New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds support AES decryption #579
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a few initial remarks from what I have read.
lib/zip/crypto/aes_encryption.rb
Outdated
end | ||
|
||
def gp_flags | ||
0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As described below, the general purpose flag should be set to 1:
As for any encrypted file, bit 0 of the "general purpose bit flags" field must be set to 1 in each AES-encrypted file's local header and central directory entry.
0 | |
1 |
amount_to_read -= BLOCK_SIZE | ||
@counter += 1 | ||
end | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are missing the check of the CRC, we should check that the decrypted content hasn't been tampered.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've tried to integrate the AES integrity check, but it doesn't work.
If you have an idea, I'd love to hear it.
#573 #179 @Ph0tonic