credsweeper 1.11.3__py3-none-any.whl → 1.11.5__py3-none-any.whl

credsweeper/utils/util.py

@@ -1,12 +1,13 @@
 import ast
 import base64
+import contextlib
 import json
 import logging
 import math
 import os
+import random
 import re
 import string
-import struct
 import tarfile
 from dataclasses import dataclass
 from pathlib import Path
@@ -15,6 +16,18 @@ from typing import Any, Dict, List, Tuple, Optional, Union
 import numpy as np
 import whatthepatch
 import yaml
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric import padding
+from cryptography.hazmat.primitives.asymmetric.dh import DHPrivateKey, DHPublicKey
+from cryptography.hazmat.primitives.asymmetric.dsa import DSAPrivateKey, DSAPublicKey
+from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey, EllipticCurvePublicKey
+from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
+from cryptography.hazmat.primitives.asymmetric.ed448 import Ed448PrivateKey, Ed448PublicKey
+from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes
+from cryptography.hazmat.primitives.asymmetric.x25519 import X25519PublicKey, X25519PrivateKey
+from cryptography.hazmat.primitives.asymmetric.x448 import X448PublicKey, X448PrivateKey
+from cryptography.hazmat.primitives.serialization import load_der_private_key
+from cryptography.hazmat.primitives.serialization.pkcs12 import load_key_and_certificates
 from lxml import etree
 from typing_extensions import TypedDict
 
@@ -152,11 +165,10 @@ class Util:
     @staticmethod
     def is_known(data: Union[bytes, bytearray]) -> bool:
         """Returns True if any known binary format is found to prevent extra scan a file without an extension."""
-        if isinstance(data, (bytes, bytearray)):
-            if 127 <= len(data) and data.startswith(b"\x7f\x45\x4c\x46"):
-                # https://en.wikipedia.org/wiki/Executable_and_Linkable_Format
-                # minimal ELF is 127 bytes https://github.com/tchajed/minimal-elf
-                return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"\x7f\x45\x4c\x46") and 127 <= len(data):
+            # https://en.wikipedia.org/wiki/Executable_and_Linkable_Format
+            # minimal ELF is 127 bytes https://github.com/tchajed/minimal-elf
+            return True
         return False
 
     @staticmethod
@@ -165,14 +177,13 @@ class Util:
         Returns True when two zeroes sequence is found in begin of data.
         The sequence never exists in text format (UTF-8, UTF-16). UTF-32 is not supported.
         """
-        if 0 <= data.find(b"\0\0", 0, MAX_LINE_LENGTH):
+        if isinstance(data, (bytes, bytearray)) and 0 <= data.find(b"\0\0", 0, MAX_LINE_LENGTH):
             return True
-        else:
-            return False
+        return False
 
-    NOT_LATIN1_PRINTABLE_SET = (set(range(0,
-                                          256)).difference(set(x for x in string.printable.encode(ASCII))).difference(
-                                              set(x for x in range(0xA0, 0x100))))
+    NOT_LATIN1_PRINTABLE_SET = set(range(0, 256)) \
+        .difference(set(x for x in string.printable.encode(ASCII))) \
+        .difference(set(x for x in range(0xA0, 0x100)))
 
     @staticmethod
     def is_latin1(data: Union[bytes, bytearray]) -> bool:
@@ -182,7 +193,7 @@ class Util:
             non_latin1_cnt = sum(1 for x in data[:MAX_LINE_LENGTH] if x in Util.NOT_LATIN1_PRINTABLE_SET)
             # experiment for 255217 binary files shown avg = 0.268264 ± 0.168767, so let choose minimal
             chunk_len = min(MAX_LINE_LENGTH, len(data))
-            result = 0.1 > non_latin1_cnt / chunk_len
+            result = bool(0.1 > non_latin1_cnt / chunk_len)
         return result
 
     @staticmethod
@@ -229,7 +240,7 @@ class Util:
                 if binary_suggest and LATIN_1 == encoding and (Util.is_binary(content) or not Util.is_latin1(content)):
                     # LATIN_1 may convert data (bytes in range 0x80:0xFF are transformed)
                     # so skip this encoding when checking binaries
-                    logger.warning("Binary file detected")
+                    logger.warning("Binary file detected %s", repr(content[:8]))
                     break
                 text = content.decode(encoding, errors="strict")
                 if content != text.encode(encoding, errors="strict"):
@@ -379,26 +390,31 @@ class Util:
     @staticmethod
     def is_zip(data: Union[bytes, bytearray]) -> bool:
         """According https://en.wikipedia.org/wiki/List_of_file_signatures"""
-        if isinstance(data, (bytes, bytearray)) and 3 < len(data):
-            # PK
-            if data.startswith(b"PK"):
-                if 0x03 == data[2] and 0x04 == data[3]:
-                    return True
-                # empty archive - no sense to scan
-                elif 0x05 == data[2] and 0x06 == data[3]:
-                    return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"PK") and 4 <= len(data):
+            if 0x03 == data[2] and 0x04 == data[3]:
+                # normal PK
+                return True
+            elif 0x05 == data[2] and 0x06 == data[3]:
+                # empty archive - no sense to scan in other scanners, so let it be a zip
+                return True
+            elif 0x07 == data[2] and 0x08 == data[3]:
                 # spanned archive - NOT SUPPORTED
-                elif 0x07 == data[2] and 0x08 == data[3]:
-                    return False
+                return False
         return False
 
     @staticmethod
     def is_com(data: Union[bytes, bytearray]) -> bool:
         """According https://en.wikipedia.org/wiki/List_of_file_signatures"""
-        if isinstance(data, (bytes, bytearray)) and 8 < len(data):
-            if data.startswith(b"\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1"):
-                # Compound File Binary Format: doc, xls, ppt, msi, msg
-                return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"\xD0\xCF\x11\xE0\xA1\xB1\x1A\xE1"):
+            # Compound File Binary Format: doc, xls, ppt, msi, msg
+            return True
+        return False
+
+    @staticmethod
+    def is_rpm(data: Union[bytes, bytearray]) -> bool:
+        """According https://en.wikipedia.org/wiki/List_of_file_signatures"""
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"\xED\xAB\xEE\xDB"):
+            return True
         return False
 
