Add read-only support for AES encryption (Winzip version). Use Dr Brian Gladman's AES implemention, modified to avoid namespace pollution.
diff --git a/lib/Makefile.am b/lib/Makefile.am index 38ffad9..d4b97bb 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am
@@ -8,6 +8,7 @@ # also update CMakeLists.txt when changing version libzip_la_LDFLAGS=-no-undefined -version-info 4:0:0 +libzip_la_CPPFLAGS=-I$(srcdir)/gladman-fcrypt libzip_la_LIBADD=@LTLIBOBJS@ if WIN32_HOST @@ -23,6 +24,7 @@ libzip_la_SOURCES=\ ${IO_SOURCES} \ + gladman-fcrypt.c \ zip_add.c \ zip_add_dir.c \ zip_add_entry.c \ @@ -111,6 +113,7 @@ zip_source_tell.c \ zip_source_tell_write.c \ zip_source_window.c \ + zip_source_winzip_aes.c \ zip_source_write.c \ zip_source_zip.c \ zip_source_zip_new.c \
diff --git a/lib/gladman-fcrypt.c b/lib/gladman-fcrypt.c new file mode 100644 index 0000000..98790d2 --- /dev/null +++ b/lib/gladman-fcrypt.c
@@ -0,0 +1,43 @@ +/* + gladman-fcrypt.c -- wrapper functions for Dr Gladman's AES functions + Copyright (C) 2016 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include "gladman-fcrypt.h" + +#include "gladman-fcrypt/aescrypt.c" +#include "gladman-fcrypt/aeskey.c" +#include "gladman-fcrypt/aestab.c" +#include "gladman-fcrypt/fileenc.c" +#include "gladman-fcrypt/hmac.c" +#include "gladman-fcrypt/prng.c" +#include "gladman-fcrypt/pwd2key.c" +#include "gladman-fcrypt/sha1.c"
diff --git a/lib/gladman-fcrypt.h b/lib/gladman-fcrypt.h new file mode 100644 index 0000000..d4aa424 --- /dev/null +++ b/lib/gladman-fcrypt.h
@@ -0,0 +1,43 @@ +/* + gladman-fcrypt.h -- wrapper functions for Dr Gladman's AES functions + Copyright (C) 2016 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef HAD_GLADMAN_FCRYPT_H +#define HAD_GLADMAN_FCRYPT_H + +#include "zipint.h" + +#define INTERNAL static + +#include "fileenc.h" + +#endif /* HAD_GLADMAN_FCRYPT_H */
diff --git a/lib/zip.h b/lib/zip.h index 7a87e28..61195cf 100644 --- a/lib/zip.h +++ b/lib/zip.h
@@ -20,7 +20,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -127,7 +127,7 @@ #define ZIP_ER_REMOVE 22 /* S Can't remove file */ #define ZIP_ER_DELETED 23 /* N Entry has been deleted */ #define ZIP_ER_ENCRNOTSUPP 24 /* N Encryption method not supported */ -#define ZIP_ER_RDONLY 25 /* N Read-only archive */ +#define ZIP_ER_RDONLY 25 /* N Read-only archive */ #define ZIP_ER_NOPASSWD 26 /* N No password provided */ #define ZIP_ER_WRONGPASSWD 27 /* N Wrong password provided */ #define ZIP_ER_OPNOTSUPP 28 /* N Operation not supported */ @@ -173,12 +173,15 @@ #define ZIP_EM_RC2_OLD 0x6602 /* strong encryption: RC2, version < 5.2 */ #define ZIP_EM_3DES_168 0x6603 #define ZIP_EM_3DES_112 0x6609 -#define ZIP_EM_AES_128 0x660e -#define ZIP_EM_AES_192 0x660f -#define ZIP_EM_AES_256 0x6610 +#define ZIP_EM_PKZIP_AES_128 0x660e +#define ZIP_EM_PKZIP_AES_192 0x660f +#define ZIP_EM_PKZIP_AES_256 0x6610 #define ZIP_EM_RC2 0x6702 /* strong encryption: RC2, version >= 5.2 */ #define ZIP_EM_RC4 0x6801 #endif +#define ZIP_EM_AES_128 0x0101 /* Winzip AES encryption */ +#define ZIP_EM_AES_192 0x0102 +#define ZIP_EM_AES_256 0x0103 #define ZIP_EM_UNKNOWN 0xffff /* unknown algorithm */ #define ZIP_OPSYS_DOS 0x00u @@ -299,7 +302,7 @@ typedef struct zip_source zip_source_t; typedef struct zip_stat zip_stat_t; -typedef zip_uint32_t zip_flags_t; +typedef zip_uint32_t zip_flags_t; typedef zip_int64_t (*zip_source_callback)(void *, void *, zip_uint64_t, zip_source_cmd_t);
