Fix box detector bug (Yelp#222)

* Fix box detector bug * Check privatekey * encode passphrase * Check passphrase * print privatekey * Add missing newline * check privatekey again * escape char * Check publickeyid * print out all factors * Fix newline chars * Move newline fix * Fix test
IBM · Jan 8, 2020 · 7f57c2d · 7f57c2d
1 parent 3b921e7
commit 7f57c2d
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/detect_secrets/plugins/base.py b/detect_secrets/plugins/base.py
@@ -16,7 +16,7 @@
 #       This number can be tweaked if desired, at the cost of performance.
 #
 #       https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf
-LINES_OF_CONTEXT = 5
+LINES_OF_CONTEXT = 7
 
 
 class classproperty(property):

diff --git a/detect_secrets/plugins/box.py b/detect_secrets/plugins/box.py
@@ -84,6 +84,10 @@ def verify(self, token, content, potential_secret):
                 for privatekey in privatekey_matches:
                     for passphrase in passphrase_matches:
                         for enterpriseid in enterpriseid_matches:
+                            # fix private key newlines
+                            privatekey = privatekey + '\\n'
+                            privatekey = privatekey.replace('\\n', '\n')
+                            # validate
                             response = get_box_user(
                                 clientid, token, enterpriseid,
                                 publickeyid, passphrase, privatekey,
@@ -108,7 +112,7 @@ def get_box_user(
         client_secret=token,
         enterprise_id=enterpriseid,
         jwt_key_id=publickeyid,
-        rsa_private_key_passphrase=passphrase,
+        rsa_private_key_passphrase=passphrase.encode(),
         rsa_private_key_data=privatekey,
     )
     try:

diff --git a/tests/plugins/box_test.py b/tests/plugins/box_test.py
@@ -10,7 +10,7 @@
 BOX_CLIENT_ID = 'abcd1234abcd1234abcd1234abcd1234'
 BOX_CLIENT_SECRET = 'abcd1234ABCD1234abcd1234ABCD1234'
 BOX_PUBLIC_KEY_ID = 'abcd1234'
-BOX_PRIVATE_KEY = '-----BEGIN ENCRYPTED PRIVATE KEY----- key -----END ENCRYPTED PRIVATE KEY-----'
+BOX_PRIVATE_KEY = '-----BEGIN ENCRYPTED PRIVATE KEY----- key -----END ENCRYPTED PRIVATE KEY-----\n'
 BOX_PASSPHRASE = 'abcd1234abcd1234abcd1234abcd1234'
 BOX_ENTERPRISE_ID = '1234'