Skip to content
This repository was archived by the owner on Sep 17, 2025. It is now read-only.

Commit aca2cf1

Browse files
real-LiHuareal-LiHua
committed
feat(keyboxchecker/__init__.py): verify private key
1 parent 6b6988b commit aca2cf1

File tree

1 file changed

+10
-2
lines changed

1 file changed

+10
-2
lines changed

keyboxchecker/__init__.py

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@
1313
from cryptography.hazmat.primitives.asymmetric import ec, padding
1414
from cryptography.hazmat.primitives.serialization import (
1515
Encoding,
16-
PublicFormat,
16+
PublicFormat,load_pem_private_key,
1717
load_pem_public_key,
1818
)
1919
from defusedxml.ElementTree import ParseError, parse
@@ -80,6 +80,13 @@ def main(args):
8080
except ParseError:
8181
rmjob.append(kb)
8282
continue
83+
try:
84+
public_key = load_pem_private_key(
85+
root.find(".//PrivateKey").text.strip().encode(), password=None
86+
).public_key()
87+
except ValueError:
88+
rmjob.append(kb)
89+
continue
8390
try:
8491
pem_number = int(
8592
root.find(
@@ -95,11 +102,12 @@ def main(args):
95102
except AttributeError:
96103
rmjob.append(kb)
97104
continue
98-
99105
try:
100106
certificate = x509.load_pem_x509_certificate(
101107
pem_certificates[0].encode()
102108
)
109+
if certificate.public_key() != public_key:
110+
raise ValueError
103111
except ValueError:
104112
rmjob.append(kb)
105113
continue

0 commit comments

Comments
 (0)