diff --git a/lib/zip_dirent.c b/lib/zip_dirent.c index 0989da9..8c0bbad 100644 --- a/lib/zip_dirent.c +++ b/lib/zip_dirent.c
@@ -44,6 +44,7 @@ static time_t _zip_d2u_time(zip_uint16_t, zip_uint16_t); static zip_string_t *_zip_dirent_process_ef_utf_8(const zip_dirent_t *de, zip_uint16_t id, zip_string_t *str); static zip_extra_field_t *_zip_ef_utf8(zip_uint16_t, zip_string_t *, zip_error_t *); +static bool _zip_dirent_process_winzip_aes(zip_dirent_t *de, zip_error_t *error); void @@ -272,6 +273,7 @@ de->local_extra_fields_read = 0; de->cloned = 0; + de->crc_valid = true; de->version_madeby = 20 | (ZIP_OPSYS_DEFAULT << 8); de->version_needed = 20; /* 2.0 */ de->bitflags = 0; @@ -287,6 +289,7 @@ de->int_attrib = 0; de->ext_attrib = ZIP_EXT_ATTRIB_DEFAULT; de->offset = 0; + de->encryption_method = ZIP_EM_NONE; } @@ -401,6 +404,19 @@ return -1; } + if (zde->bitflags & ZIP_GPBF_ENCRYPTED) { + if (zde->bitflags & ZIP_GPBF_STRONG_ENCRYPTION) { + /* TODO */ + zde->encryption_method = ZIP_EM_UNKNOWN; + } + else { + zde->encryption_method = ZIP_EM_TRAD_PKWARE; + } + } + else { + zde->encryption_method = ZIP_EM_NONE; + } + zde->filename = NULL; zde->extra_fields = NULL; zde->comment = NULL; @@ -553,6 +569,13 @@ return -1; } + if (!_zip_dirent_process_winzip_aes(zde, error)) { + if (!from_buffer) { + _zip_buffer_free(buffer); + } + return -1; + } + zde->extra_fields = _zip_ef_remove_internal(zde->extra_fields); return (zip_int64_t)(size + variable_size); @@ -595,6 +618,86 @@ } +static bool +_zip_dirent_process_winzip_aes(zip_dirent_t *de, zip_error_t *error) +{ + zip_uint16_t ef_len; + zip_uint32_t ef_crc; + zip_buffer_t *buffer; + const zip_uint8_t *ef; + bool crc_valid; + zip_int32_t enc_method; + + + if (de->comp_method != ZIP_CM_WINZIP_AES) { + return true; + } + + ef = _zip_ef_get_by_id(de->extra_fields, &ef_len, ZIP_EF_WINZIP_AES, 0, ZIP_EF_BOTH, NULL); + + if (ef == NULL || ef_len < 7) { + zip_error_set(error, ZIP_ER_INCONS, 0); + return false; + } + + if ((buffer = _zip_buffer_new((zip_uint8_t *)ef, ef_len)) == NULL) { + zip_error_set(error, ZIP_ER_INTERNAL, 0); + return false; + } + + /* version */ + + crc_valid = true; + switch (_zip_buffer_get_16(buffer)) { + case 1: + break; + + case 2: + if (de->uncomp_size < 20 /* TODO: constant */) { + crc_valid = false; + } + break; + + default: + zip_error_set(error, ZIP_ER_ENCRNOTSUPP, 0); + return false; + } + + /* vendor */ + if (memcmp(_zip_buffer_get(buffer, 2), "AE", 2) != 0) { + zip_error_set(error, ZIP_ER_ENCRNOTSUPP, 0); + return false; + } + + /* mode */ + switch (_zip_buffer_get_8(buffer)) { + case 1: + enc_method = ZIP_EM_AES_128; + break; + case 2: + enc_method = ZIP_EM_AES_192; + break; + case 3: + enc_method = ZIP_EM_AES_256; + break; + default: + zip_error_set(error, ZIP_ER_ENCRNOTSUPP, 0); + return false; + } + + if (ef_len != 7) { + zip_error_set(error, ZIP_ER_INCONS, 0); + return false; + } + + de->crc_valid = crc_valid; + de->encryption_method = enc_method; + de->comp_method = _zip_buffer_get_16(buffer); + + return true; +} + + zip_int32_t _zip_dirent_size(zip_source_t *src, zip_uint16_t flags, zip_error_t *error) {
diff --git a/lib/zip_get_encryption_implementation.c b/lib/zip_get_encryption_implementation.c index e2f833b..96e939c 100644 --- a/lib/zip_get_encryption_implementation.c +++ b/lib/zip_get_encryption_implementation.c
