InputStream implementation doesn't allow check for encryption beforehand

[bio007]

Using InputStream to extract files, which I don't know whether they are password protected or not beforehand, doesn't allow to check for encryption before extraction.

Right now you need to call setPassword or provide password via constructor before calling getNextEntry() which is not always possible. On the other hand calling headerReader.readLocalFileHeader() to obtain LocalFileHeader is possible without password and there isEncrypted() can be checked.

Unfortunately getNextEntry() doesn't execute some "password callback" in case this is detected but tries to extract right away after obtaining LocalFileHeader.

Calling headerReader.readLocalFileHeader() first and then getNextEntry() causes skipping of files because headerReader.readLocalFileHeader() moves the position in the stream of course.

To solve this please provide something like "password callback" setter which will be executed if no password was provided and file is encrypted.

[srikanth-lingala]

This is a good point. A couple of options I see are (please ignore if the following doesn't make sense. This is also for my reference when I look at this issue in the future) :

• Start with reading with the encryption headers the first time read() method is called. This way when you do zipInputStream.getNextEntry(), you will get a zip header where you can check if the entry is encrypted. If yes, you can set the password with zipInputStream.setPassword() and continue reading the entry
• Password callback setter. I haven't completely understood your proposal here. Can you please elaborate a bit more?

[bio007]

Hi, sorry for the long delay. I've created a PR. I hope it will make it clearer for you about what callback I've been talking about.

[srikanth-lingala]

@bio007 Thanks for the PR. I appreciate that. I just merged it and will include it in the next release.

[srikanth-lingala]

PR included in v2.9.1 released today.