Issue
I'm trying to search for plaintext private keys. A simple search for "BEGIN.*PRIVATE" returns many false positives, as many are stored encrypted in the following format:
-----BEGIN ... PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
The desired output is a list of all filenames containing plaintext private key(s). How many are in a file, or how often each occurs, are problems I would deal with afterwards.
I have a very ugly, annoyingly fragile solution:
for i in $(find temp_git/ -type f) ; do sed -n '/BEGIN.*PRIVATE/ {N ; /ENCRYPTED/!p}' "${i}" | sed -E "s#.*#${i} : Plaintext PK#" | sort -u 2>/dev/null ; done
Due to the insufficiently quoted path in the last sed statement, this fails on various filenames, and I'm loathe to invest more time in a clearly suboptimal solution. It is surely possible to do this succinctly with sed, but having failed to hack anything useful together with awk, I'd be very interested in an *awk solution (with awk, I imagine I could also drop the 'for i in subshell...').
Solution
Perl to the rescue!
find temp_git -exec perl -lne '
print $ARGV if /BEGIN.*PRIVATE/ and readline !~ /ENCRYPTED/
' {} +
-lremoves newlines from Perl's input and adds them toprint;-nprocesses the input line by line, running the code for each line;$ARGVcontains the name of the currently opened file;- readline reads the next line from the file,
!~negates matching against/ENCRYPTED/.
Answered By - choroba Answer Checked By - Dawn Plyler (WPSolving Volunteer)