@@ -38,7 +38,16 @@ zip_encryption_implementation _zip_get_encryption_implementation(zip_uint16_t em) { - if (em == ZIP_EM_TRAD_PKWARE) + switch (em) { + case ZIP_EM_TRAD_PKWARE: return zip_source_pkware; - return NULL; + + case ZIP_EM_AES_128: + case ZIP_EM_AES_192: + case ZIP_EM_AES_256: + return zip_source_winzip_aes; + + default: + return NULL; + } }
diff --git a/lib/zip_source_winzip_aes.c b/lib/zip_source_winzip_aes.c new file mode 100644 index 0000000..66a6a00 --- /dev/null +++ b/lib/zip_source_winzip_aes.c
@@ -0,0 +1,282 @@ +/* + zip_source_winzip_aes.c -- Winzip AES de/encryption routines + Copyright (C) 2009-2015 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at <libzip@nih.at> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + + +#include <stdlib.h> +#include <string.h> + +#include "zipint.h" + +#include "gladman-fcrypt.h" + +#define MAX_HEADER_LENGTH (16+PWD_VER_LENGTH) +#define HMAC_LENGTH 10 + +static int salt_length[] = { 0, 8, 12, 16 }; + +struct winzip_aes { + char *password; + int mode; + + zip_uint64_t data_length; + zip_uint64_t current_position; + + fcrypt_ctx fcrypt_ctx; + zip_error_t error; +}; + + +static int decrypt_header(zip_source_t *src, struct winzip_aes *ctx); +static void winzip_aes_free(struct winzip_aes *); +static zip_int64_t winzip_aes_decrypt(zip_source_t *src, void *ud, void *data, zip_uint64_t len, zip_source_cmd_t cmd); +static struct winzip_aes * winzip_aes_new(int mode, const char *password); + + +zip_source_t * +zip_source_winzip_aes(zip_t *za, zip_source_t *src, zip_uint16_t em, int flags, const char *password) +{ + zip_source_t *s2; + int mode = 0; + zip_stat_t st; + zip_uint64_t aux_length; + struct winzip_aes *ctx; + + switch (em) { + case ZIP_EM_AES_128: + mode = 1; + break; + case ZIP_EM_AES_192: + mode = 2; + break; + case ZIP_EM_AES_256: + mode = 3; + break; + } + + if (password == NULL || src == NULL || mode == 0) { + zip_error_set(&za->error, ZIP_ER_INVAL, 0); + return NULL; + } + if (flags & ZIP_CODEC_ENCODE) { + zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0); + return NULL; + } + + if (zip_source_stat(src, &st) != 0) { + _zip_error_set_from_source(&za->error, src); + return NULL; + } + + aux_length = PWD_VER_LENGTH + salt_length[mode] + HMAC_LENGTH; + + if ((st.valid & ZIP_STAT_COMP_SIZE) == 0 || st.comp_size < aux_length) { + zip_error_set(&za->error, ZIP_ER_OPNOTSUPP, 0); + return NULL; + } + + if ((ctx = winzip_aes_new(mode, password)) == NULL) { + zip_error_set(&za->error, ZIP_ER_MEMORY, 0); + return NULL; + } + + ctx->data_length = st.comp_size - aux_length; + + if ((s2 = zip_source_layered(za, src, winzip_aes_decrypt, ctx)) == NULL) { + winzip_aes_free(ctx); + return NULL; + } + + return s2; +} + + +static int +decrypt_header(zip_source_t *src, struct winzip_aes *ctx) +{ + zip_uint8_t header[MAX_HEADER_LENGTH]; + zip_uint8_t password_verification[PWD_VER_LENGTH]; + zip_uint8_t headerlen; + zip_int64_t n; + unsigned char key[16]; + + headerlen = PWD_VER_LENGTH + salt_length[ctx->mode]; + if ((n=zip_source_read(src, header, headerlen)) < 0) { + _zip_error_set_from_source(&ctx->error, src); + return -1; + } + + if (n != headerlen) { + zip_error_set(&ctx->error, ZIP_ER_EOF, 0); + return -1; + } + + if (_zip_fcrypt_init(ctx->mode, ctx->password, strlen(ctx->password), header, password_verification, &ctx->fcrypt_ctx) != 0) { + zip_error_set(&ctx->error, ZIP_ER_MEMORY, 0); + return -1; + } + if (memcmp(password_verification, header + salt_length[ctx->mode], PWD_VER_LENGTH) != 0) { + zip_error_set(&ctx->error, ZIP_ER_WRONGPASSWD, 0); + return -1; + } + return 0; +} + + +static bool +verify_hmac(zip_source_t *src, struct winzip_aes *ctx) +{ + unsigned char computed[HMAC_LENGTH], from_file[HMAC_LENGTH]; + if (zip_source_read(src, from_file, HMAC_LENGTH) < HMAC_LENGTH) { + _zip_error_set_from_source(&ctx->error, src); + return false; + } + + _zip_fcrypt_end(computed, &ctx->fcrypt_ctx); + + if (memcmp(from_file, computed, HMAC_LENGTH) != 0) { + zip_error_set(&ctx->error, ZIP_ER_CRC, 0); + return false; + } + + return true; +} + + +static zip_int64_t +winzip_aes_decrypt(zip_source_t *src, void *ud, void *data, zip_uint64_t len, zip_source_cmd_t cmd) +{ + struct winzip_aes *ctx; + zip_int64_t n; + + ctx = (struct winzip_aes *)ud; + + switch (cmd) { + case ZIP_SOURCE_OPEN: + if (decrypt_header(src, ctx) < 0) { + return -1; + } + ctx->current_position = 0; + return 0; + + case ZIP_SOURCE_READ: + if (len > ctx->data_length - ctx->current_position) { + len = ctx->data_length - ctx->current_position; + } + + if (len == 0) { + if (!verify_hmac(src, ctx)) { + return -1; + } + return 0; + } + + if ((n=zip_source_read(src, data, len)) < 0) { + _zip_error_set_from_source(&ctx->error, src); + return -1; + } + ctx->current_position += n; + + /* TODO: loop if len > UINT_MAX */ + _zip_fcrypt_decrypt(data, n, &ctx->fcrypt_ctx); + + return n; + + case ZIP_SOURCE_CLOSE: + return 0; + + case ZIP_SOURCE_STAT: + { + zip_stat_t *st; + + st = (zip_stat_t *)data; + + st->encryption_method = ZIP_EM_NONE; + st->valid |= ZIP_STAT_ENCRYPTION_METHOD; + if (st->valid & ZIP_STAT_COMP_SIZE) { + st->comp_size -= 12 + salt_length[ctx->mode]; + } + + return 0; + } + + case ZIP_SOURCE_SUPPORTS: + return zip_source_make_command_bitmap(ZIP_SOURCE_OPEN, ZIP_SOURCE_READ, ZIP_SOURCE_CLOSE, ZIP_SOURCE_STAT, ZIP_SOURCE_ERROR, ZIP_SOURCE_FREE, -1); + + case ZIP_SOURCE_ERROR: + return zip_error_to_data(&ctx->error, data, len); + + case ZIP_SOURCE_FREE: + winzip_aes_free(ctx); + return 0; + + default: + zip_error_set(&ctx->error, ZIP_ER_INVAL, 0); + return -1; + } +} + + +static void +winzip_aes_free(struct winzip_aes *ctx) +{ + if (ctx == NULL) { + return; + } + + _zip_crypto_clear(&ctx->fcrypt_ctx, sizeof(ctx->fcrypt_ctx)); + _zip_crypto_clear(ctx->password, strlen(ctx->password)); + free(ctx->password); + zip_error_fini(&ctx->error); + free(ctx); +} + + +static struct winzip_aes * +winzip_aes_new(int mode, const char *password) { + struct winzip_aes *ctx; + + if ((ctx = (struct winzip_aes *)malloc(sizeof(*ctx))) == NULL) { + return NULL; + } + + if ((ctx->password = strdup(password)) == NULL) { + free(ctx); + return NULL; + } + + ctx->mode = mode; + + zip_error_init(&ctx->error); + + return ctx; +}
diff --git a/lib/zip_stat_index.c b/lib/zip_stat_index.c index 601e3f7..59ff5d3 100644 --- a/lib/zip_stat_index.c +++ b/lib/zip_stat_index.c