     @staticmethod
@@ -411,81 +427,105 @@ class Util:
                     or
                     0x20 == data[262] and 0x20 == data[263] and 0x00 == data[264]
             ):
-                try:
+                with contextlib.suppress(Exception):
                     chksum = tarfile.nti(data[148:156])  # type: ignore
                     unsigned_chksum, signed_chksum = tarfile.calc_chksums(data)  # type: ignore
-                    return bool(chksum == unsigned_chksum or chksum == signed_chksum)
-                except Exception as exc:
-                    logger.exception(f"Corrupted TAR ? {exc}")
+                    if chksum == unsigned_chksum or chksum == signed_chksum:
+                        return True
+        return False
+
+    @staticmethod
+    def is_deb(data: Union[bytes, bytearray]) -> bool:
+        """According https://en.wikipedia.org/wiki/Deb_(file_format)"""
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"!<arch>\n"):
+            return True
         return False
 
     @staticmethod
     def is_bzip2(data: Union[bytes, bytearray]) -> bool:
         """According https://en.wikipedia.org/wiki/Bzip2"""
-        if isinstance(data, (bytes, bytearray)) and 10 <= len(data):
-            if data.startswith(b"\x42\x5A\x68") \
-                    and 0x31 <= data[3] <= 0x39 \
-                    and 0x31 == data[4] and 0x41 == data[5] and 0x59 == data[6] \
-                    and 0x26 == data[7] and 0x53 == data[8] and 0x59 == data[9]:
-                return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"\x42\x5A\x68") and 10 <= len(data) \
+                and 0x31 <= data[3] <= 0x39 \
+                and 0x31 == data[4] and 0x41 == data[5] and 0x59 == data[6] \
+                and 0x26 == data[7] and 0x53 == data[8] and 0x59 == data[9]:
+            return True
         return False
 
     @staticmethod
     def is_gzip(data: Union[bytes, bytearray]) -> bool:
         """According https://www.rfc-editor.org/rfc/rfc1952"""
-        if isinstance(data, (bytes, bytearray)) and 3 <= len(data):
-            if data.startswith(b"\x1F\x8B\x08"):
-                return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"\x1F\x8B\x08"):
+            return True
         return False
 
     @staticmethod
     def is_pdf(data: Union[bytes, bytearray]) -> bool:
         """According https://en.wikipedia.org/wiki/List_of_file_signatures - pdf"""
-        if isinstance(data, (bytes, bytearray)) and 5 <= len(data):
-            if data.startswith(b"\x25\x50\x44\x46\x2D"):
-                return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"%PDF-"):
+            return True
+        return False
+
+    @staticmethod
+    def is_jclass(data: Union[bytes, bytearray]) -> bool:
+        """According https://en.wikipedia.org/wiki/List_of_file_signatures - java class"""
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"\xCA\xFE\xBA\xBE"):
+            return True
         return False
 
     @staticmethod
     def is_jks(data: Union[bytes, bytearray]) -> bool:
         """According https://en.wikipedia.org/wiki/List_of_file_signatures - jks"""
-        if isinstance(data, (bytes, bytearray)) and 4 <= len(data):
-            if data.startswith(b"\xFE\xED\xFE\xED"):
-                return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"\xFE\xED\xFE\xED"):
+            return True
         return False
 
     @staticmethod
     def is_lzma(data: Union[bytes, bytearray]) -> bool:
         """According https://en.wikipedia.org/wiki/List_of_file_signatures - lzma also xz"""
-        if isinstance(data, (bytes, bytearray)) and 6 <= len(data):
-            if data.startswith(b"\xFD\x37\x7A\x58\x5A\x00") or data.startswith(b"\x5D\x00\x00"):
-                return True
+        if isinstance(data, (bytes, bytearray)) and data.startswith((b"\xFD7zXZ\x00", b"\x5D\x00\x00")):
+            return True
+        return False
+
+    @classmethod
+    def is_sqlite3(cls, data):
+        """According https://en.wikipedia.org/wiki/List_of_file_signatures - SQLite Database"""
+        if isinstance(data, (bytes, bytearray)) and data.startswith(b"SQLite format 3\0"):
+            return True
         return False
 
     @staticmethod
-    def is_asn1(data: Union[bytes, bytearray]) -> bool:
-        """Only sequence type 0x30 and size correctness is checked"""
-        if isinstance(data, (bytes, bytearray)) and 4 <= len(data):
-            # sequence
-            if 0x30 == data[0]:
-                # https://www.oss.com/asn1/resources/asn1-made-simple/asn1-quick-reference/basic-encoding-rules.html#Lengths
-                length = data[1]
-                byte_len = (0x7F & length)
-                if 0x80 == length and data.endswith(b"\x00\x00"):
-                    return True
-                elif 0x80 < length and 1 < byte_len < len(data):  # additional check
-                    len_bytes = data[2:2 + byte_len]
-                    try:
-                        long_size = struct.unpack(">h", len_bytes)
-                    except struct.error:
-                        long_size = (-1,)  # yapf: disable
-                    length = long_size[0]
-                elif 0x80 < length and 1 == byte_len:  # small size
-                    length = data[2]
+    def is_asn1(data: Union[bytes, bytearray]) -> int:
+        """Only sequence type 0x30 and size correctness are checked
+        Returns size of ASN1 data over 128 bytes or 0 if no interested data
+        """
+        if isinstance(data, (bytes, bytearray)) and 2 <= len(data) and 0x30 == data[0]:
+            # https://www.oss.com/asn1/resources/asn1-made-simple/asn1-quick-reference/basic-encoding-rules.html#Lengths
+            length = data[1]
+            if 0x80 == length:
+                if data.endswith(b"\x00\x00"):
+                    # assume, all data are ASN1 of various size
+                    return len(data)
                 else:
-                    byte_len = 0
-                return len(data) == length + 2 + byte_len
-        return False
+                    # skip the case where the ASN1 size is smaller than the actual data
+                    return 0
+            elif 0x80 < length:
+                byte_len = 0x7F & length
+                len_limit = 2 + byte_len
+                if 4 >= byte_len and len(data) >= len_limit:
+                    length = 0
+                    for i in range(2, len_limit):
+                        length <<= 8
+                        length |= data[i]
+                    if len(data) >= length + len_limit:
+                        return length + len_limit
+                else:
+                    # unsupported huge size
+                    return 0
+            else:
+                # less than 0x80
+                if len(data) >= length + 2:
+                    return length + 2
+        return 0
 
