chore: encode private key to bypass gitleaks

adamdecaf · adamdecaf · commit 3f4aac3f24bd · 2023-05-02T09:54:20.000-05:00
I don't think gitleaks allows excluding a filepath with CLI flags yet.
diff --git a/.gitignore b/.gitignore
@@ -23,4 +23,6 @@ _testmain.go
 *.test
 *.prof
 
+/bin/
+/gitleaks.tar.gz
 /lint-project.sh
diff --git a/signedxml.go b/signedxml.go
@@ -8,16 +8,12 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"log"
-	"os"
 	"strings"
 
 	"github.com/beevik/etree"
 	dsig "github.com/russellhaering/goxmldsig"
 )
 
-var logger = log.New(os.Stdout, "DEBUG-SIGNEDXML: ", log.Ldate|log.Ltime|log.Lshortfile)
-
 func init() {
 	hashAlgorithms = map[string]crypto.Hash{
 		"http://www.w3.org/2001/04/xmldsig-more#md5":    crypto.MD5,
@@ -75,7 +71,7 @@ type CanonicalizationAlgorithm interface {
 
 	// Process is called to transform a string containing XML text using the implementing
 	// algorithm. The inputXML parameter should contain a complete XML Document. It is not
-	// correct to use this function on XML fragments. Retained for backward compatability.
+	// correct to use this function on XML fragments. Retained for backward comparability.
 	// Use ProcessElement or ProcessDocument if possible.
 	Process(inputXML string, transformXML string) (outputXML string, err error)
 }
@@ -336,10 +332,6 @@ func calculateHash(reference *etree.Element, doc *etree.Document) (string, error
 		return "", err
 	}
 
-	// ioutil.WriteFile("C:/Temp/SignedXML/Suspect.xml", docBytes, 0644)
-	// s, _ := doc.WriteToString()
-	// logger.Println(s)
-
 	h.Write(docBytes)
 	d := h.Sum(nil)
 	calculatedValue := base64.StdEncoding.EncodeToString(d)
diff --git a/signedxml_test.go b/signedxml_test.go
@@ -2,6 +2,7 @@ package signedxml
 
 import (
 	"crypto/x509"
+	"encoding/base64"
 	"encoding/pem"
 	"fmt"
 	"io/ioutil"
