Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Do not store private key material in exception messages

Browse source
This commit is contained in:
Vladimir Diaz 2016-01-28 14:03:49 -05:00
parent 2452076467
commit d9ecbc851f
1 changed files with 16 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
tuf/keys.py
View file

@ -1135,16 +1135,28 @@ def extract_pem(pem, private_pem=False):
header_start = pem.index(pem_header)
except ValueError:
raise tuf.FormatError('Required PEM header ' + repr(pem_header) + '\n not'
' found in PEM string: ' + repr(pem))
# Be careful not to print private key material in exception message.
if not private_pem:
raise tuf.FormatError('Required PEM header ' + repr(pem_header) + '\n not'
' found in PEM string: ' + repr(pem))
else:
raise tuf.FormatError('Required PEM header ' + repr(pem_header) + '\n not'
' found in private PEM string.')
try:
# Search for 'pem_footer' after the PEM header.
footer_start = pem.index(pem_footer, header_start + len(pem_header))
except ValueError:
raise tuf.FormatError('Required PEM footer ' + repr(pem_footer) + '\n not'
' found in PEM string ' + repr(pem))
# Be careful not to print private key material in exception message.
if not private_pem:
raise tuf.FormatError('Required PEM footer ' + repr(pem_footer) + '\n not'
' found in PEM string ' + repr(pem))
else:
raise tuf.FormatError('Required PEM footer ' + repr(pem_footer) + '\n not'
' found in private PEM string.')
# Extract only the public portion of 'pem'. Leading or trailing whitespace
# is excluded.