     @staticmethod
     def is_html(data: Union[bytes, bytearray]) -> bool:
@@ -540,12 +580,12 @@ class Util:
     @staticmethod
     def is_eml(data: Union[bytes, bytearray]) -> bool:
         """According to https://datatracker.ietf.org/doc/html/rfc822 lookup the fields: Date, From, To or Subject"""
-        if isinstance(data, (bytes, bytearray)):
-            if (b"\nDate:" in data or data.startswith(b"Date:")) \
-                    and (b"\nFrom:" in data or data.startswith(b"From:")) \
-                    and (b"\nTo:" in data or data.startswith(b"To:")) \
-                    and (b"\nSubject:" in data or data.startswith(b"Subject:")):
-                return True
+        if isinstance(data, (bytes, bytearray)) \
+                and (b"\nDate:" in data or data.startswith(b"Date:")) \
+                and (b"\nFrom:" in data or data.startswith(b"From:")) \
+                and (b"\nTo:" in data or data.startswith(b"To:")) \
+                and (b"\nSubject:" in data or data.startswith(b"Subject:")):
+            return True
         return False
 
     @staticmethod
@@ -658,10 +698,13 @@ class Util:
         result = ast.unparse(src).splitlines()
         return result
 
+    PEM_CLEANING_PATTERN = re.compile(r"\\[tnrvf]")
+    WHITESPACE_TRANS_TABLE = str.maketrans('', '', string.whitespace)
+
     @staticmethod
     def decode_base64(text: str, padding_safe: bool = False, urlsafe_detect=False) -> bytes:
         """decode text to bytes with / without padding detect and urlsafe symbols"""
-        value = text
+        value = text.translate(Util.WHITESPACE_TRANS_TABLE)
         if padding_safe:
             pad_num = 0x3 & len(value)
             if pad_num:
@@ -672,6 +715,38 @@ class Util:
             decoded = base64.b64decode(value, validate=True)
         return decoded
 
+    @staticmethod
+    def load_pk(data: bytes, password: Optional[bytes] = None) -> Optional[PrivateKeyTypes]:
+        """Try to load private key from PKCS1, PKCS8 and PKCS12 formats"""
+        with contextlib.suppress(Exception):
+            # PKCS1, PKCS8 probes
+            private_key = load_der_private_key(data, password)
+            return private_key
+        with contextlib.suppress(Exception):
+            # PKCS12 probe
+            private_key, _certificate, _additional_certificates = load_key_and_certificates(data, password)
+            return private_key
+        return None
+
+    RANDOM_DATA = random.randbytes(20)
+
+    @staticmethod
+    def check_pk(pkey: PrivateKeyTypes) -> bool:
+        """Check private key with encrypt-decrypt random data"""
+        if isinstance(pkey, (EllipticCurvePrivateKey, DSAPrivateKey, Ed448PrivateKey, Ed25519PrivateKey, DHPrivateKey,
+                             X448PrivateKey, X25519PrivateKey)):
+            # One does not simply perform check the keys
+            return True
+        if isinstance(pkey, (EllipticCurvePublicKey, DSAPublicKey, Ed448PublicKey, Ed25519PublicKey, DHPublicKey,
+                             X448PublicKey, X25519PublicKey)) or not pkey:
+            # These aren't the keys we're looking for
+            return False
+            # DSA, RSA
+        pd = padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA1()), algorithm=hashes.SHA1(), label=None)
+        ciphertext = pkey.public_key().encrypt(Util.RANDOM_DATA, padding=pd)
+        refurb = pkey.decrypt(ciphertext, padding=pd)
+        return bool(refurb == Util.RANDOM_DATA)
+
     @staticmethod
     def get_chunks(line_len: int) -> List[Tuple[int, int]]:
         """Returns chunks positions for given line length"""

{credsweeper-1.11.3.dist-info → credsweeper-1.11.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: credsweeper
-Version: 1.11.3
+Version: 1.11.5
 Summary: Credential Sweeper
 Project-URL: Homepage, https://github.com/Samsung/CredSweeper
 Project-URL: Bug Tracker, https://github.com/Samsung/CredSweeper/issues
@@ -37,6 +37,7 @@ Requires-Dist: python-dateutil
 Requires-Dist: python-docx
 Requires-Dist: python-pptx
 Requires-Dist: pyyaml
+Requires-Dist: rpmfile
 Requires-Dist: whatthepatch
 Requires-Dist: xlrd
 Description-Content-Type: text/markdown
@@ -140,11 +141,7 @@ cat output.json
                 "value_start": 12,
                 "value_end": 19,
                 "variable": "password",
-                "entropy_validation": {
-                    "iterator": "BASE64_CHARS",
-                    "entropy": 2.120589933192232,
-                    "valid": false
-                }
+                "entropy": 2.12059
             }
         ]
     }

