From 652e16eac3aa90b7b21d867b8f5fc8ca34c135c7 Mon Sep 17 00:00:00 2001 Message-Id: <652e16eac3aa90b7b21d867b8f5fc8ca34c135c7.1715950184.git.mdw@distorted.org.uk> From: Mark Wooding Date: Mon, 1 May 2017 01:38:30 +0100 Subject: [PATCH] catacomb/__init__.py: Don't print secret bits of keys by default. Organization: Straylight/Edgeware From: Mark Wooding Introduce a `PRINT_SECRETS' flag which can easily be twiddled (e.g., in IPython) to control whether obvious secrets are printed literally or censored (the default). This is intended to make accidental leakage a bit less likely, rather than as a security feature. --- catacomb/__init__.py | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/catacomb/__init__.py b/catacomb/__init__.py index d0411be..c2470ad 100644 --- a/catacomb/__init__.py +++ b/catacomb/__init__.py @@ -83,17 +83,24 @@ def _checkend(r): return x ## Some pretty-printing utilities. +PRINT_SECRETS = False def _clsname(me): return type(me).__name__ +def _repr_secret(thing, secretp = True): + if not secretp or PRINT_SECRETS: return repr(thing) + else: return '#' def _pp_str(me, pp, cyclep): pp.text(cyclep and '...' or str(me)) +def _pp_secret(pp, thing, secretp = True): + if not secretp or PRINT_SECRETS: pp.pretty(thing) + else: pp.text('#') def _pp_bgroup(pp, text): ind = len(text) pp.begin_group(ind, text) return ind def _pp_bgroup_tyname(pp, obj, open = '('): return _pp_bgroup(pp, _clsname(obj) + open) -def _pp_kv(pp, k, v): +def _pp_kv(pp, k, v, secretp = False): ind = _pp_bgroup(pp, k + ' = ') - pp.pretty(v) + _pp_secret(pp, v, secretp) pp.end_group(ind, '') def _pp_commas(pp, printfn, items): firstp = True @@ -472,14 +479,17 @@ _augment(KeyAttributes, _tmp) class _tmp: def __repr__(me): - return '%s(%s, %r)' % \ - (_clsname(me), repr(me._guts()), me.writeflags(me.flags)) + return '%s(%s, %r)' % (_clsname(me), + _repr_secret(me._guts(), + not (me.flags & KF_NONSECRET)), + me.writeflags(me.flags)) def _repr_pretty_(me, pp, cyclep): ind = _pp_bgroup_tyname(pp, me) if cyclep: pp.text('...') else: - pp.pretty(me.guts()); pp.text(','); pp.breakable() + _pp_secret(pp, me._guts(), not (me.flags & KF_NONSECRET)) + pp.text(','); pp.breakable() pp.pretty(me.writeflags(me.flags)) pp.end_group(ind, ')') _augment(KeyData, _tmp) -- [mdw]