detect_private_key: add OpenVPN shared-secret key block 'OpenVPN Static key V1' label is often used by OpenVPN for providing hardening security with additional HMAC signatures to the SSL/TLS handshake packets. They are shared secrets and should be kept private. Signed-off-by: Luís Ferreira <contact@lsferreira.net>

commit: 1b4e30e9aaebad246088f2493b3fdbbc04991686 [log] [tgz]
author: Luís Ferreira <contact@lsferreira.net> Sat Oct 02 20:42:15 2021 +0100
committer: Luís Ferreira <contact@lsferreira.net> Sat Oct 02 20:53:39 2021 +0100
tree: cc6eaa8bba37d264bf3ccda09b62938fdce0f7bc
parent: ccdf02dfd48be0656f3b33ded45e629296344db5 [diff]
diff --git a/pre_commit_hooks/detect_private_key.py b/pre_commit_hooks/detect_private_key.py
index bd1f296..3a6027d 100644
--- a/pre_commit_hooks/detect_private_key.py
+++ b/pre_commit_hooks/detect_private_key.py

@@ -12,6 +12,7 @@
     b'BEGIN SSH2 ENCRYPTED PRIVATE KEY',
     b'BEGIN PGP PRIVATE KEY BLOCK',
     b'BEGIN ENCRYPTED PRIVATE KEY',
+    b'BEGIN OpenVPN Static key V1',
 ]
 
 

diff --git a/tests/detect_private_key_test.py b/tests/detect_private_key_test.py
index 9495047..d2c724f 100644
--- a/tests/detect_private_key_test.py
+++ b/tests/detect_private_key_test.py

@@ -11,6 +11,7 @@
     (b'PuTTY-User-Key-File-2: ssh-rsa', 1),
     (b'---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----', 1),
     (b'-----BEGIN ENCRYPTED PRIVATE KEY-----', 1),
+    (b'-----BEGIN OpenVPN Static key V1-----', 1),
     (b'ssh-rsa DATA', 0),
     (b'ssh-dsa DATA', 0),
     # Some arbitrary binary data
commit	1b4e30e9aaebad246088f2493b3fdbbc04991686	[log] [tgz]
author	Luís Ferreira <contact@lsferreira.net>	Sat Oct 02 20:42:15 2021 +0100
committer	Luís Ferreira <contact@lsferreira.net>	Sat Oct 02 20:53:39 2021 +0100
tree	cc6eaa8bba37d264bf3ccda09b62938fdce0f7bc
parent	ccdf02dfd48be0656f3b33ded45e629296344db5 [diff]