@@ -17,7 +18,8 @@ func TestSign(t *testing.T) {
 	pemBlock, _ := pem.Decode([]byte(pemString))
 	cert, _ := x509.ParseCertificate(pemBlock.Bytes)
 
-	pemString, _ = ioutil.ReadFile("./testdata/rsa.key")
+	b64Bytes, _ := ioutil.ReadFile("./testdata/rsa.key.b64")
+	pemString, _ = base64.StdEncoding.DecodeString(string(b64Bytes))
 	pemBlock, _ = pem.Decode([]byte(pemString))
 	key, _ := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
 
diff --git a/testdata/rsa.key b/testdata/rsa.key
diff --git a/testdata/rsa.key.b64 b/testdata/rsa.key.b64
@@ -0,0 +1 @@
+LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBcSsrNVIwRjkrcXJTN05QM1EwVW1ZV2xQTmFjOTlBZ2lTMFdXTjNUVzVST01mZHVGClRNd2FONDJnMXFmd3Y2RGoxRzdTcXlaRnZLdEY2QzltTy9VWmkyN1dWamx6eW1kSEo4d2hLb1RxanVFS0Erc0EKZ09FcDRpN1FxNzVUb1J0OHF1MkdoS21aQkdaMWNxV040U1JOc1NDSWZKSnR5UUNnbVJ2cEVTcTBzdjR5cTRkYgpoVm1pWHRJTHJlbmtVMWkvQTZycDZ0UkdOak9lTlZvYW1HbjhOaVd1cnJPSnJrWVBVSjhUZDZsSjBDR1dGNTBhCmV3cWN3NktVa3JRNnRIUGkyVEtmV0hsUVBDbVVmWTU1a0w4U3F4Z2dXcXp0cm5uVHFaQlJXNlBSWWxDZUY5Ui8KTVpsQVRLY0xlNEJPL01TV0tJbFUwUnk1b0VKdWhqejR4SWR2NjRQZFlRdEVpS0NzTmJYeXhnZHl4K3BNb0c0YwpuNTRCblREV0w0ZXJFTVd5K0RuTlJpNXFOQUZyNlhGOGdnRXQxZk5xc3JZSk0wSXc4ZkV6eDVyMzEzRjdFWEJuCmdBRGhvRDJsdnJjMjR6bU9aWlBDcEQrTUY3VVFoM0dmOGVIeGtHNTQ5UkpYRFlyck9nYTV5UUZPOEF0OU1WemwKcGtkbW9saHJZbWF4eVYyTFBVTklyVjhKVWZkZW8vUWVFSGl0UG5vWDVLZFNQRjhkNVRlakgzcUk2eTY1WWF0WgprK04zdXNTR3FuUjQxM09OS1JOS0RKV0F3VVpyMUptTGMyaEp2L2trc1l4YUJ0YzFHTEpqTmlha0RYWmY2MkN1CmdzL2c3YUc4bXh6bGk3Zk5UVFVJMEhiWWgxV09zTXZ0NWFOeTdrKzV3MEJINWJnaCtYempkTm5rTWNjQ0F3RUEKQVFLQ0FnQWRRVEhHUlFkNWNqMW5YSDJTN1o0bEx2VHlUUjJHZXlmU3BPbDFVQ1VNWHpJbGJBZVhWSmNWWXJ5KwpLVjhXUy9yWDkyOVMvYlVaOEE1NS9pNm4vd0UwcjB3NjZaV2hGOGVNcHZmeHN5SHg0NnAvbGluRXhBc0xXQ25iClB3d2R1bjZRMnM5cm5TdlRDdGZyQk81S0k1SXdsRGVFOHFsSmJSam1WRkJvd2xweXBqdmE0YklaMDNHRUxyc2MKQVZML04zZHcyVkRweXVxVGFGNy