Commit 6fb40f28912f14ee11b06e308fc390929f9cc5a9
1 parent
c3adbe28
crypto: Update recommendation for wrapper
Showing
1 changed file
with
12 additions
and
4 deletions
oletools/crypto.py
| @@ -16,20 +16,27 @@ is known, and (2) even basic attributes like the file type can change by | @@ -16,20 +16,27 @@ is known, and (2) even basic attributes like the file type can change by | ||
| 16 | decryption. Therefore I suggest the following general routine to deal with | 16 | decryption. Therefore I suggest the following general routine to deal with |
| 17 | potentially encrypted files:: | 17 | potentially encrypted files:: |
| 18 | 18 | ||
| 19 | - def script_main_function(input_file, args): | 19 | + def script_main_function(input_file, passwords, crypto_nesting=0, args): |
| 20 | '''Wrapper around main function to deal with encrypted files.''' | 20 | '''Wrapper around main function to deal with encrypted files.''' |
| 21 | initial_stuff(input_file, args) | 21 | initial_stuff(input_file, args) |
| 22 | result = None | 22 | result = None |
| 23 | try: | 23 | try: |
| 24 | result = do_your_thing_assuming_no_encryption(input_file) | 24 | result = do_your_thing_assuming_no_encryption(input_file) |
| 25 | - if not crypto_is_encrypted(input_file): | 25 | + if not crypto.is_encrypted(input_file): |
| 26 | return result | 26 | return result |
| 27 | except Exception: | 27 | except Exception: |
| 28 | - if not crypto_is_encrypted(input_file): | 28 | + if not crypto.is_encrypted(input_file): |
| 29 | raise | 29 | raise |
| 30 | + # we reach this point only if file is encrypted | ||
| 31 | + # check if this is an encrypted file in an encrypted file in an ... | ||
| 32 | + if crypto_nesting >= crypto.MAX_NESTING_DEPTH: | ||
| 33 | + raise crypto.MaxCryptoNestingReached(crypto_nesting, filename) | ||
| 30 | decrypted_file = None | 34 | decrypted_file = None |
| 31 | try: | 35 | try: |
| 32 | - decrypted_file = crypto.decrypt(input_file) | 36 | + decrypted_file = crypto.decrypt(input_file, passwords) |
| 37 | + # might still be encrypted, so call this again recursively | ||
| 38 | + result = script_main_function(decrypted_file, passwords, | ||
| 39 | + crypto_nesting+1, args) | ||
| 33 | except Exception: | 40 | except Exception: |
| 34 | raise | 41 | raise |
| 35 | finally: # clean up | 42 | finally: # clean up |
| @@ -38,6 +45,7 @@ potentially encrypted files:: | @@ -38,6 +45,7 @@ potentially encrypted files:: | ||
| 38 | except Exception: | 45 | except Exception: |
| 39 | pass | 46 | pass |
| 40 | 47 | ||
| 48 | +(Realized e.g. in :py:mod:`oletools.msodde`). | ||
| 41 | That means that caller code needs another wrapper around its main function. I | 49 | That means that caller code needs another wrapper around its main function. I |
| 42 | did try it another way first (a transparent on-demand unencrypt) but for the | 50 | did try it another way first (a transparent on-demand unencrypt) but for the |
| 43 | above reasons I believe this is the better way. Also, non-top-level-code can | 51 | above reasons I believe this is the better way. Also, non-top-level-code can |