Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Return actual secret strings for private keys when appear in same line #646

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

arielkru
Copy link

@arielkru arielkru commented Dec 7, 2022

Currently when private key secrets are detected, the secret value that is returned in the output refers only to the generic BEGIN PRIVATE KEY opening and not to the secret key itself.
Ideally this should be handled as a multiline secret, since its mostly includeing new lines within it and so the opening wrapper is inspected in a different scan_line iteration that the key itself.
For now, I added this change that returns the actual key, if the input is parsed in a way that escapes new line characters, like json.dumps(). So it still doesnt cover all of the use cases with the right secret value, but at least those that can be easily treated with the single line scanning method.

@jpdakran
Copy link
Member

Hi. Please merge master to your branch to re-run CI.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants