This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ZIP File Encryption #157
Comments
When it comes to crypto, I think we should aim for feature parity with 7-zip ( https://www.7-zip.org/ ). 7-zip does a lot of things right, the set of features it supports is among them (and because it's open-source, it's easy to get some inspiration if we get stuck). When I open the "Add to archive..." dialog, I get the following window: They support ZipCrypto and AES256.
I think if we support those two algorithms, we support most crypto needs for Zip archives. |
I would strongly discourage encrypting with ZipCrypto as it serves no good purpose due to its weaknesses. Decrypting is fine, to be compatible with existing archives. |
The I'm still not sure it's worth it though - I don't think it's appropriate for a tool to claim to "encrypt your data" while leaving important information in plaintext. I think it would be better to encourage users to write to an encrypted Edit: to be clear, we should absolutely be able to read |
I'd be receptive to a PR implementing a (non-default) |
Well I would love to be able to open zips with some or all of the files aes encrypted. Don't need to write it for my purpose but either seems impossible to do in rust. |
#203 addresses decryption, and looks like a reasonable implementation so far. I'll need to fix the conflicts with the other PRs that have been merged in the meantime. |
I will look into the #203 |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
When creating a ZIP archive, we have a few options for encrypting the contents:
For this project, AE-x is the only standard we could practically implement, however, even with the stronger algorithm, it doesn't obscure file metadata. Since this could be taken advantage of, users who need their data to be secure are recommended to encrypt the whole archive.
Given all of these issues, I don't think there is a clear choice for an encryption API in the crate.
So for now, this issue is tracking any use cases for these features. If there is a real need for AE-x/ZipCrypto, we can further explore the design.
The text was updated successfully, but these errors were encountered: