Add support for reading ZIP files utilising AES encryption #179
Conversation
Caveats: * Doesn't currently check the authentication code * Won't read zip files which have a data description block without the signature. (See notes in code) * Has no tests yet...
Working AES-128, -192, -256 decryption
Fixed io seeking bug.
Fixed bug with checking for password= function
…ypt-perf * 'master' of https://github.com/rubyzip/rubyzip: Explicitly add the released 2.1.0 Ruby version Remove branch restriction Fix Rubinius by adding newly required gems, updating label in .travis.yml Update README.md Update README.md Make File.open_buffer support Tempfiles Version bump Update Changelog with Ruby 1.9 requirement Update README to reflect 1.9 requirement Fix rubyzip#106 Set options about restoring ownerships, permissions and times. restore permissions enabled by default. fix jRuby Building rubyzip#104 Fix rubyzip#28 and rubyzip#103 disable jRuby for a while Fix rubyzip#102 recover file permissions if zip file was exist Add missing Zip::Entry arguments to Zip::File#get_output_stream. Fixes rubyzip#100 fix string encoding of zip64 header ids for ruby 2.0 Add read/write support for zip64 extensions Conflicts: lib/zip/extra_field.rb
Test update
…with merging upstream
|
@muz would be great to have tests in any case. Because it's much important thing. |
|
@simonoff 100% agree. As it stands though, we know this PR hasn't regressed the code at the very least as the existing tests continue to pass. That said, I've taken some time to look into this, and this would involve adding in tests against AES encrypted ZIP files. This in itself isn't a problem, what is a problem is the provisioning of them. As I understand it, and correct me if I'm wrong, currently the tests create ZIP files prior to the tests executing by calling Have we any strong preferences for which route to take with this; as this would incur a dependency change for being able to run the tests too - unless we just bundle some AES encrypted ZIPs as part of the codebase (which I'm somewhat reluctant to do) |
…etting a decompressor
|
I'm generally happy to bundle things like zip files for the tests myself. They don't need to be too big for testing and it ensures that we really are testing against fixtures that are externally generated. It also keeps the tests themselves simpler, which is no bad thing. I say go for it and bundle. |
|
@muz @jphastings my team is working on traditional encryption (work-in-progress) here: http://github.com/johnnyshields/rubyzip. We've come up with a structure that I believe is a bit more extensible--should be easy to plug AES into it. Please take a look. |
|
Will do @johnnyshields, where would you recommend we start looking - in the master branch? |
|
@jphastings here's a diff johnnyshields/rubyzip@rubyzip:master...master (Github is so cool!) We've added the structures for both encryption and decryption. I think one of the biggest things to determine is what the public interface should be, in particular The code itself is a work in progress, doesn't seem to be 100% working yet but the structure is there. Copying @matsu911 to the thread. |
|
FYI I've raised the PR for Traditional Encryption |
|
@muz can you rebase with current master? |
|
I have skimmed the code and noticed that AES encryption is compression method 99. So actually AES has to be implemented as a decompressor, which makes current "transparent decryption" difficult. |
|
No action on this PR for several years now - what are thoughts like on the prospects for this PR/this feature more generally? |
|
Hey @bensomers; I used to work with @muz while the company we completed this work for still existed. I can put some work into getting this up to par if @cielavenir's concerns aren't problematic to the maintainers. |
|
I'd be a fan of that, though it's really the maintainers we'd want to hear from before you spend the effort. I actually need to be writing out AES files, not just reading them, so this would only be a start point for my needs - but it's pretty silly for me to submit a PR for writing before the capability to read is in. |
|
Hello everybody, is there a plan to add AES support (read/write) to rubyzip? It may be interesting for me to work on this with a small guidance. Maybe #194 is a good start point? (@johnnyshields ) |
|
Hi, I won't be working on this. With some googling you can probably find a ruby implementation or a python/javascript implementation that could be ported. |
Working AES-128, -192, -256 decryption
Caveats:
the signature. (See notes in code)