{credsweeper-1.11.3.dist-info → credsweeper-1.11.5.dist-info}/RECORD

@@ -1,9 +1,9 @@
-credsweeper/__init__.py,sha256=L-vND0eGgSHFmpgZGvaEciE_TKM0FcH5DDa2yQdb9gQ,632
-credsweeper/__main__.py,sha256=iYL8byo3Ytq_RYqhF8kS4bFKzTGltDj93PCYGwZ72ZA,17244
-credsweeper/app.py,sha256=M0f6G97lsF2JALkr4IwQEKSZ__JicJGhOrgNmNDanyQ,21633
+credsweeper/__init__.py,sha256=S6PVgyvVpXL4kDDCKSMW68iD69swkC7zB295w-9P8_U,632
+credsweeper/__main__.py,sha256=W8T3LHhTjzdsn7tYXX9_cPRfgnNX1_Qr02Mw_s2IfQM,17221
+credsweeper/app.py,sha256=GSKNb-sR7N4qTnZAyDsYVLmQm0zVMyQb4fQrxYLJfsk,20917
 credsweeper/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 credsweeper/common/__init__.py,sha256=mYiHEDV0hSeWcFx0Wb8oIRDCPR92ben0mCuC9-gCTgI,184
-credsweeper/common/constants.py,sha256=plBHrIVfj4CBpymIgLxTPiYr66_By3QKlgCoHYVKPLc,5534
+credsweeper/common/constants.py,sha256=ZCE5VCpCMx1qmhVEfh2VYmjofQfaYzVip-ej0qJEPT8,5475
 credsweeper/common/keyword_checklist.py,sha256=6EKNdMMryZykedAOhEc-MF1byi5oXmAiljq61T_nco4,2258
 credsweeper/common/keyword_checklist.txt,sha256=a8GW-wF6D83uVFYxMWEsUFlth6c1B_KDpF8_Xpj0mE8,7169
 credsweeper/common/keyword_pattern.py,sha256=ZBJshY8hEP8CUFWQIrqQHcSLwPnUBTblNgFMOEoYUCY,3285
@@ -14,26 +14,31 @@ credsweeper/credentials/__init__.py,sha256=bn7BEgGqKcwlCLi5-7_sXlBmIpK7s5RrNcG_e
 credsweeper/credentials/augment_candidates.py,sha256=0YGjpTYRWQpzJcxpvOt_ytKBOWtHkOdMIHbMnJX22Ag,802
 credsweeper/credentials/candidate.py,sha256=a6CNNKqCEnOm_EEHVFBPGOgqheXegvTDh1TWL_gT-KQ,5508
 credsweeper/credentials/candidate_group_generator.py,sha256=rN_c4-ogPz0h-z2aPgzbu0hUz68L69xfd9oyzkooTUc,1243
-credsweeper/credentials/candidate_key.py,sha256=uaO4YzDs-NdYg0sAM7F7x7uoSLHOitJTAOZYHgvxfYY,913
-credsweeper/credentials/credential_manager.py,sha256=CjZ4_fd-tK2hobxASOf5vTOPzdpGmzpJYqxCpt1_La0,4149
-credsweeper/credentials/line_data.py,sha256=dLP-zViA7nfPVPn5b4HlK4-a6sdeD7FWJDluCsXKG9w,20647
+credsweeper/credentials/candidate_key.py,sha256=NsYGPqqjfm6z2MGtcQbiUGiWmKUCuzflXlZYf_vn_84,917
+credsweeper/credentials/credential_manager.py,sha256=cHEfIs2xb3n400D5Q6AC5CDM9jzzK_Fcb-VKVRh_H2U,4187
+credsweeper/credentials/line_data.py,sha256=8-9sgK3n1gMg_L63Ked8f5PlIpimWTqnYCNCEmx6WZ0,20622
 credsweeper/deep_scanner/__init__.py,sha256=Lp94BjQPZTgEa77E0v6xZaXZvQf2A-QTHsjqCzZxUFw,62
-credsweeper/deep_scanner/abstract_scanner.py,sha256=fVS-IuR_9A2vVmAiEzlMund3VnrTOZv4bAXvIUgB11k,1725
+credsweeper/deep_scanner/abstract_scanner.py,sha256=oLT2bNof-5-sycXPHYpLKlfe2ULhU1lQCGk0BcD_6-s,15794
 credsweeper/deep_scanner/byte_scanner.py,sha256=oHeA8mGe995SHqWvONhTDBIE5j50TQASHA9Mv6LHYuQ,1125
 credsweeper/deep_scanner/bzip2_scanner.py,sha256=74RsjmeuffEuxmKl04lXIZt3q_Zvxj-gLHXACqVSU_o,1619
-credsweeper/deep_scanner/deep_scanner.py,sha256=OQzMAs78vFJl2rZlIxu-puhv-ssToWigZlMTMPFXndY,17936
+credsweeper/deep_scanner/deb_scanner.py,sha256=oX7xR_yl8JIno_n087RO1mD2mXrkKsOaFfkAqqiUFgg,2485
+credsweeper/deep_scanner/deep_scanner.py,sha256=urWeFHeZrDgZmnNlSoFSPmtbDJowr1ukNUd9GiRcJ6s,6289
 credsweeper/deep_scanner/docx_scanner.py,sha256=_xIuw5SkGU1wO_9C3fXVycM-iSmU9qUzWa53etuFvMI,4153
 credsweeper/deep_scanner/eml_scanner.py,sha256=iRLr2yvBWGktT2oXxl-haqnhJN3tglO1Mej10hFk0as,3512
 credsweeper/deep_scanner/encoder_scanner.py,sha256=ULv9AgfG_ZLCYYgyUeQicna9u1i-rlmOiE4euvqahmY,1315
-credsweeper/deep_scanner/gzip_scanner.py,sha256=jIOHZ9oYBV_LIzJjY5JU6NgbGhrLg2rbOYp3X-iv4QU,1696
+credsweeper/deep_scanner/gzip_scanner.py,sha256=DwG3rSC2YxvE6aTiSKDXoqMSM1wCag_1AX2NYnDQYTM,1695
 credsweeper/deep_scanner/html_scanner.py,sha256=Mh6gUxvlMnI4Kys7V8ZBBExQSsOYqYUbil7FYiXX4lc,1486
+credsweeper/deep_scanner/jclass_scanner.py,sha256=yv1An74TYSLQPil3BAL7emc2rgE1zB6Kbb3NOo65eBk,2971
 credsweeper/deep_scanner/jks_scanner.py,sha256=1BqHfOmqcznrhMN-9aH-L8yamIAj72OYr7_DBuuj0_c,1867
 credsweeper/deep_scanner/lang_scanner.py,sha256=6d_n3Gjj8HPvNayalDn48QGbRMofmOwFUyS6V8JQsVU,1340
 credsweeper/deep_scanner/lzma_scanner.py,sha256=RTx9AdIJNblKupXLtO-K6vz8RBO9z_vYc0A15Ij0db4,1693
 credsweeper/deep_scanner/mxfile_scanner.py,sha256=Qq2-9nfqYr63chDzzKsMIyHKvagPcWIpF4ngLFGwLyM,2098
+credsweeper/deep_scanner/patch_scanner.py,sha256=f371z_6-fxl5AESWB3BGU7_mozfHwTF3NdsaHFB8MME,2255
