|
| 1 | +""" |
| 2 | +This code was extracted in part from |
| 3 | +https://github.com/pre-commit/pre-commit-hooks. Using similar heuristic logic, |
| 4 | +we adapt it to fit our plugin infrastructure, to create an organized, |
| 5 | +concerted effort in detecting all type of secrets in code. |
| 6 | +
|
| 7 | +Copyright (c) 2014 pre-commit dev team: Anthony Sottile, Ken Struys |
| 8 | +
|
| 9 | +Permission is hereby granted, free of charge, to any person obtaining a copy |
| 10 | +of this software and associated documentation files (the "Software"), to deal |
| 11 | +in the Software without restriction, including without limitation the rights |
| 12 | +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
| 13 | +copies of the Software, and to permit persons to whom the Software is |
| 14 | +furnished to do so, subject to the following conditions: |
| 15 | +
|
| 16 | +The above copyright notice and this permission notice shall be included in |
| 17 | +all copies or substantial portions of the Software. |
| 18 | +
|
| 19 | +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| 20 | +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| 21 | +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| 22 | +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| 23 | +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
| 24 | +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN |
| 25 | +THE SOFTWARE. |
| 26 | +""" |
1 | 27 | from __future__ import absolute_import |
2 | 28 |
|
3 | 29 | from .base import BasePlugin |
|
10 | 36 | 'BEGIN EC PRIVATE KEY', |
11 | 37 | 'BEGIN OPENSSH PRIVATE KEY', |
12 | 38 | 'BEGIN PRIVATE KEY', |
| 39 | + 'PuTTY-User-Key-File-2', |
| 40 | + 'BEGIN SSH2 ENCRYPTED PRIVATE KEY', |
13 | 41 | ) |
14 | 42 |
|
15 | 43 |
|
16 | 44 | class PrivateKeyDetector(BasePlugin): |
17 | 45 | """This checks for private keys by determining whether the blacklisted |
18 | 46 | lines are present in the analyzed string. |
19 | | -
|
20 | | - This is based off https://github.com/pre-commit/pre-commit-hooks. |
21 | 47 | """ |
22 | 48 |
|
23 | 49 | secret_type = 'Private Key' |
24 | 50 |
|
25 | | - def analyze(self, file, filename): |
26 | | - """We override this, because we're only looking at the first line. |
27 | | -
|
28 | | - :param file: The File object itself. |
29 | | - :param filename: string; filename of File object, used for creating |
30 | | - PotentialSecret objects |
31 | | - :returns dictionary representation of set (for random access by hash) |
32 | | - { detect_secrets.core.potential_secret.__hash__: |
33 | | - detect_secrets.core.potential_secret } |
34 | | - """ |
35 | | - |
36 | | - return self.analyze_string( |
37 | | - file.readline(), |
38 | | - 1, |
39 | | - filename, |
40 | | - ) |
41 | | - |
42 | 51 | def analyze_string(self, string, line_num, filename): |
43 | 52 | output = {} |
44 | 53 |
|
|
0 commit comments