Add __repr__() to mask keys

We do not want to risk private keys to be exposed by accident. Return a repr that allows to diagnose key issues without disclosing sensible data. Signed-off-by: Simo Sorce <[email protected]>
latchset · Jun 9, 2021 · e056cfd · e056cfd
1 parent 57a69e7
commit e056cfd
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/jwcrypto/jwk.py b/jwcrypto/jwk.py
@@ -1083,6 +1083,13 @@ def from_password(cls, password):
         obj.import_key(**params)
         return obj
 
+    # Prevent accidental disclosure of key material via repr()
+    def __repr__(self):
+        repr_dict = dict()
+        repr_dict['kid'] = self.get('kid', 'Missing Key ID')
+        repr_dict['thumbprint'] = self.thumbprint()
+        return json_encode(repr_dict)
+
 
 class _JWKkeys(set):
 
@@ -1193,3 +1200,14 @@ def get_key(self, kid):
             if jwk.get('kid') == kid:
                 return jwk
         return None
+
+    def __repr__(self):
+        repr_dict = dict()
+        for k, v in iteritems(self):
+            if k == 'keys':
+                keys = list()
+                for jwk in v:
+                    keys.append(repr(jwk))
+                v = keys
+            repr_dict[k] = v
+        return json_encode(repr_dict)