 credsweeper/deep_scanner/pdf_scanner.py,sha256=LMyIoVJPNFOFnAfcZ5Akr7PTWSUBNPT6GtQB1U5hI0g,3048
-credsweeper/deep_scanner/pkcs12_scanner.py,sha256=49UbyYxAXnqFQdyrGqHUMKWDL_sGMgAZM6sZ8hYGUIk,2082
+credsweeper/deep_scanner/pkcs_scanner.py,sha256=nUdCUuCaYn5hGTFtcYhmFZSgLTw0UHaSTjh6UFz5l88,1734
 credsweeper/deep_scanner/pptx_scanner.py,sha256=aMX6GgnUEShonHjlqhaI5w970b-2yxmKsld5kY1XdeQ,1828
+credsweeper/deep_scanner/rpm_scanner.py,sha256=MyLQMBxdAatum5_zRNK9VFbqXJ9u16xqf3jmjUm4TUM,2288
+credsweeper/deep_scanner/sqlite3_scanner.py,sha256=9XaFTtSZoiaKKPIrDpxDsFIh8m3wILR3c2927dWgXCQ,3510
 credsweeper/deep_scanner/tar_scanner.py,sha256=L3a9OUhQQweDNLVbe_LNLhldtVeU8DlS0Ux3ip_KN2w,2425
 credsweeper/deep_scanner/tmx_scanner.py,sha256=6BsMysSSSJrxtssh4bf1e4vwpps7yXDDvByFkyLhC_o,1946
 credsweeper/deep_scanner/xlsx_scanner.py,sha256=Ck8j14OWy9LTXK0GBASCdPq9VhZe5ceUv0uZShFFpo8,2706
@@ -42,18 +47,18 @@ credsweeper/deep_scanner/zip_scanner.py,sha256=rWNV43OV8FTpXGMkAlRCwnnaJ-WdiIpre
 credsweeper/file_handler/__init__.py,sha256=fAQvFQvgPQ7lAPVjPWmAdKArRCS5pB4QEk01jkVVB-E,662
 credsweeper/file_handler/abstract_provider.py,sha256=sl0XrlbRDak885UzD7HBruXAD9vJHso-glqI_ekZxuo,1437
 credsweeper/file_handler/analysis_target.py,sha256=FEznSNcUbTaqGa3ZKy8FusdqDR7CxFX1fwIrA_LdwoY,2752
-credsweeper/file_handler/byte_content_provider.py,sha256=o_oNK6ovAhKJGw8C4gDDYrtqMQ_ErsEL5_HVOjshEi4,1926
-credsweeper/file_handler/content_provider.py,sha256=ZMhEa83HZHGFTNhFVq_qhdd00GLYm6vlybk9XIk7EQc,3890
-credsweeper/file_handler/data_content_provider.py,sha256=r2mUG4iwPwOmwfIU05Ei4SvN7JC1vYiYBWWrEeYoQYg,17665
+credsweeper/file_handler/byte_content_provider.py,sha256=aqYndCeDSF1BLEYUzwcl3BASuuUr1vlU6l-Eo73eEw4,1930
+credsweeper/file_handler/content_provider.py,sha256=HYlAL1wRZeQe49upKt4_Y00Gsja88jWKeIeNbkm2hR0,3888
+credsweeper/file_handler/data_content_provider.py,sha256=fKeScBiHxC4Fj4Ty48HoMFI3eK_t3RKYrBFCNUwkhDc,17662
 credsweeper/file_handler/descriptor.py,sha256=LQHjzmRL0fl8mlKwA--Nl_D4mKFtg9VsUJnWZqtjFhU,185
-credsweeper/file_handler/diff_content_provider.py,sha256=-gwyWJU62F0EpiUP5HH1WgaoP2_e3nRA0Fu4he6YcVQ,3209
-credsweeper/file_handler/file_path_extractor.py,sha256=I_gPZSw1s-QSsa0ynVEfveGvRyHqVAifYk4V76pWcHo,6907
-credsweeper/file_handler/files_provider.py,sha256=YiRHzGocdexXd3qgMEwkqahMMUrN5gc0ivOEUCjD1_U,2652
-credsweeper/file_handler/patches_provider.py,sha256=BWIxWsEYwwWGPweA6BrKP3q412kzmJOm1g8bhCrk4B4,2885
-credsweeper/file_handler/string_content_provider.py,sha256=OlLF-c40zGkCulPZwzHfTElF65Z7G3XKQfpCe5aBKLw,2477
-credsweeper/file_handler/struct_content_provider.py,sha256=_RfQ_JEJprn5haOLlzAYwabCHT4Pdm8VXc3KhTwaQ40,1593
-credsweeper/file_handler/text_content_provider.py,sha256=FHzwtlPsRHBJwHW0p9AumPe-iTv671K-N7A5QlSolDM,2999
-credsweeper/filters/__init__.py,sha256=EwLbbc2pXwAhSSJx0QXBcujRkP4Py6Fnf3MNm6ZkngQ,3267
+credsweeper/file_handler/diff_content_provider.py,sha256=FtlHa7Y5LrXrzQNFOeRhVqQjtbWe0m82wmXHHjPXntw,3209
+credsweeper/file_handler/file_path_extractor.py,sha256=lSwbl2Q4eTEo8U-SghzijoFL6H0q3W7LtE-iGF3Qkvg,6889
+credsweeper/file_handler/files_provider.py,sha256=qpaIQw9JWGrxv-mQyD_1KPoWppyaZYaBoZJDt3DykFU,2569
+credsweeper/file_handler/patches_provider.py,sha256=uI7UoN8R2DA1ZB4u-Y2bF2YcIU4-wA1g7eAQTavApE0,3121
+credsweeper/file_handler/string_content_provider.py,sha256=e7mHLwa5bkHthI3hr5pP7ZlyoFfPeeVbmTAlZG2-xB4,2481
+credsweeper/file_handler/struct_content_provider.py,sha256=H1ZhSosaWJEOtzWYC1rve0glrJUu2UDYjmOx-9DDNxs,1595
+credsweeper/file_handler/text_content_provider.py,sha256=5Qg_4LIYB3O4MZo4Gqtno4o8rPU2hPy6tOR_7wS87Kw,3003
+credsweeper/filters/__init__.py,sha256=PxkARBwh1n8dIi5vtAXn7INdxA0YlLbaAoYfoEwU_UA,3345
 credsweeper/filters/filter.py,sha256=CqZbTsIDNVVwQyOjNekgNr_i1nPS4foutm0AvGAjM5M,826
 credsweeper/filters/line_git_binary_check.py,sha256=G5N-woSLXC1mdiD80AhXbOpJCjGwtvFwFwMmRu87qlY,1595
 credsweeper/filters/line_specific_key_check.py,sha256=rM66tPmUCXPaCUpNokIkJukOyxOL4FB8ig74ezYrbBs,1536
@@ -64,8 +69,8 @@ credsweeper/filters/value_atlassian_token_check.py,sha256=rAuMC5JUxnXZwPxoKtrwFV
