From f9f5029fc1c5133927bd1902a47fa95b23a57d99 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Sat, 19 Oct 2019 18:57:56 +0200 Subject: [PATCH 01/17] Added ZipCrypto support for stored and deflated files --- src/lib.rs | 1 + src/read.rs | 132 +++++++++++++++++++++++------- src/result.rs | 10 ++- src/zipcrypto.rs | 209 +++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 322 insertions(+), 30 deletions(-) create mode 100644 src/zipcrypto.rs diff --git a/src/lib.rs b/src/lib.rs index cfe4a598..86cca731 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -24,3 +24,4 @@ mod compression; pub mod write; mod cp437; pub mod result; +mod zipcrypto; diff --git a/src/read.rs b/src/read.rs index 2eb3d83b..061bda7c 100644 --- a/src/read.rs +++ b/src/read.rs @@ -2,6 +2,8 @@ use crc32::Crc32Reader; use compression::CompressionMethod; +use zipcrypto::ZipCryptoReader; +use zipcrypto::ZipCryptoReaderValid; use spec; use result::{ZipResult, ZipError}; use std::io; @@ -69,6 +71,9 @@ enum ZipFileReader<'a> { Deflated(Crc32Reader>>), #[cfg(feature = "bzip2")] Bzip2(Crc32Reader>>), + StoredZipCrypto(Crc32Reader>>), + #[cfg(feature = "deflate")] + DeflatedZipCrypto(Crc32Reader>>>), } /// A struct for reading a zip file @@ -86,33 +91,74 @@ fn unsupported_zip_error(detail: &'static str) -> ZipResult fn make_reader<'a>( compression_method: ::compression::CompressionMethod, crc32: u32, - reader: io::Take<&'a mut io::Read>) + reader: io::Take<&'a mut io::Read>, + password: Option<&[u8]>) -> ZipResult> { - match compression_method { - CompressionMethod::Stored => + match password + { + None => match compression_method { - Ok(ZipFileReader::Stored(Crc32Reader::new( - reader, - crc32))) - }, - #[cfg(feature = "deflate")] - CompressionMethod::Deflated => + CompressionMethod::Stored => + { + Ok(ZipFileReader::Stored(Crc32Reader::new( + reader, + crc32))) + }, + #[cfg(feature = "deflate")] + CompressionMethod::Deflated => + { + let deflate_reader = DeflateDecoder::new(reader); + Ok(ZipFileReader::Deflated(Crc32Reader::new( + deflate_reader, + crc32))) + }, + #[cfg(feature = "bzip2")] + CompressionMethod::Bzip2 => + { + let bzip2_reader = BzDecoder::new(reader); + Ok(ZipFileReader::Bzip2(Crc32Reader::new( + bzip2_reader, + crc32))) + }, + _ => unsupported_zip_error("Compression method not supported"), + } + Some(password) => match compression_method { - let deflate_reader = DeflateDecoder::new(reader); - Ok(ZipFileReader::Deflated(Crc32Reader::new( - deflate_reader, - crc32))) + CompressionMethod::Stored => + { + let zipcrypto_reader = ZipCryptoReader::new(reader, password); + let zipcrypto_reader = zipcrypto_reader.validate(crc32)?; + if let Some(zipcrypto_reader) = zipcrypto_reader + { + Ok(ZipFileReader::StoredZipCrypto(Crc32Reader::new( + zipcrypto_reader, + crc32))) + } + else + { + Err(ZipError::InvalidPassword) + } + }, + #[cfg(feature = "deflate")] + CompressionMethod::Deflated => + { + let zipcrypto_reader = ZipCryptoReader::new(reader, password); + let zipcrypto_reader = zipcrypto_reader.validate(crc32)?; + if let Some(zipcrypto_reader) = zipcrypto_reader + { + let deflate_reader = DeflateDecoder::new(zipcrypto_reader); + Ok(ZipFileReader::DeflatedZipCrypto(Crc32Reader::new( + deflate_reader, + crc32))) + } + else + { + Err(ZipError::InvalidPassword) + } + }, + _ => unsupported_zip_error("Compression method not supported"), }, - #[cfg(feature = "bzip2")] - CompressionMethod::Bzip2 => - { - let bzip2_reader = BzDecoder::new(reader); - Ok(ZipFileReader::Bzip2(Crc32Reader::new( - bzip2_reader, - crc32))) - }, - _ => unsupported_zip_error("Compression method not supported"), } } @@ -252,9 +298,20 @@ impl ZipArchive pub fn offset(&self) -> u64 { self.offset } + + /// Search for a file entry by name, decrypt with given password + pub fn by_name_decrypt<'a>(&'a mut self, name: &str, password: &[u8]) -> ZipResult> + { + self.by_name_internal(name, Some(password)) + } /// Search for a file entry by name pub fn by_name<'a>(&'a mut self, name: &str) -> ZipResult> + { + self.by_name_internal(name, None) + } + + fn by_name_internal<'a>(&'a mut self, name: &str, password: Option<&[u8]>) -> ZipResult> { let index = match self.names_map.get(name) { Some(index) => *index, @@ -262,16 +319,27 @@ impl ZipArchive }; self.by_index(index) } - + + /// Get a contained file by index, decrypt with given password + pub fn by_index_decrypt<'a>(&'a mut self, file_number: usize, password: &[u8]) -> ZipResult> + { + self.by_index_internal(file_number, Some(password)) + } + /// Get a contained file by index pub fn by_index<'a>(&'a mut self, file_number: usize) -> ZipResult> + { + self.by_index_internal(file_number, None) + } + + fn by_index_internal<'a>(&'a mut self, file_number: usize, password: Option<&[u8]>) -> ZipResult> { if file_number >= self.files.len() { return Err(ZipError::FileNotFound); } let ref mut data = self.files[file_number]; - - if data.encrypted + + if data.encrypted && password == None { - return unsupported_zip_error("Encrypted files are not supported") + return Err(ZipError::PasswordRequired) } // Parse local header @@ -290,8 +358,8 @@ impl ZipArchive self.reader.seek(io::SeekFrom::Start(data.data_start))?; let limit_reader = (self.reader.by_ref() as &mut Read).take(data.compressed_size); - - Ok(ZipFile { reader: make_reader(data.compression_method, data.crc32, limit_reader)?, data: Cow::Borrowed(data) }) + + Ok(ZipFile { reader: make_reader(data.compression_method, data.crc32, limit_reader, password)?, data: Cow::Borrowed(data) }) } /// Unwrap and return the inner reader object @@ -422,6 +490,9 @@ fn get_reader<'a>(reader: &'a mut ZipFileReader) -> &'a mut Read { ZipFileReader::Deflated(ref mut r) => r as &mut Read, #[cfg(feature = "bzip2")] ZipFileReader::Bzip2(ref mut r) => r as &mut Read, + ZipFileReader::StoredZipCrypto(ref mut r) => r as &mut Read, + #[cfg(feature = "deflate")] + ZipFileReader::DeflatedZipCrypto(ref mut r) => r as &mut Read, } } @@ -534,6 +605,9 @@ impl<'a> Drop for ZipFile<'a> { ZipFileReader::Deflated(crcreader) => crcreader.into_inner().into_inner(), #[cfg(feature = "bzip2")] ZipFileReader::Bzip2(crcreader) => crcreader.into_inner().into_inner(), + ZipFileReader::StoredZipCrypto(crcreader) => crcreader.into_inner().into_inner(), + #[cfg(feature = "deflate")] + ZipFileReader::DeflatedZipCrypto(crcreader) => crcreader.into_inner().into_inner().into_inner(), }; loop { @@ -636,7 +710,7 @@ pub fn read_zipfile_from_stream<'a, R: io::Read>(reader: &'a mut R) -> ZipResult let result_compression_method = result.compression_method; Ok(Some(ZipFile { data: Cow::Owned(result), - reader: make_reader(result_compression_method, result_crc32, limit_reader)? + reader: make_reader(result_compression_method, result_crc32, limit_reader, None)? })) } diff --git a/src/result.rs b/src/result.rs index d82259ea..6dce053d 100644 --- a/src/result.rs +++ b/src/result.rs @@ -23,6 +23,12 @@ pub enum ZipError /// The requested file could not be found in the archive FileNotFound, + + /// No password was given but the data is encrypted + PasswordRequired, + + /// The given password is wrong + InvalidPassword, } impl ZipError @@ -39,7 +45,7 @@ impl ZipError ZipError::InvalidArchive(msg) | ZipError::UnsupportedArchive(msg) => { (self.description().to_string() + ": " + msg).into() }, - ZipError::FileNotFound => { + ZipError::FileNotFound | ZipError::PasswordRequired | ZipError::InvalidPassword => { self.description().into() }, } @@ -80,6 +86,8 @@ impl error::Error for ZipError ZipError::InvalidArchive(..) => "Invalid Zip archive", ZipError::UnsupportedArchive(..) => "Unsupported Zip archive", ZipError::FileNotFound => "Specified file not found in archive", + ZipError::PasswordRequired => "Missing password, file in archive is encrypted", + ZipError::InvalidPassword => "Invalid password for file in archive", } } diff --git a/src/zipcrypto.rs b/src/zipcrypto.rs new file mode 100644 index 00000000..559e590e --- /dev/null +++ b/src/zipcrypto.rs @@ -0,0 +1,209 @@ +use std::num::Wrapping; + +struct ZipCryptoKeys { + key_0: Wrapping, + key_1: Wrapping, + key_2: