This class implements the "traditional" or "classic" PKZip encryption, which today is considered to be weak. On the other hand it is ubiquitous. This class is intended for use only by the DotNetZip library.
Most uses of the DotNetZip library will not involve direct calls into the ZipCrypto class. Instead, the ZipCrypto class is instantiated and used by the ZipEntry() class when encryption or decryption on an entry is employed. If for some reason you really wanted to use a weak encryption algorithm in some other application, you might use this library. But you would be much better off using one of the built-in strong encryption libraries in the .NET Framework, like the AES algorithm or SHA.
예제 #1
0
 /// <summary>  The constructor. </summary>
 /// <param name="s">The underlying stream</param>
 /// <param name="mode">To either encrypt or decrypt.</param>
 /// <param name="cipher">The pre-initialized ZipCrypto object.</param>
 public ZipCipherStream(System.IO.Stream s, ZipCrypto cipher, CryptoMode mode)
     : base()
 {
     _cipher = cipher;
     _s      = s;
     _mode   = mode;
 }
 public static ZipCrypto ForWrite(string password)
 {
     ZipCrypto z = new ZipCrypto();
     if (password == null)
         throw new BadPasswordException("This entry requires a password.");
     z.InitCipher(password);
     return z;
 }
예제 #3
0
        public static ZipCrypto ForWrite(string password)
        {
            ZipCrypto z = new ZipCrypto();

            if (password == null)
            {
                throw new BadPasswordException("This entry requires a password.");
            }
            z.InitCipher(password);
            return(z);
        }
예제 #4
0
        public static ZipCrypto ForRead(string password, ZipEntry e)
        {
            System.IO.Stream s = e._archiveStream;
            e._WeakEncryptionHeader = new byte[12];
            byte[]    eh = e._WeakEncryptionHeader;
            ZipCrypto z  = new ZipCrypto();

            if (password == null)
            {
                throw new BadPasswordException("This entry requires a password.");
            }

            z.InitCipher(password);

            ZipEntry.ReadWeakEncryptionHeader(s, eh);

            // Decrypt the header.  This has a side effect of "further initializing the
            // encryption keys" in the traditional zip encryption.
            byte[] DecryptedHeader = z.DecryptMessage(eh, eh.Length);

            // CRC check
            // According to the pkzip spec, the final byte in the decrypted header
            // is the highest-order byte in the CRC. We check it here.
            if (DecryptedHeader[11] != (byte)((e._Crc32 >> 24) & 0xff))
            {
                // In the case that bit 3 of the general purpose bit flag is set to
                // indicate the presence of an 'Extended File Header' or a 'data
                // descriptor' (signature 0x08074b50), the last byte of the decrypted
                // header is sometimes compared with the high-order byte of the
                // lastmodified time, rather than the high-order byte of the CRC, to
                // verify the password.
                //
                // This is not documented in the PKWare Appnote.txt.  It was
                // discovered this by analysis of the Crypt.c source file in the
                // InfoZip library http://www.info-zip.org/pub/infozip/
                //
                // The reason for this is that the CRC for a file cannot be known
                // until the entire contents of the file have been streamed. This
                // means a tool would have to read the file content TWICE in its
                // entirety in order to perform PKZIP encryption - once to compute
                // the CRC, and again to actually encrypt.
                //
                // This is so important for performance that using the timeblob as
                // the verification should be the standard practice for DotNetZip
                // when using PKZIP encryption. This implies that bit 3 must be
                // set. The downside is that some tools still cannot cope with ZIP
                // files that use bit 3.  Therefore, DotNetZip DOES NOT force bit 3
                // when PKZIP encryption is in use, and instead, reads the stream
                // twice.
                //

                if ((e._BitField & 0x0008) != 0x0008)
                {
                    throw new BadPasswordException("The password did not match.");
                }
                else if (DecryptedHeader[11] != (byte)((e._TimeBlob >> 8) & 0xff))
                {
                    throw new BadPasswordException("The password did not match.");
                }

                // We have a good password.
            }
            else
            {
                // A-OK
            }
            return(z);
        }
        public static ZipCrypto ForRead(string password, ZipEntry e)
        {
            System.IO.Stream s = e._archiveStream;
            e._WeakEncryptionHeader = new byte[12];
            byte[] eh = e._WeakEncryptionHeader;
            ZipCrypto z = new ZipCrypto();

            if (password == null)
                throw new BadPasswordException("This entry requires a password.");

            z.InitCipher(password);

            ZipEntry.ReadWeakEncryptionHeader(s, eh);

            // Decrypt the header.  This has a side effect of "further initializing the
            // encryption keys" in the traditional zip encryption.
            byte[] DecryptedHeader = z.DecryptMessage(eh, eh.Length);

            // CRC check
            // According to the pkzip spec, the final byte in the decrypted header
            // is the highest-order byte in the CRC. We check it here.
            if (DecryptedHeader[11] != (byte)((e._Crc32 >> 24) & 0xff))
            {
                // In the case that bit 3 of the general purpose bit flag is set to
                // indicate the presence of an 'Extended File Header' or a 'data
                // descriptor' (signature 0x08074b50), the last byte of the decrypted
                // header is sometimes compared with the high-order byte of the
                // lastmodified time, rather than the high-order byte of the CRC, to
                // verify the password.
                //
                // This is not documented in the PKWare Appnote.txt.  It was
                // discovered this by analysis of the Crypt.c source file in the
                // InfoZip library http://www.info-zip.org/pub/infozip/
                //
                // The reason for this is that the CRC for a file cannot be known
                // until the entire contents of the file have been streamed. This
                // means a tool would have to read the file content TWICE in its
                // entirety in order to perform PKZIP encryption - once to compute
                // the CRC, and again to actually encrypt.
                //
                // This is so important for performance that using the timeblob as
                // the verification should be the standard practice for DotNetZip
                // when using PKZIP encryption. This implies that bit 3 must be
                // set. The downside is that some tools still cannot cope with ZIP
                // files that use bit 3.  Therefore, DotNetZip DOES NOT force bit 3
                // when PKZIP encryption is in use, and instead, reads the stream
                // twice.
                //

                if ((e._BitField & 0x0008) != 0x0008)
                {
                    throw new BadPasswordException("The password did not match.");
                }
                else if (DecryptedHeader[11] != (byte)((e._TimeBlob >> 8) & 0xff))
                {
                    throw new BadPasswordException("The password did not match.");
                }

                // We have a good password.
            }
            else
            {
                // A-OK
            }
            return z;
        }
 /// <summary>  The constructor. </summary>
 /// <param name="s">The underlying stream</param>
 /// <param name="mode">To either encrypt or decrypt.</param>
 /// <param name="cipher">The pre-initialized ZipCrypto object.</param>
 public ZipCipherStream(System.IO.Stream s, ZipCrypto cipher, CryptoMode mode)
     : base()
 {
     _cipher = cipher;
     _s = s;
     _mode = mode;
 }