Skip to content

Commit 69b6d01

Browse files
abmussaniabmussani
authored
[Feat] PrivateKey Analyzer (#3854)
* private key analyzer initial impl - basic structure * Impl analyzePermission method for PrivateKey analyzer. export few private functions for reusability in analyzers * add permissions.yaml and generate permissions * permissions fix * AnalyzeAndPrintPermissions impl * analyzer test pushed * Impl analyzer func called from detector. added and regenerated permissions. * filter empty strings in result and generate expected_output for test * some refactoring * comment added for better readability. * fixed code breaking changes in detectors due to exporting private functions. * log insufficient information message on no certificate results
1 parent f11c927 commit 69b6d01

14 files changed

+627
-37
lines changed

pkg/analyzer/analyzers/analyzers.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -80,6 +80,7 @@ const (
8080
AnalyzerTypeSquare
8181
AnalyzerTypeStripe
8282
AnalyzerTypeTwilio
83+
AnalyzerTypePrivateKey
8384
// Add new items here with AnalyzerType prefix
8485
)
8586

@@ -106,6 +107,7 @@ var analyzerTypeStrings = map[AnalyzerType]string{
106107
AnalyzerTypeSquare: "Square",
107108
AnalyzerTypeStripe: "Stripe",
108109
AnalyzerTypeTwilio: "Twilio",
110+
AnalyzerTypePrivateKey: "PrivateKey",
109111
// Add new mappings here
110112
}
111113

pkg/analyzer/analyzers/privatekey/expected_output.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
{"AnalyzerType":21,"Bindings":[],"UnboundedResources":[{"Name":"*.gruponu3.com","FullyQualifiedName":"/*.gruponu3.com","Type":"certificate","Metadata":null,"Parent":null},{"Name":"techautm.in","FullyQualifiedName":"/techautm.in","Type":"certificate","Metadata":null,"Parent":null}],"Metadata":null}

pkg/analyzer/analyzers/privatekey/permissions.go

Lines changed: 141 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/analyzer/analyzers/privatekey/permissions.yaml

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
permissions:
2+
# TLS:
3+
# KeyUsuage: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3
4+
# ExtendedKeyUsage: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12
5+
- DigitalSignature
6+
- NonRepudiation
7+
- KeyEncipherment
8+
- DataEncipherment
9+
- KeyAgreement
10+
- CertificateSigning
11+
- CRLSigning
12+
- EncipherOnly
13+
- DecipherOnly
14+
- ServerAuth
15+
- ClientAuth
16+
- CodeSigning
17+
- EmailProtection
18+
- TimeStamping
19+
- OCSPSigning
20+
21+
# Github/Gitlab
22+
- Clone
23+
- Push

0 commit comments

Comments
 (0)