85dS9WaFJzTDM0ZUVaRG9GOUJmQkFRQWYrU2I5Q2VudTVLVlAwRE55T2lTTApmYTBMYlRobyttc1FjN3ZLTU16NlBCYkZJUzI4L09Mc2FzWWFUTkpONUtkakwxRitKL2R1V0pLM3pycVpFRWNzCjRWMFBOeWZSaCtSdG5EU2RaeEJGT1BTZkEraHY0OXhDbFc0NnlZc3RRWFF2YUx1UHNzNUFhY2cwU2x0eDFLTFcKTzQvc1pmS1Nqb1Ewdm16aVozU1RrYVhOYjcycUxKVUY4Sm03QXhHaEgwRVkyWjNDK0Z3ekpObnBsTTRNYlJEbgpJeHpxNVFZejVHSzZIWWI5cjZZMjRrdHJGb2xPNkVUNkRJaUdscWJyS1hhajZacFpKYjduN05Cckx3aXZ5aWpVClNSNEh4Zytib2ovdEdJaTRYZmZRcVYvVXowSXZrcWxqVE5yUEJ6dUJoQmw2WFBjRi91c3BjVVJ5a1VVb3dlNXAKTFVlbmNpeVJhYTNjSldWZklDVE1nbWFINGpvSDFiWlZsSjhxOW1BNFdlN0VWbGRLWHdLclRnblRBN2VNL2pwcQpPd21MUXpKRzVQL0Y1eVhjVVEwZmJiek1tY2V6b3RCZXBNWmRZU0p2RjRaeEthWFFjUUtDQVFFQTFmMHNoSVM3Cm90YkN3UFduZWpuWWVpOFpWODRLYThlTEZxbWYxYnlTMjBkMzlJN2d6a2pPQTFCczlETWthNElhdFhQYTJHdUsKNGo3V2FualFUT1F4Y3BqbDYySm1kd3FKK3pRazhTR3ZPcW5oWVByNzBQcnB4dFNYL2JDaW1IRmZUSWo5VklmMwpUVzh6L215N21hSlFIYTlKT2ZuMnFFMWI0My9uNEdLaFZVVFoycU9EMURoaGFwL3JDMUhQZXFKZXBWckIrQng5CllxU21ZMkMwMzdMMm40S2NjWklMRk53RmZaMTd0aFM5dnk4TTZYQU02bVpQeGkrZUJ5VExuQkNER2l4R3RQYUUKUjBkV3orU2dwVjRpN3BQcjgvNkticXFmRGJhNkJpWXBFeTZHdjNNcTU3SnpFSkZQSEppKzhySnRRTzd4TXlBZwprSkcwMG83RXkram5md0tDQVFFQXpiRUtSTUFkL2JoR1NqNDY3ZG4rN1FkWWU0TkV6dzVneklvR1RzWXp4QU0zClZRdERjK0hzc3l5Y3Naa3Y2TmdFdng1Nm51RmVWMWhKanhUMUZhM0xqU3V4Q2l3dnhKTDlUVkZ1dEhrZFJOMTQKYUZsRU1YbDdkM1F4TVJOTVpUOVRtZ0lZejhXQ3dhOS9yUWF6b3ArWExnKzE5U0tsZ244ZWZiaXB5NmdrZU1nRAppb3BvcEY5SFo4MVU4cHpGKzhydys5d0RxY1E1TmlGNy8wZzJ6V2NHY2RqNis0VmYyM0tpNktxSFk5bW1SeHkyCm5jM1Z6NUl0bW9BYlVSQVRiYStzcmlpZkhlV3daV0pYbkU5NEJtUEVnWHVNRWNXN21UMFdDZXg2UmtDRHpMelkKK3RDbVl6QythUUFJbk5pMm1TVUduUGZyOGJpSmY5RVlZWkRqd01hWnVRS0NBUUVBcys0WHVxM3BJRGs0dFF0Wgo4WG9tUGtiUUpuYUhhS3oybE8yNENmNXY5WldZbGJoMTZyNXBDM3hhd05NbjhvWUpjejJoYkl5dzBTQkpKbW5ECnJJUEwyREljVWRvQmttTDROcE5YNUxHUUorR2tNdW1YUjlkVEx1NmZocDg1ZUxrTGlzMDlSaEMxcnhTc1FXaW8KTGJ5L1pOWjQyaGtHZituY00rVGUwbHZja0ZnK1hvdFRVK1M4ZE8xV3M4UHNrNDlueWQ0UWIxRjFWTFpoZWZwYwozQ1FkSDI2eG9RVk44Qkk1UTdCaHoyNk5SZTZJQ3RrKzR2RjRib3FuZEJaS1prVzBGeFBYdUYzNFIvOENUZmhOCjQvN05uSklndXA3elE2NlA0dlljWVFOQlVuR3l0OVJjNVVtMVd0NzBDSFdmU1c4aVVwRVhtd2VPbWtFS0xHb0QKcS9tQWZRS0NBUUFGZ1VsL0VZMDc3eVNpZEF2cnRidm02QjFzSU5WRW5XUGwxWVBacytCS3pMTThhWExDdFRjNgpqR1VkTTdaZWl2bUZpL0ZJTTB2dEZvWFJlSVFlc21vU095c2YxSkxxdGV4bGwxcFpKaXlzWFNrTjBlWExWUzhDCndXOVhtdWFlaHhWYnQ5YW1LT2tZK2ZOMjFBa1d2eUt5cnVUMXpKbVZab1dRWTlMWGlvWi9YUXNMT0MwWXlSd0cKSVM2MjE0OU03OStIUGhveS92ZHhCWEJtSXE2a3pLOFZlUE11ckNFbXBHakx4VlNlVFlMdndFcjY2amxndHM3VgpwYndWYlZLM3lzM2FVMmYreXRqdnZiUU9rT25yY2R3ZWd3bjZwOG9mamN6N013TUt3a3RFdllFcEpWQnVzeTFGCmJpVE0zZGYxUFZKeC9RaXBqWURRbE80TUhtNmFDRGF4QW9JQkFBNDhPOTRwbzRYa2x2SlBNeUdhSE43RGs5SngKemVUMGx1R0c5dW5kUjhEVlI1QlJ5WnFadk9DdXNQQXZCWUFnYjhDVWVTMWlaOUp0YnE1bnZuWFRndW4vZzk1dAp3a2pLWFlSNHZNVnRGWGpJc1owQ3o5dnFMVlJISjNtMm5sWXUrenRpWlVJbFNUQyswWlpVM0xlb1dNaGk0c3VWCkR6TnF4ZWw1YTYyQmloVGlZRW5rN09ocUxSc0ZWeTM4ZHVSanJOOEtXcFVxREdKbmMxWjYrbm9nTWkweCtWT3MKR210QmM0M2xvVFdwSTRVc0RGR2lKSDF2UUlKQXhRbDJETmhucFBGQXo4Y2J3UFNjR1VxVWk2NGlUa0pNbzRVeAp2TjkyOXc4QTBaV21PVTNxVjR3WkhWcXRIN2FSRjhQR082VEJNWVFYT1Q4SkZCQkZUR0FxSURGRzZaND0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBcSsrNVIwRjkrcXJTN05QM1EwVW1ZV2xQTmFjOTlBZ2lTMFdXTjNUVzVST01mZHVGClRNd2FONDJnMXFmd3Y2RGoxRzdTcXlaRnZLdEY2QzltTy9VWmkyN1dWamx6eW1kSEo4d2hLb1RxanVFS0Erc0EKZ09FcDRpN1FxNzVUb1J0OHF1MkdoS21aQkdaMWNxV040U1JOc1NDSWZKSnR5UUNnbVJ2cEVTcTBzdjR5cTRkYgpoVm1pWHRJTHJlbmtVMWkvQTZycDZ0UkdOak9lTlZvYW1HbjhOaVd1cnJPSnJrWVBVSjhUZDZsSjBDR1dGNTBhCmV3cWN3NktVa3JRNnRIUGkyVEtmV0hsUVBDbVVmWTU1a0w4U3F4Z2dXcXp0cm5uVHFaQlJXNlBSWWxDZUY5Ui8KTVpsQVRLY0xlNEJPL01TV0tJbFUwUnk1b0VKdWhqejR4SWR2NjRQZFlRdEVpS0NzTmJYeXhnZHl4K3BNb0c0YwpuNTRCblREV0w0ZXJFTVd5K0RuTlJpNXFOQUZyNlhGOGdnRXQxZk5xc3JZSk0wSXc4ZkV6eDVyMzEzRjdFWEJuCmdBRGhvRDJsdnJjMjR6bU9aWlBDcEQrTUY3VVFoM0dmOGVIeGtHNTQ5UkpYRFlyck9nYTV5UUZPOEF0OU1WemwKcGtkbW9saHJZbWF4eVYyTFBVTklyVjhKVWZkZW8vUWVFSGl0UG5vWDVLZFNQRjhkNVRlakgzcUk2eTY1WWF0WgprK04zdXNTR3FuUjQxM09OS1JOS0RKV0F3VVpyMUptTGMyaEp2L2trc1l4YUJ0YzFHTEpqTmlha0RYWmY2MkN1CmdzL2c3YUc4bXh6bGk3Zk5UVFVJMEhiWWgxV09zTXZ0NWFOeTdrKzV3MEJINWJnaCtYempkTm5rTWNjQ0F3RUEKQVFLQ0FnQWRRVEhHUlFkNWNqMW5YSDJTN1o0bEx2VHlUUjJHZXlmU3BPbDFVQ1VNWHpJbGJBZVhWSmNWWXJ5KwpLVjhXUy9yWDkyOVMvYlVaOEE1NS9pNm4vd0UwcjB3NjZaV2hGOGVNcHZmeHN5SHg0NnAvbGluRXhBc0xXQ25iClB3d2R1bjZRMnM5cm5TdlRDdGZyQk81S0k1SXdsRGVFOHFsSmJSam1WRkJvd2xweXBqdmE0YklaMDNHRUxyc2MKQVZML04zZHcyVkRweXVxVGFGNy85dS9WaFJzTDM0ZUVaRG9GOUJmQkFRQWYrU2I5Q2VudTVLVlAwRE55T2lTTApmYTBMYlRobyttc1FjN3ZLTU16NlBCYkZJUzI4L09Mc2FzWWFUTkpONUtkakwxRitKL2R1V0pLM3pycVpFRWNzCjRWMFBOeWZSaCtSdG5EU2RaeEJGT1BTZkEraHY0OXhDbFc0NnlZc3RRWFF2YUx1UHNzNUFhY2cwU2x0eDFLTFcKTzQvc1pmS1Nqb1Ewdm16aVozU1RrYVhOYjcycUxKVUY4Sm03QXhHaEgwRVkyWjNDK0Z3ekpObnBsTTRNYlJEbgpJeHpxNVFZejVHSzZIWWI5cjZZMjRrdHJGb2xPNkVUNkRJaUdscWJyS1hhajZacFpKYjduN05Cckx3aXZ5aWpVClNSNEh4Zytib2ovdEdJaTRYZmZRcVYvVXowSXZrcWxqVE5yUEJ6dUJoQmw2WFBjRi91c3BjVVJ5a1VVb3dlNXAKTFVlbmNpeVJhYTNjSldWZklDVE1nbWFINGpvSDFiWlZsSjhxOW1BNFdlN0VWbGRLWHdLclRnblRBN2VNL2pwcQpPd21MUXpKRzVQL0Y1eVhjVVEwZmJiek1tY2V6b3RCZXBNWmRZU0p2RjRaeEthWFFjUUtDQVFFQTFmMHNoSVM3Cm90YkN3UFduZWpuWWVpOFpWODRLYThlTEZxbWYxYnlTMjBkMzlJN2d6a2pPQTFCczlETWthNElhdFhQYTJHdUsKNGo3V2FualFUT1F4Y3BqbDYySm1kd3FKK3pRazhTR3ZPcW5oWVByNzBQcnB4dFNYL2JDaW1IRmZUSWo5VklmMwpUVzh6L215N21hSlFIYTlKT2ZuMnFFMWI0My9uNEdLaFZVVFoycU9EMURoaGFwL3JDMUhQZXFKZXBWckIrQng5CllxU21ZMkMwMzdMMm40S2NjWklMRk53RmZaMTd0aFM5dnk4TTZYQU02bVpQeGkrZUJ5VExuQkNER2l4R3RQYUUKUjBkV3orU2dwVjRpN3BQcjgvNkticXFmRGJhNkJpWXBFeTZHdjNNcTU3SnpFSkZQSEppKzhySnRRTzd4TXlBZwprSkcwMG83RXkram5md0tDQVFFQXpiRUtSTUFkL2JoR1NqNDY3ZG4rN1FkWWU0TkV6dzVneklvR1RzWXp4QU0zClZRdERjK0hzc3l5Y3Naa3Y2TmdFdng1Nm51RmVWMWhKanhUMUZhM0xqU3V4Q2l3dnhKTDlUVkZ1dEhrZFJOMTQKYUZsRU1YbDdkM1F4TVJOTVpUOVRtZ0lZejhXQ3dhOS9yUWF6b3ArWExnKzE5U0tsZ244ZWZiaXB5NmdrZU1nRAppb3BvcEY5SFo4MVU4cHpGKzhydys5d0RxY1E1TmlGNy8wZzJ6V2NHY2RqNis0VmYyM0tpNktxSFk5bW1SeHkyCm5jM1Z6NUl0bW9BYlVSQVRiYStzcmlpZkhlV3daV0pYbkU5NEJtUEVnWHVNRWNXN21UMFdDZXg2UmtDRHpMelkKK3RDbVl6QythUUFJbk5pMm1TVUduUGZyOGJpSmY5RVlZWkRqd01hWnVRS0NBUUVBcys0WHVxM3BJRGs0dFF0Wgo4WG9tUGtiUUpuYUhhS3oybE8yNENmNXY5WldZbGJoMTZyNXBDM3hhd05NbjhvWUpjejJoYkl5dzBTQkpKbW5ECnJJUEwyREljVWRvQmttTDROcE5YNUxHUUorR2tNdW1YUjlkVEx1NmZocDg1ZUxrTGlzMDlSaEMxcnhTc1FXaW8KTGJ5L1pOWjQyaGtHZituY00rVGUwbHZja0ZnK1hvdFRVK1M4ZE8xV3M4UHNrNDlueWQ0UWIxRjFWTFpoZWZwYwozQ1FkSDI2eG9RVk44Qkk1UTdCaHoyNk5SZTZJQ3RrKzR2RjRib3FuZEJaS1prVzBGeFBYdUYzNFIvOENUZmhOCjQvN05uSklndXA3elE2NlA0dlljWVFOQlVuR3l0OVJjNVVtMVd0NzBDSFdmU1c4aVVwRVhtd2VPbWtFS0xHb0QKcS9tQWZRS0NBUUFGZ1VsL0VZMDc3eVNpZEF2cnRidm02QjFzSU5WRW5XUGwxWVBacytCS3pMTThhWExDdFRjNgpqR1VkTTdaZWl2bUZpL0ZJTTB2dEZvWFJlSVFlc21vU095c2YxSkxxdGV4bGwxcFpKaXlzWFNrTjBlWExWUzhDCndXOVhtdWFlaHhWYnQ5YW1LT2tZK2ZOMjFBa1d2eUt5cnVUMXpKbVZab1dRWTlMWGlvWi9YUXNMT0MwWXlSd0cKSVM2MjE0OU03OStIUGhveS92ZHhCWEJtSXE2a3pLOFZlUE11ckNFbXBHakx4VlNlVFlMdndFcjY2amxndHM3VgpwYndWYlZLM3lzM2FVMmYreXRqdnZiUU9rT25yY2R3ZWd3bjZwOG9mamN6N013TUt3a3RFdllFcEpWQnVzeTFGCmJpVE0zZGYxUFZKeC9RaXBqWURRbE80TUhtNmFDRGF4QW9JQkFBNDhPOTRwbzRYa2x2SlBNeUdhSE43RGs5SngKemVUMGx1R0c5dW5kUjhEVlI1QlJ5WnFadk9DdXNQQXZCWUFnYjhDVWVTMWlaOUp0YnE1bnZuWFRndW4vZzk1dAp3a2pLWFlSNHZNVnRGWGpJc1owQ3o5dnFMVlJISjNtMm5sWXUrenRpWlVJbFNUQyswWlpVM0xlb1dNaGk0c3VWCkR6TnF4ZWw1YTYyQmloVGlZRW5rN09ocUxSc0ZWeTM4ZHVSanJOOEtXcFVxREdKbmMxWjYrbm9nTWkweCtWT3MKR210QmM0M2xvVFdwSTRVc0RGR2lKSDF2UUlKQXhRbDJETmhucFBGQXo4Y2J3UFNjR1VxVWk2NGlUa0pNbzRVeAp2TjkyOXc4QTBaV21PVTNxVjR3WkhWcXRIN2FSRjhQR082VEJNWVFYT1Q4SkZCQkZUR0FxSURGRzZaND0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K