public ZipAESStream(Stream stream, ZipAESTransform transform, CryptoStreamMode mode)
: base(stream, transform, mode)
{
_stream = stream;
_transform = transform;
_slideBuffer = new byte[0x400];
_blockAndAuth = 0x1a;
if (mode != CryptoStreamMode.Read)
{
throw new Exception("ZipAESStream only for read");
}
}
private Stream CreateAndInitDecryptionStream(Stream baseStream, ZipEntry entry)
{
if ((entry.Version < 50) || ((entry.Flags & 0x40) == 0))
{
var managed = new PkzipClassicManaged();
OnKeysRequired(entry.Name);
if (!HaveKeys)
{
throw new ZipException("No password available for encrypted stream");
}
var classicCryptoStream
= new CryptoStream(baseStream, managed.CreateDecryptor(_key, null), CryptoStreamMode.Read);
CheckClassicPassword(classicCryptoStream, entry);
return classicCryptoStream;
}
if (entry.Version != 0x33)
{
throw new ZipException("Decryption method not supported");
}
OnKeysRequired(entry.Name);
if (!HaveKeys)
{
throw new ZipException("No password available for AES encrypted stream");
}
var aEsSaltLen = entry.AesSaltLen;
var buffer = new byte[aEsSaltLen];
var num2 = baseStream.Read(buffer, 0, aEsSaltLen);
if (num2 != aEsSaltLen)
{
throw new ZipException(string.Concat(new object[] { "AES Salt expected ", aEsSaltLen, " got ", num2 }));
}
var buffer2 = new byte[2];
baseStream.Read(buffer2, 0, 2);
var blockSize = entry.AesKeySize / 8;
var transform = new ZipAESTransform(_rawPassword, buffer, blockSize, false);
var pwdVerifier = transform.PwdVerifier;
if ((pwdVerifier[0] != buffer2[0]) || (pwdVerifier[1] != buffer2[1]))
{
throw new Exception("Invalid password for AES");
}
return new ZipAESStream(baseStream, transform, CryptoStreamMode.Read);
}