Wrapping, +} + +impl ZipCryptoKeys { + //Used this paper to implement ZipCrypto algo + //https://courses.cs.ut.ee/MTAT.07.022/2015_fall/uploads/Main/dmitri-report-f15-16.pdf + + fn new() -> ZipCryptoKeys + { + ZipCryptoKeys + { + key_0: Wrapping(0x12345678), + key_1: Wrapping(0x23456789), + key_2: Wrapping(0x34567890), + } + } + + fn update(&mut self, input: u8) + { + self.key_0 = ZipCryptoKeys::crc32(self.key_0, input); + self.key_1 = (self.key_1 + (self.key_0 & Wrapping(0xff))) * Wrapping(0x08088405) + Wrapping(1); + self.key_2 = ZipCryptoKeys::crc32(self.key_2, (self.key_1 >> 24).0 as u8); + } + + fn stream_byte(&mut self) -> u8 + { + let temp : Wrapping = Wrapping(self.key_2.0 as u16) | Wrapping(3); + ((temp * (temp ^ Wrapping(1))) >> 8).0 as u8 + } + + fn decrypt_byte(&mut self, cipher_byte : u8) -> u8 + { + let plain_byte : u8 = self.stream_byte() ^ cipher_byte; + self.update(plain_byte); + plain_byte + } + + #[allow(dead_code)] + fn encrypt_byte(&mut self, plain_byte : u8) -> u8 + { + let cipher_byte : u8 = self.stream_byte() ^ plain_byte; + self.update(plain_byte); + cipher_byte + } + + fn crc32(crc : Wrapping, input: u8) -> Wrapping + { + return (crc >> 8) ^ Wrapping(CRCTABLE[((crc & Wrapping(0xff)).0 as u8 ^ input) as usize]); + } +} + +pub struct ZipCryptoReader { + file: R, + keys: ZipCryptoKeys, +} + +impl ZipCryptoReader +{ + pub fn new(file: R, password: &[u8]) -> ZipCryptoReader + { + //Note: The password is &[u8] and not &str because the documentation + //https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.3.TXT + //does not specify password encoding (see function update_keys) + //Therefore, if &str was used, the password would be UTF-8 and it + //would be impossible to decrypt files that were encrypted with a + //password byte sequence that is unrepresentable in UTF-8. + + let mut result = ZipCryptoReader + { + file: file, + keys: ZipCryptoKeys::new(), + }; + + //Key the cipher by updating the keys with the password + for byte in password.iter() { + result.keys.update(*byte); + } + + result + } + + ///Read the ZipCrypto header bytes and validate the password + pub fn validate(mut self, crc32_plaintext : u32) -> Result>, std::io::Error> + { + //ZipCrypto prefixes a file with a 12 byte header + let mut header_buf = [0u8; 12]; + self.file.read_exact(&mut header_buf)?; + for byte in header_buf.iter_mut() { + *byte = self.keys.decrypt_byte(*byte); + } + + // PKZIP before 2.0 used 2 byte CRC check. + // PKZIP 2.0+ used 1 byte CRC check. It's more secure. + // We also use 1 byte CRC. + + if (crc32_plaintext >> 24) as u8 != header_buf[11] + { + return Ok(None) //Wrong password + } + Ok(Some( + ZipCryptoReaderValid { + reader : self, + } + )) + } +} + +pub struct ZipCryptoReaderValid { + reader: ZipCryptoReader, +} + +impl std::io::Read for ZipCryptoReaderValid +{ + fn read(&mut self, mut buf: &mut [u8]) -> std::io::Result + { + if buf.len() == 0 { + return Ok(0); + } + + //Note: There might be potential for optimization. Inspiration can be found at: + //https://github.com/kornelski/7z/blob/master/CPP/7zip/Crypto/ZipCrypto.cpp + + let result = self.reader.file.read(&mut buf); + for byte in buf.iter_mut() { + *byte = self.reader.keys.decrypt_byte(*byte); + } + result + } +} + +impl ZipCryptoReaderValid +{ + /// Consumes this decoder, returning the underlying reader. + pub fn into_inner(self) -> R { + self.reader.file + } +} + +static CRCTABLE : [u32; 256] = [ + 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, + 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, + 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, + 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, + 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, + 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, + 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, + 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, + 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, + 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, + 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, + 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, + 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, + 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, + 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, + 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, + 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, + 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, + 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, + 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, + 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, + 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, + 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, + 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, + 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, + 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, + 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, + 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, + 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, + 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, + 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, + 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, + 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, + 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, + 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, + 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, + 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, + 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, + 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, + 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, + 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, + 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, + 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, + 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, + 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, + 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, + 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, + 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, + 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, + 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, + 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, + 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, + 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, + 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, + 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, + 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, + 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, + 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, + 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, + 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, + 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, + 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, + 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, + 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d +]; From 1f87098e57b043e0cc7cbc7313be14dfecfd3725 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Sat, 19 Oct 2019 23:43:33 +0200 Subject: [PATCH 02/17] Enable decryption with file reader by_name() --- src/read.