pre-commit/pre-commit-hooks
1
0
Fork 0
mirror of https://github.com/pre-commit/pre-commit-hooks.git synced 2026-04-05 03:26:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
pre-commit-hooks/tests/detect_private_key_test.py
Joe Wreschnig e2c9870bc2 Find private keys within gzip-compresssed files
2025-04-25 10:54:48 +02:00

43 lines
1.3 KiB
Python
Raw Blame History

from __future__ import annotations
import gzip
import pytest
from pre_commit_hooks.detect_private_key import main
# Input, expected return value
TESTS = (
(b'-----BEGIN RSA PRIVATE KEY-----', 1),
(b'-----BEGIN DSA PRIVATE KEY-----', 1),
(b'-----BEGIN EC PRIVATE KEY-----', 1),
(b'-----BEGIN OPENSSH PRIVATE KEY-----', 1),
(b'PuTTY-User-Key-File-2: ssh-rsa', 1),
(b'---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----', 1),
(b'-----BEGIN ENCRYPTED PRIVATE KEY-----', 1),
(b'-----BEGIN OpenVPN Static key V1-----', 1),
(b'ssh-rsa DATA', 0),
(b'ssh-dsa DATA', 0),
# Some arbitrary binary data
(b'\xa2\xf1\x93\x12', 0),
)
@pytest.mark.parametrize(('input_s', 'expected_retval'), TESTS)
def test_main(input_s, expected_retval, tmpdir):
path = tmpdir.join('file.txt')
path.write_binary(input_s)
assert main([str(path)]) == expected_retval
@pytest.mark.parametrize(('input_s', 'expected_retval'), TESTS)
def test_main_gzip(input_s, expected_retval, tmpdir):
path = tmpdir.join('file.txt.gz')
path.write_binary(gzip.compress(input_s))
assert main([str(path)]) == expected_retval
def test_main_gz_not_gzip(tmpdir):
path = tmpdir.join('file.txt.gz')
path.write_binary(b'not a sensitive value nor gzip')
assert main([str(path)]) == 0
Reference in a new issue View git blame Copy permalink