Re: What data is code?

Before filtering, test for a known encrypted value in the code (a known comment that *you* insert when you do filter/encrypt). If the encrypted comment is there, don't encrypt, if it isn't there, prepend the special comment then encrypt.

Comment on Re: What data is code?

Replies are listed 'Best First'.
Re: Re: What data is code? by Beatnik (Parson) on Nov 22, 2001 at 03:55 UTC
I can't manipulate the encrypting process itself since I use Crypt::CBC. The user (of the module) will provide keyphrase and cipher. I could check the very first string (til it matches an ;) after the use statement with `eval` tho :) Greetz Beatnik ... Quidquid perl dictum sit, altum viditur.	[reply] [d/l]
Re: Re: Re: What data is code? by Anonymous Monk on Nov 22, 2001 at 04:39 UTC
It shouldn't matter that the user has control over the code encryption technique, you only need control the magic. When your filter is called it can encrypt a special string (magic cookie) by any means it wishes. Now, it can test the incoming code to see if that encrypted string is at the beginning: `if(index($_,$cookie) == 0)`. If it is then the file is encrypted, so strip it off and then decrypt the rest using the user's specified parameters. If it isn't there, encrypt the code via the user's parameters, prepend your encrypted magic cookie, overwrite the source file and exit. You have control over the cookie, you can create it, test for it, add it or strip it as required.	[reply] [d/l]