pre-commit
/
pre-commit-hooks
mirror of https://github.com/pre-commit/pre-commit-hooks.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect_private_key: add OpenVPN shared-secret key block 

'OpenVPN Static key V1' label is often used by OpenVPN for providing hardening
security with additional HMAC signatures to the SSL/TLS handshake packets. They
are shared secrets and should be kept private.

Signed-off-by: Luís Ferreira <contact@lsferreira.net>
This commit is contained in:
Luís Ferreira 2021-10-02 20:42:15 +01:00
parent ccdf02dfd4
commit 1b4e30e9aa
No known key found for this signature in database
GPG Key ID: 730750D54B7A9F66
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pre_commit_hooks/detect_private_key.py
View File

@ -12,6 +12,7 @@ BLACKLIST = [
b'BEGIN SSH2 ENCRYPTED PRIVATE KEY',
b'BEGIN PGP PRIVATE KEY BLOCK',
b'BEGIN ENCRYPTED PRIVATE KEY',
b'BEGIN OpenVPN Static key V1',
]

1
tests/detect_private_key_test.py
View File

@ -11,6 +11,7 @@ TESTS = (
(b'PuTTY-User-Key-File-2: ssh-rsa', 1),
(b'---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----', 1),
(b'-----BEGIN ENCRYPTED PRIVATE KEY-----', 1),
(b'-----BEGIN OpenVPN Static key V1-----', 1),
(b'ssh-rsa DATA', 0),
(b'ssh-dsa DATA', 0),
# Some arbitrary binary data