_POST_CRED_COUNT: int = 98
+SAMPLES_POST_CRED_COUNT: int = 99
 
 # with option --doc
 SAMPLES_IN_DOC = 86

diff --git a/tests/data/depth_3.json b/tests/data/depth_3.json
@@ -3628,6 +3628,28 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "VIN",
+        "severity": "info",
+        "line_data_list": [
+            {
+                "line": "1M8GDM9AXKP042788",
+                "line_num": 6,
+                "path": "tests/samples/vin",
+                "info": "tests/samples/vin|RAW",
+                "value": "1M8GDM9AXKP042788",
+                "variable": null,
+                "entropy_validation": {
+                    "iterator": "BASE64_CHARS",
+                    "entropy": 3.6901165175936654,
+                    "valid": false
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "VALIDATED_KEY",

diff --git a/tests/data/ml_threshold_0.json b/tests/data/ml_threshold_0.json
@@ -2364,6 +2364,28 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "VIN",
+        "severity": "info",
+        "line_data_list": [
+            {
+                "line": "1M8GDM9AXKP042788",
+                "line_num": 6,
+                "path": "tests/samples/vin",
+                "info": "",
+                "value": "1M8GDM9AXKP042788",
+                "variable": null,
+                "entropy_validation": {
+                    "iterator": "BASE64_CHARS",
+                    "entropy": 3.6901165175936654,
+                    "valid": false
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "NOT_AVAILABLE",

diff --git a/tests/data/output.json b/tests/data/output.json
@@ -2254,6 +2254,28 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "VIN",
+        "severity": "info",
+        "line_data_list": [
+            {
+                "line": "1M8GDM9AXKP042788",
+                "line_num": 6,
+                "path": "tests/samples/vin",
+                "info": "",
+                "value": "1M8GDM9AXKP042788",
+                "variable": null,
+                "entropy_validation": {
+                    "iterator": "BASE64_CHARS",
+                    "entropy": 3.6901165175936654,
+                    "valid": false
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "VALIDATED_KEY",

diff --git a/tests/samples/vin b/tests/samples/vin
@@ -0,0 +1,6 @@
+# fake or not NHTSA
+00000000000000000
+98374914723492346
+M9AX4278X1MKP08GD
+# valid
+1M8GDM9AXKP042788