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/read.rs b/src/read.rs index 061bda7c..f53900d9 100644 --- a/src/read.rs +++ b/src/read.rs @@ -317,7 +317,7 @@ impl ZipArchive Some(index) => *index, None => { return Err(ZipError::FileNotFound); }, }; - self.by_index(index) + self.by_index_internal(index, password) } /// Get a contained file by index, decrypt with given password From 2a5112386cee13fb136d4d887941fded9095a3be Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Sat, 19 Oct 2019 23:44:20 +0200 Subject: [PATCH 03/17] Remove useless return in ZipCryptoReaderValid::read() --- src/zipcrypto.rs | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/zipcrypto.rs b/src/zipcrypto.rs index 559e590e..51910e14 100644 --- a/src/zipcrypto.rs +++ b/src/zipcrypto.rs @@ -117,14 +117,10 @@ pub struct ZipCryptoReaderValid { impl std::io::Read for ZipCryptoReaderValid { fn read(&mut self, mut buf: &mut [u8]) -> std::io::Result - { - if buf.len() == 0 { - return Ok(0); - } - + { //Note: There might be potential for optimization. Inspiration can be found at: //https://github.com/kornelski/7z/blob/master/CPP/7zip/Crypto/ZipCrypto.cpp - + let result = self.reader.file.read(&mut buf); for byte in buf.iter_mut() { *byte = self.reader.keys.decrypt_byte(*byte); From 744bb41b4320ab74d11aa64d545064cba9271284 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Sun, 20 Oct 2019 00:58:07 +0200 Subject: [PATCH 04/17] Ignore password if file not encrypted. Clean up code structure. --- src/read.rs | 206 +++++++++++++++++++++++++++------------------------- 1 file changed, 107 insertions(+), 99 deletions(-) diff --git a/src/read.rs b/src/read.rs index f53900d9..37bf5a8c 100644 --- a/src/read.rs +++ b/src/read.rs @@ -64,16 +64,68 @@ pub struct ZipArchive comment: Vec, } -enum ZipFileReader<'a> { +enum CryptoReader<'a> +{ + Plaintext(io::Take<&'a mut Read>), + ZipCrypto(ZipCryptoReaderValid>), +} + +impl<'a> Read for CryptoReader<'a> { + fn read(&mut self, buf: &mut [u8]) -> io::Result { + match self { + CryptoReader::Plaintext(r) => r.read(buf), + CryptoReader::ZipCrypto(r) => r.read(buf), + } + } +} + +impl<'a> CryptoReader<'a> +{ + /// Consumes this decoder, returning the underlying reader. + pub fn into_inner(self) -> io::Take<&'a mut Read> { + match self { + CryptoReader::Plaintext(r) => r, + CryptoReader::ZipCrypto(r) => r.into_inner(), + } + } +} + +enum ZipFileReader<'a> +{ NoReader, - Stored(Crc32Reader>), + Stored(Crc32Reader>), #[cfg(feature = "deflate")] - Deflated(Crc32Reader>>), + Deflated(Crc32Reader>>), #[cfg(feature = "bzip2")] - Bzip2(Crc32Reader>>), - StoredZipCrypto(Crc32Reader>>), - #[cfg(feature = "deflate")] - DeflatedZipCrypto(Crc32Reader>>>), + Bzip2(Crc32Reader>>), +} + +impl<'a> Read for ZipFileReader<'a> { + fn read(&mut self, buf: &mut [u8]) -> io::Result { + match self { + ZipFileReader::NoReader => panic!("ZipFileReader was in an invalid state"), + ZipFileReader::Stored(r) => r.read(buf), + #[cfg(feature = "deflate")] + ZipFileReader::Deflated(r) => r.read(buf), + #[cfg(feature = "bzip2")] + ZipFileReader::Bzip2(r) => r.read(buf), + } + } +} + +impl<'a> ZipFileReader<'a> +{ + /// Consumes this decoder, returning the underlying reader. + pub fn into_inner(self) -> io::Take<&'a mut Read> { + match self { + ZipFileReader::NoReader => panic!("ZipFileReader was in an invalid state"), + ZipFileReader::Stored(r) => r.into_inner().into_inner(), + #[cfg(feature = "deflate")] + ZipFileReader::Deflated(r) => r.into_inner().into_inner().into_inner(), + #[cfg(feature = "bzip2")] + ZipFileReader::Bzip2(r) => r.into_inner().into_inner().into_inner(), + } + } } /// A struct for reading a zip file @@ -94,71 +146,45 @@ fn make_reader<'a>( reader: io::Take<&'a mut io::Read>, password: Option<&[u8]>) -> ZipResult> { - - match password + + let reader = match password { - None => match compression_method + None => CryptoReader::Plaintext(reader), + Some(password) => { - CompressionMethod::Stored => + match ZipCryptoReader::new(reader, password).validate(crc32)? { - Ok(ZipFileReader::Stored(Crc32Reader::new( - reader, - crc32))) - }, - #[cfg(feature = "deflate")] - CompressionMethod::Deflated => - { - let deflate_reader = DeflateDecoder::new(reader); - Ok(ZipFileReader::Deflated(Crc32Reader::new( - deflate_reader, - crc32))) - }, - #[cfg(feature = "bzip2")] - CompressionMethod::Bzip2 => - { - let bzip2_reader = BzDecoder::new(reader); - Ok(ZipFileReader::Bzip2(Crc32Reader::new( - bzip2_reader, - crc32))) - }, - _ => unsupported_zip_error("Compression method not supported"), + None => return Err(ZipError::InvalidPassword), + Some(r) => CryptoReader::ZipCrypto(r), + } } - Some(password) => match compression_method + }; + + match compression_method + { + CompressionMethod::Stored => { - CompressionMethod::Stored => - { - let zipcrypto_reader = ZipCryptoReader::new(reader, password); - let zipcrypto_reader = zipcrypto_reader.validate(crc32)?; - if let Some(zipcrypto_reader) = zipcrypto_reader - { - Ok(ZipFileReader::StoredZipCrypto(Crc32Reader::new( - zipcrypto_reader, - crc32))) - } - else - { - Err(ZipError::InvalidPassword) - } - }, - #[cfg(feature = "deflate")] - CompressionMethod::Deflated => - { - let zipcrypto_reader = ZipCryptoReader::new(reader, password); - let zipcrypto_reader = zipcrypto_reader.validate(crc32)?; - if let Some(zipcrypto_reader) = zipcrypto_reader - { - let deflate_reader = DeflateDecoder::new(zipcrypto_reader); - Ok(ZipFileReader::DeflatedZipCrypto(Crc32Reader::new( - deflate_reader, - crc32))) - } - else - { - Err(ZipError::InvalidPassword) - } - }, - _ => unsupported_zip_error("Compression method not supported"), + Ok(ZipFileReader::Stored(Crc32Reader::new( + reader, + crc32))) }, + #[cfg(feature = "deflate")] + CompressionMethod::Deflated => + { + let deflate_reader = DeflateDecoder::new(reader); + Ok(ZipFileReader::Deflated(Crc32Reader::new( + deflate_reader, + crc32))) + }, + #[cfg(feature = "bzip2")] + CompressionMethod::Bzip2 => + { + let bzip2_reader = BzDecoder::new(reader); + Ok(ZipFileReader::Bzip2(Crc32Reader::new( + bzip2_reader, + crc32))) + }, + _ => unsupported_zip_error("Compression method not supported"), } } @@ -332,14 +358,22 @@ impl ZipArchive self.by_index_internal(file_number, None) } - fn by_index_internal<'a>(&'a mut self, file_number: usize, password: Option<&[u8]>) -> ZipResult> + fn by_index_internal<'a>(&'a mut self, file_number: usize, mut password: Option<&[u8]>) -> ZipResult> { if file_number >= self.files.len() { return Err(ZipError::FileNotFound); } let ref mut data = self.files[file_number]; - if data.encrypted && password == None + if password == None { - return Err(ZipError::PasswordRequired) + if data.encrypted + { + return Err(ZipError::PasswordRequired) + } + } + else if !data.encrypted + { + //Password supplied, but none needed! Discard. + password = None; } // Parse local header @@ -482,25 +516,8 @@ fn parse_extra_field(file: &mut ZipFileData, data: &[u8]) -> ZipResult<()> Ok(()) } -fn get_reader<'a>(reader: &'a mut ZipFileReader) -> &'a mut Read { - match *reader { - ZipFileReader::NoReader => panic!("ZipFileReader was in an invalid state"), - ZipFileReader::Stored(ref mut r) => r as &mut Read, - #[cfg(feature = "deflate")] - ZipFileReader::Deflated(ref mut r) => r as &mut Read, - #[cfg(feature = "bzip2")] - ZipFileReader::Bzip2(ref mut r) => r as &mut Read, - ZipFileReader::StoredZipCrypto(ref mut r) => r as &mut Read, - #[cfg(feature = "deflate")] - ZipFileReader::DeflatedZipCrypto(ref mut r) => r as &mut Read, - } -} - /// Methods for retrieving information on zip files impl<'a> ZipFile<'a> { - fn get_reader(&mut self) -> &mut Read { - get_reader(&mut self.reader) - } /// Get the version of the file pub fn version_made_by(&self) -> (u8, u8) { (self.data.version_made_by / 10, self.data.version_made_by % 10) @@ -585,7 +602,7 @@ impl<'a> ZipFile<'a> { impl<'a> Read for ZipFile<'a> { fn read(&mut self, buf: &mut [u8]) -> io::Result { - self.get_reader().read(buf) + self.reader.read(buf) } } @@ -596,19 +613,10 @@ impl<'a> Drop for ZipFile<'a> { if let Cow::Owned(_) = self.data { let mut buffer = [0; 1<<16]; - // Get the inner `Take` reader so all decompression and CRC calculation is skipped. + // Get the inner `Take` reader so all decryption, decompression and CRC calculation is skipped. let innerreader = ::std::mem::replace(&mut self.reader, ZipFileReader::NoReader); - let mut reader = match innerreader { - ZipFileReader::NoReader => panic!