garybowers
commented
2 years ago Demo application used for pipelines - this is not a issue. Closing.
Closed aravindb26 closed 2 years ago
garybowers
commented
2 years ago Demo application used for pipelines - this is not a issue. Closing.
Hi team, Hope you are doing well :)
I have found a bug in your repository:
https://github.com/google/shifter/blob/173d6574b6010af21910f0f7ca9c43879b8720d0/okd-cluster/4.x/02-appdeployment/bank-of-anthos/kubernetes-manifests/jwt/jwt-secret.yamlAs it was ENCODED here in the form of jwtRS256.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS3dJQkFBS0NBZ0VBNEd2Wk5Ta2o1aWlXYjJEWk0yZkN4NWJHR1lnd2FLNFNNc3lJOEs4b0ZRZXBMMTNZClJPWEt3NVMrbEVMSDlBZXRUZGNUQWRrYkN6eWFwU2RrM1Bxd3hoQ2FmNGtudktlUmk3NmNzRzZtYzBrcngxR0kKdFk2NVgrTnEwcWFSdkxkT09iRlFHbUlIeDc1emtaNjU0K2Z0dm52Q1k1T1BqVjQ0TGt0dTF3bHJCbXIyMjVRUwpGYklhOEE5NkJTcEp6S20wYWhLKzZyOFZ2dk9xMUJIR1pJSUtLR1E3L3pMdXhQT24rYzN3Q0YwVlFZMjBZNFhvCm8rRFZ0LyswTUk4T1p2ZEF1YWIyVVh1YitUaXdBZ0c3Njh5bkpQaDdla2xMdGR0QTFCR2dsWG1vRVI0eHZoaFgKUXNPUnRUaTYwRlpQWDdDM1YxcmxVZStyVTlCWTZDbHJXbGVKdGdCZjFYUi90Qm1MZGZCNFlWbkt0ekI3dkxDbApPS3VsdGFkdVNWbmZ2OEMwdXoxelBCWkl3WG5zVk83WHlTVlBBSkJUOFBWR1Iza2JnOW5FRGsvclZsS1lNSW5EClNPOFNITnlLTytrNnBUaG1hbW9xTUJKQkNwY0MrRzFVUFVxWWV1Szh3NjZaU3BLV2ZQY3RtWWViUHNraUpiS2UKT3JIVlUyRGo3enpkaW1MMmJlaHFTd1NpM3pBa2xXZjRGU0F6aC80enBENFdxM0lDd2NYbFBxYTU5T0IwcXFBQwp4NUFtRUZsdlF1VUkwcTZ3WjZ2cmxBWUsrTWRtNER2RkFVbFhzNW1mbDZPRnZ0YkZTZHF1ckU2SXROVnlSVlFBCmx6WFdtaEM4R3JXQklodDFPSkxXREtPNWx2Wm1KUS9sazdic1VyNCsyK05ObnNzTXBuTUI2QytJejZzQ0F3RUEKQVFLQ0FnRUFoQ0c3ZnpzN3NiVlA3VCsrWWkvRFZMUUc2dDF1Y3hPYUQyS3hkZFFLNjJiWlM5UWJFMldnWGtyagpjbk5uT3R5U1F2UlFjcFFiQWlDcWhIYVBRalF2aEU0ZVNOeStFcXN1WEhMYjJsMHJqMUVUZjRVWDBwMjNzeWM0CnE5SDZtSHZzaUxkSERHR1BaeUZROWZuWVJNRTNEeUhhcjdvZm1RSlNYWjk0SVErZ2ZlVFlkeXZWQWdVZEt4NVIKbjF6b21xR0lZYk9yeUphOC9QS0dMOXBQVHJucHRTSmUyTUJxS0hlMC9MVXRrQjhOOXN5eDJxN3E3Q0hpY3pVUQpLRTd5RWRtZHVERC9jYll2ZlNyTkprRlRIV0FmUVBzejZDbmpjNjBsbkRiTXIzVXphUEM0Sk00OEFra1hMdlc1CnVCUTVJNFB1VG5acjhqUUVVWktuNWZrTkJlSG9aNjlZVVp2eWdOcGJRaVMxWi9CRzYwVDVZN1VPY09wWVJ2bCsKL0dSNUFSNnpZQVJKbTBKNmg3U2NsdGhLSjdaVnFldWV5U3B1UG9mTjg0V241Zm1mbWdsR2F0dlc4KzFGR2ZNRQppWGxHbzhHQ1ZyampzN013a0pMT3Jlc0lRblFWK3ZmWC95Nk9WRExMS21yeGJCT3BPcm5TK01icnFoOXBsRGFICks1N0VOVngzWWxVd2M3bFRHd2Q2cS9nVnhSWDZRc1F3VEl5UHVOOUozMWd0dXRCeS9FTVVGc1hJenJhRmRIQzgKZXVlT1N3V0JQT05XbUkzN1BCVTIycXFyMWE3d1Y3Z0lJOGg3WS8waDNDYjFYWjZsQ2FzOCt0emI3VFZNMGxWQwpINWNYaXRqM2xKS1B1b2VzOXpTNFhEQjQ0V1hwZkw4SFVXQ1NuSWF2ZVJYUHhwbDRJbUVDZ2dFQkFQMjJEZml3CmVaRDBSTzlManJSR2cxODJlNnNSZ052VUQrOTFjUnBRNFBDcnlKQm1tTmNWOFBNZVdoZFlPaHdCWW1JMjkyWkkKcjFyeHVwclBCdE43dTNnWmhKYkVXL1IvSFozc2lPSmNycHlhejBVNUpDSzRTOERSbkdnUUdOQUdJNFlsVUNxNwpLL2JOa0JLcnRpSEVpOWV6RGQ3SjIrRGJGK0FiSXNWdlNnNnNHdEp1TG8rY0VRUzFaNzkycTQ5NUt6dWJyUDhvClVIbWFuc1R1ZEtLL1lZY0dlcU9pS2V0bmgrK0ZUc0hXek1NTEJ3VllySVlZRHZ5RWUvZEFkNWUzM3ZTRSsrbXkKZEVaVkZidVRMQmdzSW4wM0dmZ1pnNE56QkNhSm9NZGJtU3NiaUxGMkRTL1g4eXNKNldLYzdVTFMwMXJwSjBLTgo0VldQNjhiZlZOd1YwbmtDZ2dFQkFPSnlKaVN5aGJrL1hEVjRzT2ZLS1BBQ3RJTkN0ZWk2OWpYVVVOUHNhQndNCjFMNURCOU5tNjhLb3piVTN1Rk9QbmRPZERrMms5cm5WS1JkSlYrTHhPQ2NEdE5aMzlGQ3JtbUs3TGc4TnBUM2cKVksxc29YamFtcGI3NU1LWjZzaGFIUDRFUUMvTVVoeVF1UXkydEtUS3JMYUNFRmdzR1RhRHFaOU9xMVdIZzhWNwoxdUkzak8xYnNzNFRQWjJxbXVOYjE0WEMzQnJaeDE4eWY3MnJZMEk5RTAxdXorUmp4VUdSK0E3dlloSklYVWtMCmtzQTJqV1ludktsVmZRRWJpWlVpcjQ0d2IraEZ4Z3JwcVBvSmNCTzgvdS9UYXZ3MjFqbjFkRys3NWZqZnI5M3UKRjExbUh2VVY2Z0RJenN4NDVicDVDek5oUmdTTHNRZk9INFdpdytIcUNrTUNnZ0VCQU1UZGtFZkpmL3IzWDhvaQo0ZStHeTRlRStqOEtqT2VHekhxdHNYNlBCWXdhYjcyRXJ0SXV4MUdPMnE5RW1ZcURsSGpMVi9zNUtVQXpVKzJ0CitRaisrTCsvWlQrcnpBS1M1RU5YZC92Vm1QUVJ1QVZweWwxYWpnVm5ZS3JxMnFZSUxXWjQ2NVRNdWRkL09HMFUKYW5ZWFViK2t3MzE5T3ExbXRFY0VKMTMxOWd3ZWhZMkZTNEhKd3ZiWllGQ1QzNW1ybHQxZzljTGo0RllMb1drRAo4dU1hQjY1RFc4US9IN0gzR3ViRGxSSVovN2JVaHJVaVVuU1dsSUppdHVKclZxRVdYdDF6bHhtR2pHekt0dHRlCjNwYy9IOS96Y3FZdC9mdHdzdWJJWWtadkVCSUFBbmhaTnZCSjYva1liczFESVdONXZlRE1DOWU3eWY2ZmQzOVEKYWtPQWQxa0NnZ0VCQUpCQ2RraFVydHBJSWg4eWgwanpRa2M5QWZESlZBZ3k2MTE1cUJDS2YveTJzK1dONEhOdQpFdTROQ2hmVHFvc1phRXVDdDdVQlRla3ZnaUVDcVltN2NMRnlMQWVobmJTeXpnVHVDRGF3MDc5cXBhZGlHREJjCjI3VXFQaDgzWFJwTVJrSVJSUzd1TkxWY0FYZTNBYmdtSWdlWExvQnRmNVo2SkZxSURLRE5WMFk5VWJVRi9MTE8KQTBoRGU3SnhHSUdWWmVVaU1ZU3RqdFQzMytkZVF6clVtL0p0a09XSUpnZFN6YnYrQnZWc3dua2hkVmtjcDlJWApxSm9jQ3lua2VDN1pUUXdCa1psZ3NmMEx4SW1kNzVlemhKb1dqd2FraksrWnpwYk1Gb01KUmduVmYyOFIrdERhCktCeGQwVmowQUM1ZXBLTVQ2ajVGRy8vRDhkTDUwVjZmOGU4Q2dnRUJBTWgreklJb3FKZWlXTGgzOUFtTTRQZEkKSFNod0lISXBUNUhGS05jOTFzRnRDZFdXVDIweXVPZHNLZU9TTDZjMjJsVFpjcklFZFlDY0Q5SVhyWm8xVmxXOAorSGFmNDFhcHhlaU1PZVBNR3ZlNEQ2ZEdrUXcyWXBuNXlOQUUwYk1qa1hFU3JuMzMvV3JqSFFtWFdvNmFSdnVZCnkrMktzbGwvK1BzajlwNXd3WVYxRGp0QzFXU0lmdFZNMkJuRlViQVVyMmNHSVNXWlNnWU9yUDU1elZKK3REeloKSXhrMDZ6TUNZU3pEL1pPTUJZSjUvTFFPWnlPUUs0R2xnMytUUUNXUERHNTRtUEo0dElmNUZCZ25wSU5QRGNLQwpLc2RTQlg4S0xNeU83aEVzOCtuZFRWNWlxa0pscGNCdVJ3VXVUSmlFakc0MWZnaXZPVThTR0V5elZPbW1NNG89Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
After doing Base64 decode I got the RSA PRIVATE KEY
-----BEGIN RSA PRIVATE KEY----- MIIJKwIBAAKCAgEA4GvZNSkj5iiWb2DZM2fCx5bGGYgwaK4SMsyI8K8oFQepL13Y ROXKw5S+lELH9AetTdcTAdkbCzyapSdk3PqwxhCaf4knvKeRi76csG6mc0krx1GI tY65X+Nq0qaRvLdOObFQGmIHx75zkZ654+ftvnvCY5OPjV44Lktu1wlrBmr225QS FbIa8A96BSpJzKm0ahK+6r8VvvOq1BHGZIIKKGQ7/zLuxPOn+c3wCF0VQY20Y4Xo o+DVt/+0MI8OZvdAuab2UXub+TiwAgG768ynJPh7eklLtdtA1BGglXmoER4xvhhX QsORtTi60FZPX7C3V1rlUe+rU9BY6ClrWleJtgBf1XR/tBmLdfB4YVnKtzB7vLCl OKultaduSVnfv8C0uz1zPBZIwXnsVO7XySVPAJBT8PVGR3kbg9nEDk/rVlKYMInD SO8SHNyKO+k6pThmamoqMBJBCpcC+G1UPUqYeuK8w66ZSpKWfPctmYebPskiJbKe OrHVU2Dj7zzdimL2behqSwSi3zAklWf4FSAzh/4zpD4Wq3ICwcXlPqa59OB0qqAC x5AmEFlvQuUI0q6wZ6vrlAYK+Mdm4DvFAUlXs5mfl6OFvtbFSdqurE6ItNVyRVQA lzXWmhC8GrWBIht1OJLWDKO5lvZmJQ/lk7bsUr4+2+NNnssMpnMB6C+Iz6sCAwEA AQKCAgEAhCG7fzs7sbVP7T++Yi/DVLQG6t1ucxOaD2KxddQK62bZS9QbE2WgXkrj cnNnOtySQvRQcpQbAiCqhHaPQjQvhE4eSNy+EqsuXHLb2l0rj1ETf4UX0p23syc4 q9H6mHvsiLdHDGGPZyFQ9fnYRME3DyHar7ofmQJSXZ94IQ+gfeTYdyvVAgUdKx5R n1zomqGIYbOryJa8/PKGL9pPTrnptSJe2MBqKHe0/LUtkB8N9syx2q7q7CHiczUQ KE7yEdmduDD/cbYvfSrNJkFTHWAfQPsz6Cnjc60lnDbMr3UzaPC4JM48AkkXLvW5 uBQ5I4PuTnZr8jQEUZKn5fkNBeHoZ69YUZvygNpbQiS1Z/BG60T5Y7UOcOpYRvl+ /GR5AR6zYARJm0J6h7SclthKJ7ZVqeueySpuPofN84Wn5fmfmglGatvW8+1FGfME iXlGo8GCVrjjs7MwkJLOresIQnQV+vfX/y6OVDLLKmrxbBOpOrnS+Mbrqh9plDaH K57ENVx3YlUwc7lTGwd6q/gVxRX6QsQwTIyPuN9J31gtutBy/EMUFsXIzraFdHC8 eueOSwWBPONWmI37PBU22qqr1a7wV7gII8h7Y/0h3Cb1XZ6lCas8+tzb7TVM0lVC