add real (test) standard and restricted keys (#1375)

Co-authored-by: Baruch Odem <baruch.odem@checkmarx.com>

cmd/generate/config/rules/stripe.go

@@ -10,15 +10,23 @@ func StripeAccessToken() *config.Rule {
 	r := config.Rule{
 		Description: "Found a Stripe Access Token, posing a risk to payment processing services and sensitive financial data.",
 		RuleID:      "stripe-access-token",
-		Regex:       generateUniqueTokenRegex(`(sk)_(test|live)_[0-9a-z]{10,32}`, true),
+		Regex:       generateUniqueTokenRegex(`(sk|rk)_(test|live|prod)_[0-9a-z]{10,99}`, true),
 		Keywords: []string{
 			"sk_test",
 			"sk_live",
+			"sk_prod",
+			"rk_test",
+			"rk_live",
+			"rk_prod",
 		},
 	}
 
 	// validate
-	tps := []string{"stripeToken := \"sk_test_" + secrets.NewSecret(alphaNumeric("30")) + "\""}
+	tps := []string{
+		"stripeToken := \"sk_test_" + secrets.NewSecret(alphaNumeric("30")) + "\"",
+		"sk_test_51OuEMLAlTWGaDypq4P5cuDHbuKeG4tAGPYHJpEXQ7zE8mKK3jkhTFPvCxnSSK5zB5EQZrJsYdsatNmAHGgb0vSKD00GTMSWRHs", // gitleaks:allow
+		"rk_prod_51OuEMLAlTWGaDypquDn9aZigaJOsa9NR1w1BxZXs9JlYsVVkv5XDu6aLmAxwt5Tgun5WcSwQMKzQyqV16c9iD4sx00BRijuoon", // gitleaks:allow
+	}
 	fps := []string{"nonMatchingToken := \"task_test_" + secrets.NewSecret(alphaNumeric("30")) + "\""}
 	return validate(r, tps, fps)
 }

config/gitleaks.toml

@@ -2725,9 +2725,9 @@ keywords = [
 [[rules]]
 id = "stripe-access-token"
 description = "Found a Stripe Access Token, posing a risk to payment processing services and sensitive financial data."
-regex = '''(?i)\b((sk)_(test|live)_[0-9a-z]{10,32})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
+regex = '''(?i)\b((sk|rk)_(test|live|prod)_[0-9a-z]{10,99})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
 keywords = [
-    "sk_test","sk_live",
+    "sk_test","sk_live","sk_prod","rk_test","rk_live","rk_prod",
 ]
 
 [[rules]]