("ZipFileReader was in an invalid state"), - ZipFileReader::Stored(crcreader) => crcreader.into_inner(), - #[cfg(feature = "deflate")] - ZipFileReader::Deflated(crcreader) => crcreader.into_inner().into_inner(), - #[cfg(feature = "bzip2")] - ZipFileReader::Bzip2(crcreader) => crcreader.into_inner().into_inner(), - ZipFileReader::StoredZipCrypto(crcreader) => crcreader.into_inner().into_inner(), - #[cfg(feature = "deflate")] - ZipFileReader::DeflatedZipCrypto(crcreader) => crcreader.into_inner().into_inner().into_inner(), - }; + let mut reader : std::io::Take<&mut dyn std::io::Read> = + innerreader.into_inner(); loop { match reader.read(&mut buffer) { From f9116fc9c8fdcfc59c69e268d14d628e1f9bc7c0 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Thu, 21 May 2020 22:14:53 +0200 Subject: [PATCH 05/17] Clean up whitespaces --- src/read.rs | 14 +++++++------- src/result.rs | 4 ++-- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/read.rs b/src/read.rs index 0bdd0529..3288b8cd 100644 --- a/src/read.rs +++ b/src/read.rs @@ -144,11 +144,11 @@ fn make_reader<'a>( reader: io::Take<&'a mut dyn io::Read>, password: Option<&[u8]>) -> ZipResult> { - + let reader = match password { None => CryptoReader::Plaintext(reader), - Some(password) => + Some(password) => { match ZipCryptoReader::new(reader, password).validate(crc32)? { @@ -157,7 +157,7 @@ fn make_reader<'a>( } } }; - + match compression_method { CompressionMethod::Stored => @@ -353,7 +353,7 @@ impl ZipArchive }; self.by_index_internal(index, password) } - + /// Get a contained file by index, decrypt with given password pub fn by_index_decrypt<'a>(&'a mut self, file_number: usize, password: &[u8]) -> ZipResult> { @@ -365,12 +365,12 @@ impl ZipArchive { self.by_index_internal(file_number, None) } - + fn by_index_internal<'a>(&'a mut self, file_number: usize, mut password: Option<&[u8]>) -> ZipResult> { if file_number >= self.files.len() { return Err(ZipError::FileNotFound); } let ref mut data = self.files[file_number]; - + if password == None { if data.encrypted @@ -623,7 +623,7 @@ impl<'a> Drop for ZipFile<'a> { // Get the inner `Take` reader so all decryption, decompression and CRC calculation is skipped. let innerreader = ::std::mem::replace(&mut self.reader, ZipFileReader::NoReader); - let mut reader : std::io::Take<&mut dyn std::io::Read> = + let mut reader : std::io::Take<&mut dyn std::io::Read> = innerreader.into_inner(); loop { diff --git a/src/result.rs b/src/result.rs index 04a38087..6fc5aaac 100644 --- a/src/result.rs +++ b/src/result.rs @@ -23,10 +23,10 @@ pub enum ZipError /// The requested file could not be found in the archive FileNotFound, - + /// No password was given but the data is encrypted PasswordRequired, - + /// The given password is wrong InvalidPassword, } From 402ecb1e34360ed6985a4c496f0fe9abd97bc29a Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Thu, 21 May 2020 23:54:12 +0200 Subject: [PATCH 06/17] Add ZipCrypto unit test --- tests/zip_crypto.rs | 90 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 tests/zip_crypto.rs diff --git a/tests/zip_crypto.rs b/tests/zip_crypto.rs new file mode 100644 index 00000000..b7e4f791 --- /dev/null +++ b/tests/zip_crypto.rs @@ -0,0 +1,90 @@ +// The following is a hexdump of a zip file containing the following +// ZipCrypto encrypted file: +// test.txt: 35 bytes, contents: `abcdefghijklmnopqrstuvwxyz123456789`, password: `test` +// +// 00000000 50 4b 03 04 14 00 01 00 00 00 54 bd b5 50 2f 20 |PK........T..P/ | +// 00000010 79 55 2f 00 00 00 23 00 00 00 08 00 00 00 74 65 |yU/...#.......te| +// 00000020 73 74 2e 74 78 74 ca 2d 1d 27 19 19 63 43 77 9a |st.txt.-.'..cCw.| +// 00000030 71 76 c9 ec d1 6f d9 f5 22 67 b3 8f 52 b5 41 bc |qv...o.."g..R.A.| +// 00000040 5c 36 f2 1d 84 c3 c0 28 3b fd e1 70 c2 cc 0c 11 |\6.....(;..p....| +// 00000050 0c c5 95 2f a4 50 4b 01 02 3f 00 14 00 01 00 00 |.../.PK..?......| +// 00000060 00 54 bd b5 50 2f 20 79 55 2f 00 00 00 23 00 00 |.T..P/ yU/...#..| +// 00000070 00 08 00 24 00 00 00 00 00 00 00 20 00 00 00 00 |...$....... ....| +// 00000080 00 00 00 74 65 73 74 2e 74 78 74 0a 00 20 00 00 |...test.txt.. ..| +// 00000090 00 00 00 01 00 18 00 31 b2 3b bf b8 2f d6 01 31 |.......1.;../..1| +// 000000a0 b2 3b bf b8 2f d6 01 a8 c4 45 bd b8 2f d6 01 50 |.;../....E../..P| +// 000000b0 4b 05 06 00 00 00 00 01 00 01 00 5a 00 00 00 55 |K..........Z...U| +// 000000c0 00 00 00 00 00 |.....| +// 000000c5 + +use std::io::Read; +use std::io::Cursor; + +#[test] +fn encrypted_file() { + let zip_file_bytes = &mut Cursor::new(vec![ + 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, + 0x54, 0xbd, 0xb5, 0x50, 0x2f, 0x20, 0x79, 0x55, 0x2f, 0x00, + 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, + 0x74, 0x65, 0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0xca, 0x2d, + 0x1d, 0x27, 0x19, 0x19, 0x63, 0x43, 0x77, 0x9a, 0x71, 0x76, + 0xc9, 0xec, 0xd1, 0x6f, 0xd9, 0xf5, 0x22, 0x67, 0xb3, 0x8f, + 0x52, 0xb5, 0x41, 0xbc, 0x5c, 0x36, 0xf2, 0x1d, 0x84, 0xc3, + 0xc0, 0x28, 0x3b, 0xfd, 0xe1, 0x70, 0xc2, 0xcc, 0x0c, 0x11, + 0x0c, 0xc5, 0x95, 0x2f, 0xa4, 0x50, 0x4b, 0x01, 0x02, 0x3f, + 0x00, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x54, 0xbd, 0xb5, + 0x50, 0x2f, 0x20, 0x79, 0x55, 0x2f, 0x00, 0x00, 0x00, 0x23, + 0x00, 0x00, 0x00, 0x08, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x74, 0x65, 0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0x0a, + 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x18, + 0x00, 0x31, 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0x31, + 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0xa8, 0xc4, 0x45, + 0xbd, 0xb8, 0x2f, 0xd6, 0x01, 0x50, 0x4b, 0x05, 0x06, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x5a, 0x00, 0x00, + 0x00, 0x55, 0x00, 0x00, 0x00, 0x00, 0x00 + ]); + + let mut archive = zip::ZipArchive::new(zip_file_bytes).unwrap(); + + assert_eq!(archive.len(), 1); //Only one file inside archive: `test.txt` + + { + // No password + let file = archive.by_index(0); + assert!(file.is_err()); + if let Err(error) = file { + match error { + zip::result::ZipError::PasswordRequired => (), + _ => panic!(), + } + } else { + panic!(); + } + } + + { + // Wrong password + let file = archive.by_index_decrypt(0, "wrong password".as_bytes()); + assert!(file.is_err()); + if let Err(error) = file { + match error { + zip::result::ZipError::InvalidPassword => (), + _ => panic!(), + } + } else { + panic!(); + } + } + + { + // Correct password, read contents + let mut file = archive.by_index_decrypt(0, "test".as_bytes()).unwrap(); + let file_name = file.sanitized_name(); + assert_eq!(file_name, std::path::PathBuf::from("test.txt")); + + let mut data = Vec::new(); + file.read_to_end(&mut data).unwrap(); + assert_eq!(data, "abcdefghijklmnopqrstuvwxyz123456789".as_bytes()); + } +} From 493afdbee10369511bf994ea10a2a2bc83b24949 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Sun, 21 Jun 2020 17:47:08 +0200 Subject: [PATCH 07/17] run cargo fmt --- src/lib.rs | 2 +- src/read.rs | 110 +++++++++++++------------- src/result.rs | 4 +- src/zipcrypto.rs | 187 +++++++++++++++++--------------------------- tests/zip_crypto.rs | 36 ++++----- 5 files changed, 141 insertions(+), 198 deletions(-) diff --git a/src/lib.rs b/src/lib.rs index d224143c..fdcb8fb5 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -12,7 +12,7 @@ mod cp437; mod crc32; pub mod read; pub mod result; -mod zipcrypto; mod spec; mod types; pub mod write; +mod zipcrypto; diff --git a/src/read.rs b/src/read.rs index ae362ae2..b9fb64bb 100644 --- a/src/read.rs +++ b/src/read.rs @@ -1,11 +1,11 @@ //! Structs for reading a ZIP archive use crate::compression::CompressionMethod; -use crate::zipcrypto::ZipCryptoReader; -use crate::zipcrypto::ZipCryptoReaderValid; use crate::crc32::Crc32Reader; use crate::result::{ZipError, ZipResult}; use crate::spec; +use crate::zipcrypto::ZipCryptoReader; +use crate::zipcrypto::ZipCryptoReaderValid; use std::borrow::Cow; use std::collections::HashMap; use std::io; @@ -57,23 +57,21 @@ pub struct ZipArchive { comment: Vec, } -enum CryptoReader<'a> -{ +enum CryptoReader<'a> { Plaintext(io::Take<&'a mut dyn Read>), ZipCrypto(ZipCryptoReaderValid>), } impl<'a> Read for CryptoReader<'a> { - fn read(&mut self, buf: &mut [u8]) -> io::Result { + fn read(&mut self, buf: &mut [u8]) -> io::Result { match self { CryptoReader::Plaintext(r) => r.read(buf), CryptoReader::ZipCrypto(r) => r.read(buf), } - } + } } -impl<'a> CryptoReader<'a> -{ +impl<'a> CryptoReader<'a> { /// Consumes this decoder, returning the underlying reader. pub fn into_inner(self) -> io::Take<&'a mut dyn Read> { match self { @@ -83,8 +81,7 @@ impl<'a> CryptoReader<'a> } } -enum ZipFileReader<'a> -{ +enum ZipFileReader<'a> { NoReader, Stored(Crc32Reader>), #[cfg(feature = "deflate")] @@ -94,8 +91,8 @@ enum ZipFileReader<'a> } impl<'a> Read for ZipFileReader<'a> { - fn read(&mut self, buf: &mut [u8]) -> io::Result { - match self { + fn read(&mut self, buf: &mut [u8]) -> io::Result { + match self { ZipFileReader::NoReader => panic!