H5cXitj3lJKPuoes9zS4XDB44WXpfL8HUWCSnIaveRXPxpl4ImECggEBAP22Dfiw eZD0RO9LjrRGg182e6sRgNvUD+91cRpQ4PCryJBmmNcV8PMeWhdYOhwBYmI292ZI r1rxuprPBtN7u3gZhJbEW/R/HZ3siOJcrpyaz0U5JCK4S8DRnGgQGNAGI4YlUCq7 K/bNkBKrtiHEi9ezDd7J2+DbF+AbIsVvSg6sGtJuLo+cEQS1Z792q495KzubrP8o UHmansTudKK/YYcGeqOiKetnh++FTsHWzMMLBwVYrIYYDvyEe/dAd5e33vSE++my dEZVFbuTLBgsIn03GfgZg4NzBCaJoMdbmSsbiLF2DS/X8ysJ6WKc7ULS01rpJ0KN 4VWP68bfVNwV0nkCggEBAOJyJiSyhbk/XDV4sOfKKPACtINCtei69jXUUNPsaBwM 1L5DB9Nm68KozbU3uFOPndOdDk2k9rnVKRdJV+LxOCcDtNZ39FCrmmK7Lg8NpT3g VK1soXjampb75MKZ6shaHP4EQC/MUhyQuQy2tKTKrLaCEFgsGTaDqZ9Oq1WHg8V7 1uI3jO1bss4TPZ2qmuNb14XC3BrZx18yf72rY0I9E01uz+RjxUGR+A7vYhJIXUkL ksA2jWYnvKlVfQEbiZUir44wb+hFxgrpqPoJcBO8/u/Tavw21jn1dG+75fjfr93u F11mHvUV6gDIzsx45bp5CzNhRgSLsQfOH4Wiw+HqCkMCggEBAMTdkEfJf/r3X8oi 4e+Gy4eE+j8KjOeGzHqtsX6PBYwab72ErtIux1GO2q9EmYqDlHjLV/s5KUAzU+2t +Qj++L+/ZT+rzAKS5ENXd/vVmPQRuAVpyl1ajgVnYKrq2qYILWZ465TMudd/OG0U anYXUb+kw319Oq1mtEcEJ1319gwehY2FS4HJwvbZYFCT35mrlt1g9cLj4FYLoWkD 8uMaB65DW8Q/H7H3GubDlRIZ/7bUhrUiUnSWlIJituJrVqEWXt1zlxmGjGzKttte 3pc/H9/zcqYt/ftwsubIYkZvEBIAAnhZNvBJ6/kYbs1DIWN5veDMC9e7yf6fd39Q akOAd1kCggEBAJBCdkhUrtpIIh8yh0jzQkc9AfDJVAgy6115qBCKf/y2s+WN4HNu Eu4NChfTqosZaEuCt7UBTekvgiECqYm7cLFyLAehnbSyzgTuCDaw079qpadiGDBc 27UqPh83XRpMRkIRRS7uNLVcAXe3AbgmIgeXLoBtf5Z6JFqIDKDNV0Y9UbUF/LLO A0hDe7JxGIGVZeUiMYStjtT33+deQzrUm/JtkOWIJgdSzbv+BvVswnkhdVkcp9IX qJocCynkeC7ZTQwBkZlgsf0LxImd75ezhJoWjwakjK+ZzpbMFoMJRgnVf28R+tDa KBxd0Vj0AC5epKMT6j5FG//D8dL50V6f8e8CggEBAMh+zIIoqJeiWLh39AmM4PdI HShwIHIpT5HFKNc91sFtCdWWT20yuOdsKeOSL6c22lTZcrIEdYCcD9IXrZo1VlW8 +Haf41apxeiMOePMGve4D6dGkQw2Ypn5yNAE0bMjkXESrn33/WrjHQmXWo6aRvuY y+2Ksll/+Psj9p5wwYV1DjtC1WSIftVM2BnFUbAUr2cGISWZSgYOrP55zVJ+tDzZ Ixk06zMCYSzD/ZOMBYJ5/LQOZyOQK4Glg3+TQCWPDG54mPJ4tIf5FBgnpINPDcKC KsdSBX8KLMyO7hEs8+ndTV5iqkJlpcBuRwUuTJiEjG41fgivOU8SGEyzVOmmM4o= -----END RSA PRIVATE KEY-----
Impact:
RSA private key is used to generate digital signatures, and the RSA public key is used to verify digital signatures. The RSA public key is also used for key encryption of DES or AES DATA keys and the RSA private key for key recovery.