Samsung · babenek · Aug 3, 2023 · Aug 1, 2023 · Aug 3, 2023
@@ -18,6 +18,7 @@
 from credsweeper.filters.value_file_path_check import ValueFilePathCheck
 from credsweeper.filters.value_first_word_check import ValueFirstWordCheck
 from credsweeper.filters.value_grafana_check import ValueGrafanaCheck
+from credsweeper.filters.value_iban_check import ValueIbanCheck
 from credsweeper.filters.value_json_web_token_check import ValueJsonWebTokenCheck
 from credsweeper.filters.value_last_word_check import ValueLastWordCheck
 from credsweeper.filters.value_length_check import ValueLengthCheck

@@ -0,0 +1,39 @@
+import contextlib
+
+from schwifty import IBAN
+from schwifty.exceptions import SchwiftyException
+
+from credsweeper.config import Config
+from credsweeper.credentials import LineData
+from credsweeper.file_handler.analysis_target import AnalysisTarget
+from credsweeper.filters import Filter
+
+
+class ValueIbanCheck(Filter):
+    """Check that value is an IBAN"""
+
+    def __init__(self, config: Config = None) -> None:
+        pass
+
+    def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
+        """Run filter checks on received credential candidate data 'line_data'.
+
+        Args:
+            line_data: credential candidate data
+            target: multiline target from which line data was obtained
+
+        Return:
+            True, if the sequence has to be filtered
+
+        """
+        if line_data.value is None:
+            return True
+
+        with contextlib.suppress(SchwiftyException):
+            # https://en.wikipedia.org/wiki/International_Bank_Account_Number
+            if IBAN(line_data.value):
+                # Correctly parsed and recognized
+                return False
+
+        # return TRUE when the sequence is not an IBAN
+        return True
@@ -9,6 +9,17 @@
   required_regex: "[a-zA-Z0-9_/+-]{15,}"
   doc_available: false
 
+- name: IBAN
+  severity: info
+  type: pattern
+  values:
+    - (^|[^0-9A-Za-z])(?P<value>[A-Z]{2}[0-9]{2}[A-Z0-9]{12,30})([^=0-9A-Za-z]|$)
+  filter_type:
+    - ValueIbanCheck
+  min_line_len: 16
+  required_regex: "[a-zA-Z0-9_/+-]{15,}"
+  doc_available: false
+
 - name: API
   severity: medium
   type: keyword
@@ -146,7 +157,7 @@
   severity: high
   type: pattern
   values:
-    - (?P<value>(?i)heroku(.{0,20})?[0-9a-f]{8}(-[0-9a-f]{4})+-[0-9a-f]{12})([^=0-9A-Za-z_/+-]|$)
+    - (?i)(?P<value>heroku(.{0,20})?[0-9a-f]{8}(-[0-9a-f]{4})+-[0-9a-f]{12})([^=0-9A-Za-z_/+-]|$)
   filter_type: GeneralPattern
   use_ml: true
   required_substrings:

@@ -9,6 +9,7 @@ openpyxl==3.1.2
 pandas==2.0.3
 PyYAML==6.0.1
 requests==2.31.0
+schwifty~=2023.6.0
 typing_extensions==4.7.1
 whatthepatch==1.0.5
 pdfminer.six==20221105
@@ -26,6 +27,8 @@ onnxruntime==1.15.1
 setuptools==68.0.0
 
 # Auxiliary
+# Tests and maintenance packages
+# Fixed versions are not necessary
 deepdiff
 flake8
 pylint

@@ -17,6 +17,7 @@
     "PyYAML",  #
     "requests",  #
     "scipy",  #
+    "schwifty",  #
     "typing_extensions",  #
     "whatthepatch",  #
     "numpy",  #

@@ -1,14 +1,14 @@
 from pathlib import Path
 
 # total number of files in test samples
-SAMPLES_FILES_COUNT: int = 106
+SAMPLES_FILES_COUNT: int = 107
 
 # credentials count after scan
-SAMPLES_CRED_COUNT: int = 103
-SAMPLES_CRED_LINE_COUNT: int = 114
+SAMPLES_CRED_COUNT: int = 104
+SAMPLES_CRED_LINE_COUNT: int = 115
 
 # credentials count after post-processing
-SAMPLES_POST_CRED_COUNT: int = 97
+SAMPLES_POST_CRED_COUNT: int = 98
 
 # with option --doc
 SAMPLES_IN_DOC = 86

@@ -1169,6 +1169,28 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "IBAN",
+        "severity": "info",
+        "line_data_list": [
+            {
+                "line": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e IBAN: https://api.accountants/iban/UA893206490000026007052606100/",
+                "line_num": 3,
+                "path": "tests/samples/iban",
+                "info": "tests/samples/iban|RAW",
+                "value": "UA893206490000026007052606100",
+                "variable": null,
+                "entropy_validation": {
+                    "iterator": "BASE64_CHARS",
+                    "entropy": 2.86575901199594,
+                    "valid": false
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "VALIDATED_KEY",

@@ -1169,6 +1169,28 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "IBAN",
+        "severity": "info",
+        "line_data_list": [
+            {
+                "line": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e IBAN: https://api.accountants/iban/UA893206490000026007052606100/",
+                "line_num": 3,
+                "path": "tests/samples/iban",
+                "info": "",
+                "value": "UA893206490000026007052606100",
+                "variable": null,
+                "entropy_validation": {
+                    "iterator": "BASE64_CHARS",
+                    "entropy": 2.86575901199594,
+                    "valid": false
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "NOT_AVAILABLE",

@@ -1103,6 +1103,28 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "IBAN",
+        "severity": "info",
+        "line_data_list": [
+            {
+                "line": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e IBAN: https://api.accountants/iban/UA893206490000026007052606100/",
+                "line_num": 3,
+                "path": "tests/samples/iban",
+                "info": "",
+                "value": "UA893206490000026007052606100",
+                "variable": null,
+                "entropy_validation": {
+                    "iterator": "BASE64_CHARS",
+                    "entropy": 2.86575901199594,
+                    "valid": false
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "VALIDATED_KEY",

@@ -0,0 +1,5 @@
+# from https://www.ukraine.com.ua/uk/info/tools/iban/
+# correct
+Приклад правильного IBAN: https://api.accountants/iban/UA893206490000026007052606100/
+# wrong
+Приклад неправильного IBAN: https://api.accountants/iban/UA893206490000026007052606109/
@@ -590,8 +590,6 @@ def test_rules_ml_p(self) -> None:
         with tempfile.TemporaryDirectory() as tmp_dir:
             json_filename = os.path.join(tmp_dir, f"{__name__}.json")
             _stdout, _stderr = self._m_credsweeper([
-                "--log",
-                "debug",
                 "--path",
                 str(SAMPLES_PATH),
                 "--save-json",
@@ -614,8 +612,6 @@ def test_rules_ml_n(self) -> None:
         with tempfile.TemporaryDirectory() as tmp_dir:
             json_filename = os.path.join(tmp_dir, f"{__name__}.json")
             _stdout, _stderr = self._m_credsweeper([
-                "--log",
-                "debug",
                 "--path",
                 str(SAMPLES_PATH),
                 "--ml_threshold",