("ZipFileReader was in an invalid state"), ZipFileReader::Stored(r) => r.read(buf), #[cfg(feature = "deflate")] @@ -103,11 +100,10 @@ impl<'a> Read for ZipFileReader<'a> { #[cfg(feature = "bzip2")] ZipFileReader::Bzip2(r) => r.read(buf), } - } + } } -impl<'a> ZipFileReader<'a> -{ +impl<'a> ZipFileReader<'a> { /// Consumes this decoder, returning the underlying reader. pub fn into_inner(self) -> io::Take<&'a mut dyn Read> { match self { @@ -131,46 +127,31 @@ fn make_reader<'a>( compression_method: crate::compression::CompressionMethod, crc32: u32, reader: io::Take<&'a mut dyn io::Read>, - password: Option<&[u8]>) - -> ZipResult> { - - let reader = match password - { + password: Option<&[u8]>, +) -> ZipResult> { + let reader = match password { None => CryptoReader::Plaintext(reader), - Some(password) => - { - match ZipCryptoReader::new(reader, password).validate(crc32)? - { - None => return Err(ZipError::InvalidPassword), - Some(r) => CryptoReader::ZipCrypto(r), - } - } + Some(password) => match ZipCryptoReader::new(reader, password).validate(crc32)? { + None => return Err(ZipError::InvalidPassword), + Some(r) => CryptoReader::ZipCrypto(r), + }, }; - match compression_method - { - CompressionMethod::Stored => - { - Ok(ZipFileReader::Stored(Crc32Reader::new( - reader, - crc32))) - }, + match compression_method { + CompressionMethod::Stored => Ok(ZipFileReader::Stored(Crc32Reader::new(reader, crc32))), #[cfg(feature = "deflate")] - CompressionMethod::Deflated => - { + CompressionMethod::Deflated => { let deflate_reader = DeflateDecoder::new(reader); Ok(ZipFileReader::Deflated(Crc32Reader::new( deflate_reader, - crc32))) - }, + crc32, + ))) + } #[cfg(feature = "bzip2")] - CompressionMethod::Bzip2 => - { + CompressionMethod::Bzip2 => { let bzip2_reader = BzDecoder::new(reader); - Ok(ZipFileReader::Bzip2(Crc32Reader::new( - bzip2_reader, - crc32))) - }, + Ok(ZipFileReader::Bzip2(Crc32Reader::new(bzip2_reader, crc32))) + } _ => unsupported_zip_error("Compression method not supported"), } } @@ -344,7 +325,11 @@ impl ZipArchive { } /// Search for a file entry by name, decrypt with given password - pub fn by_name_decrypt<'a>(&'a mut self, name: &str, password: &[u8]) -> ZipResult> { + pub fn by_name_decrypt<'a>( + &'a mut self, + name: &str, + password: &[u8], + ) -> ZipResult> { self.by_name_internal(name, Some(password)) } @@ -353,7 +338,11 @@ impl ZipArchive { self.by_name_internal(name, None) } - fn by_name_internal<'a>(&'a mut self, name: &str, password: Option<&[u8]>) -> ZipResult> { + fn by_name_internal<'a>( + &'a mut self, + name: &str, + password: Option<&[u8]>, + ) -> ZipResult> { let index = match self.names_map.get(name) { Some(index) => *index, None => { @@ -364,8 +353,11 @@ impl ZipArchive { } /// Get a contained file by index, decrypt with given password - pub fn by_index_decrypt<'a>(&'a mut self, file_number: usize, password: &[u8]) -> ZipResult> - { + pub fn by_index_decrypt<'a>( + &'a mut self, + file_number: usize, + password: &[u8], + ) -> ZipResult> { self.by_index_internal(file_number, Some(password)) } @@ -374,16 +366,21 @@ impl ZipArchive { self.by_index_internal(file_number, None) } - fn by_index_internal<'a>(&'a mut self, file_number: usize, mut password: Option<&[u8]>) -> ZipResult> { - if file_number >= self.files.len() { return Err(ZipError::FileNotFound); } + fn by_index_internal<'a>( + &'a mut self, + file_number: usize, + mut password: Option<&[u8]>, + ) -> ZipResult> { + if file_number >= self.files.len() { + return Err(ZipError::FileNotFound); + } let ref mut data = self.files[file_number]; if password == None { if data.encrypted { - return Err(ZipError::PasswordRequired) + return Err(ZipError::PasswordRequired); } - } - else if !data.encrypted { + } else if !data.encrypted { //Password supplied, but none needed! Discard. password = None; } @@ -652,8 +649,7 @@ impl<'a> Drop for ZipFile<'a> { // Get the inner `Take` reader so all decryption, decompression and CRC calculation is skipped. let innerreader = ::std::mem::replace(&mut self.reader, ZipFileReader::NoReader); - let mut reader : std::io::Take<&mut dyn std::io::Read> = - innerreader.into_inner(); + let mut reader: std::io::Take<&mut dyn std::io::Read> = innerreader.into_inner(); loop { match reader.read(&mut buffer) { diff --git a/src/result.rs b/src/result.rs index f2dadf5e..41783cb9 100644 --- a/src/result.rs +++ b/src/result.rs @@ -27,10 +27,10 @@ pub enum ZipError { FileNotFound, /// No password was given but the data is encrypted - #[error("missing password, file in archive is encrypted")] + #[error("missing password, file in archive is encrypted")] PasswordRequired, /// The given password is wrong - #[error("invalid password for file in archive")] + #[error("invalid password for file in archive")] InvalidPassword, } diff --git a/src/zipcrypto.rs b/src/zipcrypto.rs index 51910e14..d6d231f3 100644 --- a/src/zipcrypto.rs +++ b/src/zipcrypto.rs @@ -9,47 +9,41 @@ struct ZipCryptoKeys { impl ZipCryptoKeys { //Used this paper to implement ZipCrypto algo //https://courses.cs.ut.ee/MTAT.07.022/2015_fall/uploads/Main/dmitri-report-f15-16.pdf - - fn new() -> ZipCryptoKeys - { - ZipCryptoKeys - { + + fn new() -> ZipCryptoKeys { + ZipCryptoKeys { key_0: Wrapping(0x12345678), key_1: Wrapping(0x23456789), key_2: Wrapping(0x34567890), } } - - fn update(&mut self, input: u8) - { + + fn update(&mut self, input: u8) { self.key_0 = ZipCryptoKeys::crc32(self.key_0, input); - self.key_1 = (self.key_1 + (self.key_0 & Wrapping(0xff))) * Wrapping(0x08088405) + Wrapping(1); + self.key_1 = + (self.key_1 + (self.key_0 & Wrapping(0xff))) * Wrapping(0x08088405) + Wrapping(1); self.key_2 = ZipCryptoKeys::crc32(self.key_2, (self.key_1 >> 24).0 as u8); } - - fn stream_byte(&mut self) -> u8 - { - let temp : Wrapping = Wrapping(self.key_2.0 as u16) | Wrapping(3); + + fn stream_byte(&mut self) -> u8 { + let temp: Wrapping = Wrapping(self.key_2.0 as u16) | Wrapping(3); ((temp * (temp ^ Wrapping(1))) >> 8).0 as u8 } - - fn decrypt_byte(&mut self, cipher_byte : u8) -> u8 - { - let plain_byte : u8 = self.stream_byte() ^ cipher_byte; + + fn decrypt_byte(&mut self, cipher_byte: u8) -> u8 { + let plain_byte: u8 = self.stream_byte() ^ cipher_byte; self.update(plain_byte); plain_byte } - + #[allow(dead_code)] - fn encrypt_byte(&mut self, plain_byte : u8) -> u8 - { - let cipher_byte : u8 = self.stream_byte() ^ plain_byte; + fn encrypt_byte(&mut self, plain_byte: u8) -> u8 { + let cipher_byte: u8 = self.stream_byte() ^ plain_byte; self.update(plain_byte); cipher_byte } - - fn crc32(crc : Wrapping, input: u8) -> Wrapping - { + + fn crc32(crc: Wrapping, input: u8) -> Wrapping { return (crc >> 8) ^ Wrapping(CRCTABLE[((crc & Wrapping(0xff)).0 as u8 ^ input) as usize]); } } @@ -59,54 +53,48 @@ pub struct ZipCryptoReader { keys: ZipCryptoKeys, } -impl ZipCryptoReader -{ - pub fn new(file: R, password: &[u8]) -> ZipCryptoReader - { +impl ZipCryptoReader { + pub fn new(file: R, password: &[u8]) -> ZipCryptoReader { //Note: The password is &[u8] and not &str because the documentation //https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.3.TXT //does not specify password encoding (see function update_keys) //Therefore, if &str was used, the password would be UTF-8 and it //would be impossible to decrypt files that were encrypted with a //password byte sequence that is unrepresentable in UTF-8. - - let mut result = ZipCryptoReader - { + + let mut result = ZipCryptoReader { file: file, keys: