Commit 6fb40f28912f14ee11b06e308fc390929f9cc5a9
1 parent
c3adbe28
crypto: Update recommendation for wrapper
Showing
1 changed file
with
12 additions
and
4 deletions
oletools/crypto.py
| ... | ... | @@ -16,20 +16,27 @@ is known, and (2) even basic attributes like the file type can change by |
| 16 | 16 | decryption. Therefore I suggest the following general routine to deal with |
| 17 | 17 | potentially encrypted files:: |
| 18 | 18 | |
| 19 | - def script_main_function(input_file, args): | |
| 19 | + def script_main_function(input_file, passwords, crypto_nesting=0, args): | |
| 20 | 20 | '''Wrapper around main function to deal with encrypted files.''' |
| 21 | 21 | initial_stuff(input_file, args) |
| 22 | 22 | result = None |
| 23 | 23 | try: |
| 24 | 24 | result = do_your_thing_assuming_no_encryption(input_file) |
| 25 | - if not crypto_is_encrypted(input_file): | |
| 25 | + if not crypto.is_encrypted(input_file): | |
| 26 | 26 | return result |
| 27 | 27 | except Exception: |
| 28 | - if not crypto_is_encrypted(input_file): | |
| 28 | + if not crypto.is_encrypted(input_file): | |
| 29 | 29 | raise |
| 30 | + # we reach this point only if file is encrypted | |
| 31 | + # check if this is an encrypted file in an encrypted file in an ... | |
| 32 | + if crypto_nesting >= crypto.MAX_NESTING_DEPTH: | |
| 33 | + raise crypto.MaxCryptoNestingReached(crypto_nesting, filename) | |
| 30 | 34 | decrypted_file = None |
| 31 | 35 | try: |
| 32 | - decrypted_file = crypto.decrypt(input_file) | |
| 36 | + decrypted_file = crypto.decrypt(input_file, passwords) | |
| 37 | + # might still be encrypted, so call this again recursively | |
| 38 | + result = script_main_function(decrypted_file, passwords, | |
| 39 | + crypto_nesting+1, args) | |
| 33 | 40 | except Exception: |
| 34 | 41 | raise |
| 35 | 42 | finally: # clean up |
| ... | ... | @@ -38,6 +45,7 @@ potentially encrypted files:: |
| 38 | 45 | except Exception: |
| 39 | 46 | pass |
| 40 | 47 | |
| 48 | +(Realized e.g. in :py:mod:`oletools.msodde`). | |
| 41 | 49 | That means that caller code needs another wrapper around its main function. I |
| 42 | 50 | did try it another way first (a transparent on-demand unencrypt) but for the |
| 43 | 51 | above reasons I believe this is the better way. Also, non-top-level-code can | ... | ... |