This PR adds an initial secret masking capability to Rust. For a given input, the masker leverages the high performance scanner to compute finds, optionally performs checksum validation, and then redacts finds. The redaction token can be specified by the user, otherwise it defaults to SEC101/200 : c3id, where c3id is the cross-company correlating id for the find.
The PR also adds a test to highlight the usage of the API, and benchmarks the performance with and without checksum validation. On my machine, the performance was:
Mean time for masking with checksum validation: 97.798µs
Mean time for masking without checksum validation: 80.614µs
Edit
I implemented an "in-place" redaction, based on PR feedback from @beaubelgrave . The resulting performance is:
Mean time for masking with checksum validation: 66.662µs
Mean time for masking without checksum validation: 55.299µs
This PR adds an initial secret masking capability to Rust. For a given input, the masker leverages the high performance scanner to compute finds, optionally performs checksum validation, and then redacts finds. The redaction token can be specified by the user, otherwise it defaults to
SEC101/200 : c3id
, wherec3id
is the cross-company correlating id for the find.The PR also adds a test to highlight the usage of the API, and benchmarks the performance with and without checksum validation. On my machine, the performance was:
Mean time for masking with checksum validation: 97.798µs Mean time for masking without checksum validation: 80.614µs
Edit I implemented an "in-place" redaction, based on PR feedback from @beaubelgrave . The resulting performance is: Mean time for masking with checksum validation: 66.662µs Mean time for masking without checksum validation: 55.299µs