 credsweeper/filters/value_azure_token_check.py,sha256=GlIqmzinjtQ4GU8-_ZyFTM2uo1ylRxRFKqnJaW_0110,1946
 credsweeper/filters/value_base32_data_check.py,sha256=nS_X5vb5e0fXnjxGjyGE9wedmAj6B14AG8dEjRClREQ,1390
 credsweeper/filters/value_base64_data_check.py,sha256=J5dMgJsfs13MxijOMqGLYU8PZz5eEDUBrWVKp0mE3T0,1449
-credsweeper/filters/value_base64_encoded_pem_check.py,sha256=sX80Uo_7b7HQm4KjNkRHqB8FQvxuuvMLhxAUalSQeaU,1607
-credsweeper/filters/value_base64_key_check.py,sha256=6JrIGNphjM9gN8oi1OKyvm4MUvvLxsQPxGP5BkaTC1w,2131
+credsweeper/filters/value_base64_encoded_pem_check.py,sha256=k7J6FY3SCdgnHRkoSCPMKcUgyTOOTl4t4tHZI6hvSiA,1600
+credsweeper/filters/value_base64_key_check.py,sha256=yu3j34TT5dv-ttRS5bGEqgl0AWS414O2Knqn9tKtTSE,1904
 credsweeper/filters/value_base64_part_check.py,sha256=wV_qGv9xK4H8EB903Qw5xbVtjAQ19ZZKhhHFoQ53AT8,4958
 credsweeper/filters/value_blocklist_check.py,sha256=CSsD68QRF1zFLM2MB5pGRRs95O8IepZ9AUZYdxlBf-c,1145
 credsweeper/filters/value_camel_case_check.py,sha256=cCBogfL5X9ufAbkl5QwqN6qvHz4XYaeaENC6ew4m4Ac,1233
@@ -75,7 +80,7 @@ credsweeper/filters/value_dictionary_value_length_check.py,sha256=lQj6pmKitFJXqB
 credsweeper/filters/value_discord_bot_check.py,sha256=Zv8SIkYGvd2mn6MGo4JGH-amGnJJBXqa992aQ9ZXlK4,1480
 credsweeper/filters/value_entropy_base32_check.py,sha256=PKFp6eOXZ8yiK00JNxWPbxw4LnAeE16u39ePNozTGEg,642
 credsweeper/filters/value_entropy_base36_check.py,sha256=ZHa_AUtskBCmfhUQwjgkolB1OuB2t1GRDi8SDl7o_A8,651
-credsweeper/filters/value_entropy_base64_check.py,sha256=7q-lGKp0SvWz4ZE_iD2aajVkIU6CtYaxRuyye2VLdh0,908
+credsweeper/filters/value_entropy_base64_check.py,sha256=Kp6AU1rOqEnO4MJ7xoQhMSbvoJKMBBcEQvZz_JsX_kY,812
 credsweeper/filters/value_entropy_base_check.py,sha256=Z4ymeTPs5tPL37BtQQe05yp6kyY8c_caYZXwpOF9-ZU,1241
 credsweeper/filters/value_file_path_check.py,sha256=2hwqr2xCwzuL6Ya6X1uyClQld0RSMBGRJvAJCKPcRzw,3512
 credsweeper/filters/value_github_check.py,sha256=nRYvTxvhFo2PCMwneg5K4I7gJ3tBNzOOYDEhun0pxwg,1441
@@ -83,13 +88,14 @@ credsweeper/filters/value_grafana_check.py,sha256=4wagCuVCSDoO5Kc0-U4Y7eUvBlYUAJ
 credsweeper/filters/value_grafana_service_check.py,sha256=fL8v4pXS-GopeE_WKNB6rlm9XFzdNapCxO5dH0Z14B4,1133
 credsweeper/filters/value_hex_number_check.py,sha256=XuMw6zBQP4WQoH3Y7a4DZnKMVVVC09_bAfB21I8FBfA,976
 credsweeper/filters/value_jfrog_token_check.py,sha256=jugEhQBRjd6Zb9VYoQqBlki1TyeNoupIrzXB-frpjho,1656
+credsweeper/filters/value_json_web_key_check.py,sha256=KegWqDC3oSi5FgsBWd2kH_GrojBSWwV9NPqHiZxfh7A,1325
 credsweeper/filters/value_json_web_token_check.py,sha256=Tvu0rsb8NJ2jnZc5EWZ_dbJCQZlSDdBoGpB0WM18n64,2829
 credsweeper/filters/value_last_word_check.py,sha256=ZEJ-pqpMLSBQE_bCz325WZK5g_fXbfk6bv5Csz0J_MM,900
 credsweeper/filters/value_method_check.py,sha256=mkTmSGnQBKtELTpNrKh6v_5VyORrVLVH8Zps7nJI4e4,1113
 credsweeper/filters/value_not_allowed_pattern_check.py,sha256=Hq0ToZ_XL70N4CAwbSG0XD9mRTsqIhTqgT5YWlgfwwg,1178
 credsweeper/filters/value_not_part_encoded_check.py,sha256=LyebBZlR1aXFkOSDOq1jnqJKLDmEI8nHr5OXa3J09b0,3805
 credsweeper/filters/value_number_check.py,sha256=UxRQ24XFKPpEbpkOH3_YgrrBSBTeP9WwYRGWB9Ez-V0,1130
-credsweeper/filters/value_pattern_check.py,sha256=OJLm6h7nIXjrN0JMgh3e49_WZo8hwGdaTcz9nd6VKgE,3998
+credsweeper/filters/value_pattern_check.py,sha256=sPl2c_bmucUj4VCBgAHM6q4YixQcfrjrJR0HDmmIFKM,5375
 credsweeper/filters/value_similarity_check.py,sha256=qa2NPSpyP8RIqllXIlky66Bk85PDU2ss_dQW-vcm3Qw,1172
 credsweeper/filters/value_split_keyword_check.py,sha256=MY-EZmHSYzuglxVug9MQYtwWlMTAAwr1L3lyaOaT6VE,1113
 credsweeper/filters/value_string_type_check.py,sha256=QmgniKlNTPKB4fLrvj9QxMmt8yQkmB9gxtZv50J4YYI,1985
@@ -112,11 +118,11 @@ credsweeper/logger/logger.py,sha256=E427IHUgX5jOCUKYlXKwQiyXNIUSYBpP45ldNCfVjFw,
 credsweeper/ml_model/__init__.py,sha256=Bvw_WgOmNwzFrBP0tKgWapasYcU7IRT0zMpbmWD6DwU,58
 credsweeper/ml_model/ml_config.json,sha256=QDPNRl-QT9TY7NPgOjjsekDdPvxI3IZkyXcr5VSa6eY,16049
 credsweeper/ml_model/ml_model.onnx,sha256=1z_vsA2d74qvEUfDDxGGsWmUvRLotd7AM1C7QlkO1bE,10979845
-credsweeper/ml_model/ml_validator.py,sha256=DcvoRh361ussH7YfUcqdE4EqCCqxpC0G0_ofGVVbRLw,11924