@@ -64,17 +64,8 @@ st->mtime = de->last_mod; st->comp_size = de->comp_size; st->comp_method = (zip_uint16_t)de->comp_method; - if (de->bitflags & ZIP_GPBF_ENCRYPTED) { - if (de->bitflags & ZIP_GPBF_STRONG_ENCRYPTION) { - /* TODO */ - st->encryption_method = ZIP_EM_UNKNOWN; - } - else - st->encryption_method = ZIP_EM_TRAD_PKWARE; - } - else - st->encryption_method = ZIP_EM_NONE; - st->valid = ZIP_STAT_CRC|ZIP_STAT_SIZE|ZIP_STAT_MTIME + st->encryption_method = de->encryption_method; + st->valid = (de->crc_valid ? ZIP_STAT_CRC : 0) | ZIP_STAT_SIZE|ZIP_STAT_MTIME |ZIP_STAT_COMP_SIZE|ZIP_STAT_COMP_METHOD|ZIP_STAT_ENCRYPTION_METHOD; }
diff --git a/lib/zipint.h b/lib/zipint.h index d1b2303..fe62208 100644 --- a/lib/zipint.h +++ b/lib/zipint.h
@@ -20,7 +20,7 @@ 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -66,14 +66,16 @@ #define EFZIP64SIZE 28 #define ZIP_CM_REPLACED_DEFAULT (-2) +#define ZIP_CM_WINZIP_AES 99 /* Winzip AES encrypted */ #define ZIP_CM_IS_DEFAULT(x) ((x) == ZIP_CM_DEFAULT || (x) == ZIP_CM_REPLACED_DEFAULT) #define ZIP_EF_UTF_8_COMMENT 0x6375 #define ZIP_EF_UTF_8_NAME 0x7075 +#define ZIP_EF_WINZIP_AES 0x9901 #define ZIP_EF_ZIP64 0x0001 -#define ZIP_EF_IS_INTERNAL(id) ((id) == ZIP_EF_UTF_8_COMMENT || (id) == ZIP_EF_UTF_8_NAME || (id) == ZIP_EF_ZIP64) +#define ZIP_EF_IS_INTERNAL(id) ((id) == ZIP_EF_UTF_8_COMMENT || (id) == ZIP_EF_UTF_8_NAME || (id) == ZIP_EF_WINZIP_AES || (id) == ZIP_EF_ZIP64) /* according to unzip-6.0's zipinfo.c, this corresponds to a regular file with rw permissions for everyone */ #define ZIP_EXT_ATTRIB_DEFAULT (0100666u<<16) @@ -118,6 +120,7 @@ int zip_source_remove(zip_source_t *); zip_int64_t zip_source_supports(zip_source_t *src); zip_source_t *zip_source_window(zip_t *, zip_source_t *, zip_uint64_t, zip_uint64_t); +zip_source_t *zip_source_winzip_aes(zip_t *, zip_source_t *, zip_uint16_t, int, const char *); /* error source for layered sources */ @@ -193,7 +196,7 @@ zip_source_t **open_source; /* open sources using archive */ zip_hash_t *names; /* hash table for name lookup */ - + char *tempdir; /* custom temp dir (needed e.g. for OS X sandboxing) */ }; @@ -219,7 +222,9 @@ struct zip_dirent { zip_uint32_t changed; bool local_extra_fields_read; /* whether we already read in local header extra fields */ - bool cloned; /* whether this instance is cloned, and thus shares non-changed strings */ + bool cloned; /* whether this instance is cloned, and thus shares non-changed strings */ + + bool crc_valid; /* if CRC is valid (sometimes not for encrypted archives) */ zip_uint16_t version_madeby; /* (c) version of creator */ zip_uint16_t version_needed; /* (cl) version needed to extract */ @@ -236,6 +241,8 @@ zip_uint16_t int_attrib; /* (c) internal file attributes */ zip_uint32_t ext_attrib; /* (c) external file attributes */ zip_uint64_t offset; /* (c) offset of local header */ + + zip_uint16_t encryption_method; /* encryption method, computed from other fields */ }; /* zip archive central directory */ @@ -313,7 +320,7 @@ struct zip_buffer { bool ok; bool free_data; - + zip_uint8_t *data; zip_uint64_t size; zip_uint64_t offset; @@ -341,6 +348,17 @@ #define ZIP_IS_RDONLY(za) ((za)->ch_flags & ZIP_AFL_RDONLY) +#ifdef HAVE_EXPLICIT_MEMSET +#define _zip_crypto_clear(b, l) explicit_memset((b), 0, (l)) +#else +#ifdef HAVE_EXPLICIT_BZERO +#define _zip_crypto_clear(b, l) explicit_bzero((b), (l)) +#else +#define _zip_crypto_clear(b, l) memset((b), 0, (l)) +#endif +#endif + + zip_int64_t _zip_add_entry(zip_t *); zip_uint8_t *_zip_buffer_data(zip_buffer_t *buffer);