ZipCryptoKeys::new(), }; - + //Key the cipher by updating the keys with the password for byte in password.iter() { result.keys.update(*byte); } - + result } - + ///Read the ZipCrypto header bytes and validate the password - pub fn validate(mut self, crc32_plaintext : u32) -> Result>, std::io::Error> - { + pub fn validate( + mut self, + crc32_plaintext: u32, + ) -> Result>, std::io::Error> { //ZipCrypto prefixes a file with a 12 byte header let mut header_buf = [0u8; 12]; self.file.read_exact(&mut header_buf)?; for byte in header_buf.iter_mut() { *byte = self.keys.decrypt_byte(*byte); } - + // PKZIP before 2.0 used 2 byte CRC check. // PKZIP 2.0+ used 1 byte CRC check. It's more secure. // We also use 1 byte CRC. - - if (crc32_plaintext >> 24) as u8 != header_buf[11] - { - return Ok(None) //Wrong password + + if (crc32_plaintext >> 24) as u8 != header_buf[11] { + return Ok(None); //Wrong password } - Ok(Some( - ZipCryptoReaderValid { - reader : self, - } - )) + Ok(Some(ZipCryptoReaderValid { reader: self })) } } @@ -114,10 +102,8 @@ pub struct ZipCryptoReaderValid { reader: ZipCryptoReader, } -impl std::io::Read for ZipCryptoReaderValid -{ - fn read(&mut self, mut buf: &mut [u8]) -> std::io::Result - { +impl std::io::Read for ZipCryptoReaderValid { + fn read(&mut self, mut buf: &mut [u8]) -> std::io::Result { //Note: There might be potential for optimization. Inspiration can be found at: //https://github.com/kornelski/7z/blob/master/CPP/7zip/Crypto/ZipCrypto.cpp @@ -129,77 +115,44 @@ impl std::io::Read for ZipCryptoReaderValid } } -impl ZipCryptoReaderValid -{ +impl ZipCryptoReaderValid { /// Consumes this decoder, returning the underlying reader. pub fn into_inner(self) -> R { self.reader.file } } -static CRCTABLE : [u32; 256] = [ - 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, - 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, - 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, - 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, - 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, - 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, - 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, - 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, - 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, - 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, - 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, - 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, - 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, - 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, - 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, - 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, - 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, - 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, - 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, - 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, - 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, - 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, - 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, - 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, - 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, - 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, - 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, - 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, - 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, - 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, - 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, - 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, - 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, - 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, - 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, - 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, - 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, - 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, - 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, - 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, - 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, - 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, - 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, - 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, - 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, - 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, - 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, - 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, - 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, - 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, - 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, - 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, - 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, - 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, - 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, - 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, - 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, - 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, - 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, - 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, - 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, - 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, - 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, - 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d +static CRCTABLE: [u32; 256] = [ + 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, + 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, + 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, + 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, + 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, + 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, + 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, + 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, + 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, + 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, + 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, + 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, + 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, + 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, + 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, + 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, + 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, + 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, + 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, + 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, + 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, + 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, + 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, + 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, + 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, + 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, + 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, + 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, + 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, + 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, + 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, + 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d, ]; diff --git a/tests/zip_crypto.rs b/tests/zip_crypto.rs index b7e4f791..45e27296 100644 --- a/tests/zip_crypto.rs +++ b/tests/zip_crypto.rs @@ -17,32 +17,26 @@ // 000000c0 00 00 00 00 00 |.....