+credsweeper/ml_model/ml_validator.py,sha256=ROAMlC394DCVNqqXxqT8y-jbx9y1oKuWY9yMvzFJjZI,12881
 credsweeper/ml_model/features/__init__.py,sha256=OtWcKTbXsM4hi4P8G6f-T_FC6pQVOz_le2FbN2Kak1c,1020
 credsweeper/ml_model/features/entropy_evaluation.py,sha256=Mzv6bSui2XbX-WBLHk0gI0x_9RHgRjM7n9ep0VfDCIw,2605
 credsweeper/ml_model/features/feature.py,sha256=6qYXKh1vDC0rgFn1zrXsCbr52W4r3jL6Ju1UUECBPWY,1094
-credsweeper/ml_model/features/file_extension.py,sha256=aHtoatjQ9YkKd47Y-3HEDn4-JrCuRmaxmcnPhXqX60Y,694
+credsweeper/ml_model/features/file_extension.py,sha256=9kpw5bIk4i6vUZlcw8LMSivViSK_Y1u7crQsIuWcsOk,692
 credsweeper/ml_model/features/has_html_tag.py,sha256=ZvcW1gU1_v9iMjb4ho1a3jHbWioOxtggCc1ZqmtSWl8,1116
 credsweeper/ml_model/features/is_secret_numeric.py,sha256=eSI2glS_WdFuozX5E7YbFoF7gZlFHu1zj4dd8nJpSrk,401
 credsweeper/ml_model/features/length_of_attribute.py,sha256=8H4Zc1mOjGXV5mwZkjvCt7xKKiiKPIEJDBhdlz8j3PE,1192
@@ -131,23 +137,23 @@ credsweeper/ml_model/features/word_in_transition.py,sha256=SgG8D37lXnDaFOKagi9lb
 credsweeper/ml_model/features/word_in_value.py,sha256=QCVJRpcqEg-xC9a94fppqQbvReQLZSHNi0Zrtmr9Ul0,571
 credsweeper/ml_model/features/word_in_variable.py,sha256=aETM5N2AF7FJhmrzLYDvMpKt-K1D8J0ZULxsgSRMXPU,534
 credsweeper/rules/__init__.py,sha256=alXS8IivUs-AKKbVHiWvSjFpg1urJZLKItuFr61HHyg,40
-credsweeper/rules/config.yaml,sha256=UpeAYbZWulS1TV2eRDv2jor1s9Jndi15DHmV-6hQWiM,38281
-credsweeper/rules/rule.py,sha256=rU6vJ4cVoeAZdUMWalRTMuAdRuYgFxeTltvSYUJRHOU,10224
+credsweeper/rules/config.yaml,sha256=CkhTgmi97QSPT7ZyL1n_mJKg9rdJYXUBeMs5U3e9SVw,39122
+credsweeper/rules/rule.py,sha256=JyK712m75E4ALxq7gEh_ex_b0MZvC0Bw2_2pzeAoLFY,10209
 credsweeper/scanner/__init__.py,sha256=KUh1uUEgZOd12DiXV-TQP3OvByI9tsyqN1KCdw994h8,48
 credsweeper/scanner/scanner.py,sha256=2znRjqV9Mx4D0z9elUslOQIoLbfDybu1hF1TEaRzTkc,10127
 credsweeper/scanner/scan_type/__init__.py,sha256=JHOdDZv5bmGsj0dhIiApvjcFzQ8LYkCQdWmhxAs4lgI,288
-credsweeper/scanner/scan_type/multi_pattern.py,sha256=VUEkwry19FMdb8wlQ-znfaTGoCf9gR6Fx-i19B3kZnI,3872
+credsweeper/scanner/scan_type/multi_pattern.py,sha256=IArPTLKfi3FYNoHq9OYVUjrrT7wHZwSCTPrpl8SP1IQ,3816
 credsweeper/scanner/scan_type/pem_key_pattern.py,sha256=R_rxKS-cx79g08BOdnhHUyDU9_je3qQuPsVPqEMPB18,1501
 credsweeper/scanner/scan_type/scan_type.py,sha256=AtKfIsYgvxmHp508j3DfwiEDp0zD77YPzYjrrwKy1no,9396
 credsweeper/scanner/scan_type/single_pattern.py,sha256=TCbjbeK0NrWzU6eBMZqHjYXo3xAfc0a7z3HDbbyHY-c,954
-credsweeper/secret/config.json,sha256=7pZiSBQtINsgE3Qc8V9peznH5wBCzSmkrZaVZLuWVe8,3504
+credsweeper/secret/config.json,sha256=X1sr2kXBfmr_9-6qZ1t3aCzg5Cv-rGQaZsZqxeVi99o,3501
 credsweeper/secret/log.yaml,sha256=h29atN5Kvk68oKuTYG2Mi4f2uNO3dvwhOkzCRBKo1rg,952
 credsweeper/utils/__init__.py,sha256=wPdTkrSBAkR3rppFZ68k6MiT_P7tIHuAb3AcwndJCWg,63
-credsweeper/utils/hop_stat.py,sha256=0D7xB1CVAUhseOZWvLZXxn3MYHKZnfnFJ8hj7tONiyU,2978
-credsweeper/utils/pem_key_detector.py,sha256=JQex5KxQfWBP7SvhX2qf6tlQcma9a9yvsvDJX13EZe0,7633
-credsweeper/utils/util.py,sha256=Me-fEpM8hQPERl-YV1MN2B-NARHTLwE1obSiqZq3h68,28730
-credsweeper-1.11.3.dist-info/METADATA,sha256=PvTMsbARLWplOGHVaz4LwYgaO0IDruIsqlfo2azA_gE,10504
-credsweeper-1.11.3.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-credsweeper-1.11.3.dist-info/entry_points.txt,sha256=SLGNZshvi3zpWPhVmRP-oDXRMRPBS4tzRDy6xYOXwqA,58
-credsweeper-1.11.3.dist-info/licenses/LICENSE,sha256=aU7mGjBKbmRHNLVXXzcPdKmTtBxRwDPtjflQRfN7fFg,1065
-credsweeper-1.11.3.dist-info/RECORD,,
+credsweeper/utils/hop_stat.py,sha256=vMd_1lcpDo4yaFhi61X0tJeeE83qUbzPckvxZcrgsgs,3010
+credsweeper/utils/pem_key_detector.py,sha256=Z0vFTF8pELCW2O4vgRH5rQhnM_XcndFxo_r4KVP3XA0,7566
+credsweeper/utils/util.py,sha256=xyO4kZt99fAe3Ui5uCgo__rrOJkQbKTI94v8YdH5hhc,32625
+credsweeper-1.11.5.dist-info/METADATA,sha256=lAAy2KsTBbtiXBHOXru5UPiF2NBu-xsZjzCpcuSgvHU,10371
+credsweeper-1.11.5.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+credsweeper-1.11.5.dist-info/entry_points.txt,sha256=SLGNZshvi3zpWPhVmRP-oDXRMRPBS4tzRDy6xYOXwqA,58
+credsweeper-1.11.5.dist-info/licenses/LICENSE,sha256=aU7mGjBKbmRHNLVXXzcPdKmTtBxRwDPtjflQRfN7fFg,1065
+credsweeper-1.11.5.dist-info/RECORD,,

credsweeper/deep_scanner/pkcs12_scanner.py

@@ -1,45 +0,0 @@
-import logging
-from abc import ABC
-from typing import List, Optional
-
-import cryptography.hazmat.primitives.serialization.pkcs12
-
-from credsweeper.credentials import Candidate
-from credsweeper.deep_scanner.abstract_scanner import AbstractScanner
-from credsweeper.file_handler.data_content_provider import DataContentProvider
-
-logger = logging.getLogger(__name__)
-
-
-class Pkcs12Scanner(AbstractScanner, ABC):
-    """Implements pkcs12 scanning"""
-
-    def data_scan(
-            self,  #
-            data_provider: DataContentProvider,  #
-            depth: int,  #
-            recursive_limit_size: int) -> Optional[List[Candidate]]:
-        """Tries to scan PKCS12 to open with standard password"""
-        for pw_probe in self.config.bruteforce_list:
-            try:
-                (private_key, _certificate, _additional_certificates) \
-                    = cryptography.hazmat.primitives.serialization.pkcs12.load_key_and_certificates(data_provider.data,
-                                                                                                    pw_probe.encode())
-                # the password probe has passed, it will be the value
-                value = pw_probe or "<EMPTY PASSWORD>"
-                info = (f"{data_provider.info}|PKCS12:"
-                        f"'{value}' {'sensitive data' if private_key else 'default password'}")
-                candidate = Candidate.get_dummy_candidate(
-                    self.config,  #
-                    data_provider.file_path,  #
-                    data_provider.file_type,  #
-                    info,  #
-                    "PKCS12")
-                candidate.line_data_list[0].line = f"'{value}' is the password"
-                candidate.line_data_list[0].value = value
-                candidate.line_data_list[0].value_start = 1
-                candidate.line_data_list[0].value_end = 1 + len(candidate.line_data_list[0].value)
-                return [candidate]
-            except Exception as pkcs_exc:
-                logger.debug(f"{data_provider.file_path}:{pw_probe}:{pkcs_exc}")
-        return None