| // 000000c5 -use std::io::Read; use std::io::Cursor; +use std::io::Read; #[test] fn encrypted_file() { let zip_file_bytes = &mut Cursor::new(vec![ - 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, - 0x54, 0xbd, 0xb5, 0x50, 0x2f, 0x20, 0x79, 0x55, 0x2f, 0x00, - 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, - 0x74, 0x65, 0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0xca, 0x2d, - 0x1d, 0x27, 0x19, 0x19, 0x63, 0x43, 0x77, 0x9a, 0x71, 0x76, - 0xc9, 0xec, 0xd1, 0x6f, 0xd9, 0xf5, 0x22, 0x67, 0xb3, 0x8f, - 0x52, 0xb5, 0x41, 0xbc, 0x5c, 0x36, 0xf2, 0x1d, 0x84, 0xc3, - 0xc0, 0x28, 0x3b, 0xfd, 0xe1, 0x70, 0xc2, 0xcc, 0x0c, 0x11, - 0x0c, 0xc5, 0x95, 0x2f, 0xa4, 0x50, 0x4b, 0x01, 0x02, 0x3f, - 0x00, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x54, 0xbd, 0xb5, - 0x50, 0x2f, 0x20, 0x79, 0x55, 0x2f, 0x00, 0x00, 0x00, 0x23, - 0x00, 0x00, 0x00, 0x08, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x74, 0x65, 0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0x0a, - 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x18, - 0x00, 0x31, 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0x31, - 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0xa8, 0xc4, 0x45, - 0xbd, 0xb8, 0x2f, 0xd6, 0x01, 0x50, 0x4b, 0x05, 0x06, 0x00, - 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x5a, 0x00, 0x00, - 0x00, 0x55, 0x00, 0x00, 0x00, 0x00, 0x00 + 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x54, 0xbd, 0xb5, 0x50, 0x2f, + 0x20, 0x79, 0x55, 0x2f, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, + 0x74, 0x65, 0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0xca, 0x2d, 0x1d, 0x27, 0x19, 0x19, 0x63, + 0x43, 0x77, 0x9a, 0x71, 0x76, 0xc9, 0xec, 0xd1, 0x6f, 0xd9, 0xf5, 0x22, 0x67, 0xb3, 0x8f, + 0x52, 0xb5, 0x41, 0xbc, 0x5c, 0x36, 0xf2, 0x1d, 0x84, 0xc3, 0xc0, 0x28, 0x3b, 0xfd, 0xe1, + 0x70, 0xc2, 0xcc, 0x0c, 0x11, 0x0c, 0xc5, 0x95, 0x2f, 0xa4, 0x50, 0x4b, 0x01, 0x02, 0x3f, + 0x00, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x54, 0xbd, 0xb5, 0x50, 0x2f, 0x20, 0x79, 0x55, + 0x2f, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x08, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x74, 0x65, 0x73, 0x74, + 0x2e, 0x74, 0x78, 0x74, 0x0a, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x18, + 0x00, 0x31, 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0x31, 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, + 0xd6, 0x01, 0xa8, 0xc4, 0x45, 0xbd, 0xb8, 0x2f, 0xd6, 0x01, 0x50, 0x4b, 0x05, 0x06, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x5a, 0x00, 0x00, 0x00, 0x55, 0x00, 0x00, 0x00, + 0x00, 0x00, ]); let mut archive = zip::ZipArchive::new(zip_file_bytes).unwrap(); From d50dcaced75e489e77b6feadef43b427c776cdaf Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 20:46:41 +0200 Subject: [PATCH 08/17] run cargo fmt --- src/read.rs | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/src/read.rs b/src/read.rs index e22f0b00..75d1ec42 100644 --- a/src/read.rs +++ b/src/read.rs @@ -103,11 +103,11 @@ impl<'a> Read for ZipFileReader<'a> { match self { ZipFileReader::NoReader => panic!("ZipFileReader was in an invalid state"), ZipFileReader::Stored(r) => r.read(buf), - #[cfg(any( - feature = "deflate", - feature = "deflate-miniz", - feature = "deflate-zlib" - ))] + #[cfg(any( + feature = "deflate", + feature = "deflate-miniz", + feature = "deflate-zlib" + ))] ZipFileReader::Deflated(r) => r.read(buf), #[cfg(feature = "bzip2")] ZipFileReader::Bzip2(r) => r.read(buf), @@ -122,10 +122,10 @@ impl<'a> ZipFileReader<'a> { ZipFileReader::NoReader => panic!("ZipFileReader was in an invalid state"), ZipFileReader::Stored(r) => r.into_inner().into_inner(), #[cfg(any( - feature = "deflate", - feature = "deflate-miniz", - feature = "deflate-zlib" - ))] + feature = "deflate", + feature = "deflate-miniz", + feature = "deflate-zlib" + ))] ZipFileReader::Deflated(r) => r.into_inner().into_inner().into_inner(), #[cfg(feature = "bzip2")] ZipFileReader::Bzip2(r) => r.into_inner().into_inner().into_inner(), @@ -156,10 +156,10 @@ fn make_reader<'a>( match compression_method { CompressionMethod::Stored => Ok(ZipFileReader::Stored(Crc32Reader::new(reader, crc32))), #[cfg(any( - feature = "deflate", - feature = "deflate-miniz", - feature = "deflate-zlib" - ))] + feature = "deflate", + feature = "deflate-miniz", + feature = "deflate-zlib" + ))] CompressionMethod::Deflated => { let deflate_reader = DeflateDecoder::new(reader); Ok(ZipFileReader::Deflated(Crc32Reader::new( From 07caeca6eacc2744bbdee692d0b6dc5714a0b3aa Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:12:36 +0200 Subject: [PATCH 09/17] Use `let .. = &mut` instead of `let ref mut .. =` --- src/read.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/read.rs b/src/read.rs index 75d1ec42..90d90ecf 100644 --- a/src/read.rs +++ b/src/read.rs @@ -394,7 +394,7 @@ impl ZipArchive { if file_number >= self.files.len() { return Err(ZipError::FileNotFound); } - let ref mut data = self.files[file_number]; + let data = &mut self.files[file_number]; if password == None { if data.encrypted { From fb4f3c5c219ebc7c043baa7b990374557899872d Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:17:52 +0200 Subject: [PATCH 10/17] Rename `by_name_internal` to `by_name_with_optional_password` and `by_index_internal` to `by_index_with_optional_password` --- src/read.rs | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/read.rs b/src/read.rs index 90d90ecf..f89bd311 100644 --- a/src/read.rs +++ b/src/read.rs @@ -350,15 +350,15 @@ impl ZipArchive { name: &str, password: &[u8], ) -> ZipResult> { - self.by_name_internal(name, Some(password)) + self.by_name_with_optional_password(name, Some(password)) } /// Search for a file entry by name pub fn by_name<'a>(&'a mut self, name: &str) -> ZipResult> { - self.by_name_internal(name, None) + self.by_name_with_optional_password(name, None) } - fn by_name_internal<'a>( + fn by_name_with_optional_password<'a>( &'a mut self, name: &str, password: Option<&[u8]>, @@ -369,7 +369,7 @@ impl ZipArchive { return Err(ZipError::FileNotFound); } }; - self.by_index_internal(index, password) + self.by_index_with_optional_password(index, password) } /// Get a contained file by index, decrypt with given password @@ -378,15 +378,15 @@ impl ZipArchive { file_number: usize, password: &[u8], ) -> ZipResult> { - self.by_index_internal(file_number, Some(password)) + self.by_index_with_optional_password(file_number, Some(password)) } /// Get a contained file by index pub fn by_index<'a>(&'a mut self, file_number: usize) -> ZipResult> { - self.by_index_internal(file_number, None) + self.by_index_with_optional_password(file_number, None) } - fn by_index_internal<'a>( + fn by_index_with_optional_password<'a>( &'a mut self, file_number: usize, mut password: Option<&[u8]>, From 4f36a27c32c7866c6be8abf3dad76a97c0872674 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:20:30 +0200 Subject: [PATCH 11/17] Use matcher clause instead of clumsy if expressions --- src/read.rs | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/read.rs b/src/read.rs index f89bd311..f2a927c6 100644 --- a/src/read.rs +++ b/src/read.rs @@ -396,14 +396,11 @@ impl ZipArchive { } let data = &mut self.files[file_number]; - if password == None { - if data.encrypted { - return Err(ZipError::PasswordRequired); - } - } else if !data.encrypted { - //Password supplied, but none needed! Discard. - password = None; - } + match (password, data.encrypted) { + (None, true) => return Err(ZipError::PasswordRequired), + (Some(_), false) => password = None, //Password supplied, but none needed! Discard. + _ => {} + } // Parse local header self.reader.seek(io::SeekFrom::Start(data.header_start))?; From 76777350da12b4ed6ed142ccb47fa2b6647fc481 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:22:47 +0200 Subject: [PATCH 12/17] Add space between comment and `//` --- src/zipcrypto.rs | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/src/zipcrypto.rs b/src/zipcrypto.rs index d6d231f3..c005a9a4 100644 --- a/src/zipcrypto.rs +++ b/src/zipcrypto.rs @@ -7,8 +7,8 @@ struct ZipCryptoKeys { } impl ZipCryptoKeys { - //Used this paper to implement ZipCrypto algo - //https://courses.cs.ut.ee/MTAT.07.022/2015_fall/uploads/Main/dmitri-report-f15-16.pdf + // Used this paper to implement ZipCrypto algo + // https://courses.cs.ut.ee/MTAT.07.022/2015_fall/uploads/Main/dmitri-report-f15-16.pdf fn new() -> ZipCryptoKeys { ZipCryptoKeys { @@ -55,19 +55,19 @@ pub struct ZipCryptoReader { impl ZipCryptoReader { pub fn new(file: R, password: &[u8]) -> ZipCryptoReader { - //Note: The password is &[u8] and not &str because the documentation - //https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.3.TXT - //does not specify password encoding (see function update_keys) - //Therefore, if &str was used, the password would be UTF-8 and it - //would be impossible to decrypt files that were encrypted with a - //password byte sequence that is unrepresentable in UTF-8. + // Note: The password is &[u8] and not &str because the documentation + // https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.3.TXT + // does not specify password encoding (see function update_keys) + // Therefore, if &str was used, the password would be UTF-8 and it + // would be impossible to decrypt files that were encrypted with a + // password byte sequence that is unrepresentable in UTF-8. let mut result = ZipCryptoReader { file: file, keys: ZipCryptoKeys::new(), }; - //Key the cipher by updating the keys with the password + // Key the cipher by updating the keys with the password for byte in password.iter() { result.keys.update(*byte); } @@ -75,12 +75,12 @@ impl ZipCryptoReader { result } - ///Read the ZipCrypto header bytes and validate the password + /// Read the ZipCrypto header bytes and validate the password pub fn validate( mut self, crc32_plaintext: u32, ) -> Result>, std::io::Error> { - //ZipCrypto prefixes a file with a 12 byte header + // ZipCrypto prefixes a file with a 12 byte header let mut header_buf = [0u8; 12]; self.file.read_exact(&mut header_buf)?; for byte in header_buf.iter_mut() { @@ -92,7 +92,7 @@ impl ZipCryptoReader { // We also use 1 byte CRC. if (crc32_plaintext >> 24) as u8 != header_buf[11] { - return Ok(None); //Wrong password + return Ok(None); // Wrong password } Ok(Some(ZipCryptoReaderValid { reader: self })) } @@ -104,8 +104,8 @@ pub struct ZipCryptoReaderValid { impl std::io::Read for ZipCryptoReaderValid { fn read(&mut self, mut buf: &mut [u8]) -> std::io::Result { - //Note: There might be potential for optimization. Inspiration can be found at: - //https://github.com/kornelski/7z/blob/master/CPP/7zip/Crypto/ZipCrypto.cpp + // Note: There might be potential for optimization. Inspiration can be found at: + // https://github.com/kornelski/7z/blob/master/CPP/7zip/Crypto/ZipCrypto.cpp let result = self.reader.file.read(&mut buf); for byte in buf.iter_mut() { From d4100190e5404f2ba4e0c2ece0e59db814e942e0 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:23:36 +0200 Subject: [PATCH 13/17] run cargo fmt --- src/read.rs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/read.rs b/src/read.rs index f2a927c6..c854f038 100644 --- a/src/read.rs +++ b/src/read.rs @@ -396,11 +396,11 @@ impl ZipArchive { } let data = &mut self.files[file_number]; - match (password, data.encrypted) { - (None, true) => return Err(ZipError::PasswordRequired), - (Some(_), false) => password = None, //Password supplied, but none needed! Discard. - _ => {} - } + match (password, data.encrypted) { + (None, true) => return Err(ZipError::PasswordRequired), + (Some(_), false) => password = None, //Password supplied, but none needed! Discard. + _ => {} + } // Parse local header self.reader.seek(io::SeekFrom::Start(data.header_start))?; From 4737f145ff01f6a6d927543534365ae56762d055 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:28:34 +0200 Subject: [PATCH 14/17] Use `b` prefix instead of as_bytes() --- tests/zip_crypto.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/zip_crypto.rs b/tests/zip_crypto.rs index 45e27296..0aa7c64b 100644 --- a/tests/zip_crypto.rs +++ b/tests/zip_crypto.rs @@ -59,7 +59,7 @@ fn encrypted_file() { { // Wrong password - let file = archive.by_index_decrypt(0, "wrong password".as_bytes()); + let file = archive.by_index_decrypt(0, b"wrong password"); assert!(file.is_err()); if let Err(error) = file { match error { From 9e2b14f368eb6c8285b661ebcaa43c04b7da560f Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:35:59 +0200 Subject: [PATCH 15/17] Create meaningful panic messages in ZipCrypto test --- tests/zip_crypto.rs | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/zip_crypto.rs b/tests/zip_crypto.rs index 0aa7c64b..b6a8e93b 100644 --- a/tests/zip_crypto.rs +++ b/tests/zip_crypto.rs @@ -50,10 +50,12 @@ fn encrypted_file() { if let Err(error) = file { match error { zip::result::ZipError::PasswordRequired => (), - _ => panic!(), + _ => panic!( + "Expected PasswordRequired error when opening encrypted file without password" + ), } } else { - panic!(); + panic!("Error: Successfully opened encrypted file without password?!"); } } @@ -64,10 +66,10 @@ fn encrypted_file() { if let Err(error) = file { match error { zip::result::ZipError::InvalidPassword => (), - _ => panic!(), + _ => panic!("Expected InvalidPassword error when opening encrypted file with wrong password"), } } else { - panic!(); + panic!("Error: Successfully opened encrypted file with wrong password?!"); } } From 2730ca7e76353cc7ea962d6db4f5f3b9a6d49adb Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 21:44:26 +0200 Subject: [PATCH 16/17] Turned clumsy if statements into matcher clause --- tests/zip_crypto.rs | 30 ++++++++++++------------------ 1 file changed, 12 insertions(+), 18 deletions(-) diff --git a/tests/zip_crypto.rs b/tests/zip_crypto.rs index b6a8e93b..da137cec 100644 --- a/tests/zip_crypto.rs +++ b/tests/zip_crypto.rs @@ -46,30 +46,24 @@ fn encrypted_file() { { // No password let file = archive.by_index(0); - assert!(file.is_err()); - if let Err(error) = file { - match error { - zip::result::ZipError::PasswordRequired => (), - _ => panic!( - "Expected PasswordRequired error when opening encrypted file without password" - ), - } - } else { - panic!("Error: Successfully opened encrypted file without password?!"); + match file { + Err(zip::result::ZipError::PasswordRequired) => (), + Err(_) => panic!( + "Expected PasswordRequired error when opening encrypted file without password" + ), + Ok(_) => panic!("Error: Successfully opened encrypted file without password?!"), } } { // Wrong password let file = archive.by_index_decrypt(0, b"wrong password"); - assert!(file.is_err()); - if let Err(error) = file { - match error { - zip::result::ZipError::InvalidPassword => (), - _ => panic!("Expected InvalidPassword error when opening encrypted file with wrong password"), - } - } else { - panic!("Error: Successfully opened encrypted file with wrong password?!"); + match file { + Err(zip::result::ZipError::InvalidPassword) => (), + Err(_) => panic!( + "Expected InvalidPassword error when opening encrypted file with wrong password" + ), + Ok(_) => panic!("Error: Successfully opened encrypted file with wrong password?!"), } } From 0b077c4baf1cbd69374d9577d34398cdbcc7fd63 Mon Sep 17 00:00:00 2001 From: Benjamin Richner Date: Tue, 23 Jun 2020 22:20:16 +0200 Subject: [PATCH 17/17] Fixed and improved docstrings, added module level documentation --- src/zipcrypto.rs | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/src/zipcrypto.rs b/src/zipcrypto.rs index c005a9a4..32e8af8c 100644 --- a/src/zipcrypto.rs +++ b/src/zipcrypto.rs @@ -1,5 +1,11 @@ +//! Implementation of the ZipCrypto algorithm +//! +//! The following paper was used to implement the ZipCrypto algorithm: +//! [https://courses.cs.ut.ee/MTAT.07.022/2015_fall/uploads/Main/dmitri-report-f15-16.pdf](https://courses.cs.ut.ee/MTAT.07.022/2015_fall/uploads/Main/dmitri-report-f15-16.pdf) + use std::num::Wrapping; +/// A container to hold the current key state struct ZipCryptoKeys { key_0: Wrapping, key_1: Wrapping, @@ -7,9 +13,6 @@ struct ZipCryptoKeys { } impl ZipCryptoKeys { - // Used this paper to implement ZipCrypto algo - // https://courses.cs.ut.ee/MTAT.07.022/2015_fall/uploads/Main/dmitri-report-f15-16.pdf - fn new() -> ZipCryptoKeys { ZipCryptoKeys { key_0: Wrapping(0x12345678), @@ -48,26 +51,26 @@ impl ZipCryptoKeys { } } +/// A ZipCrypto reader with unverified password pub struct ZipCryptoReader { file: R, keys: ZipCryptoKeys, } impl ZipCryptoReader { + /// Note: The password is `&[u8]` and not `&str` because the + /// [zip specification](https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.3.TXT) + /// does not specify password encoding (see function `update_keys` in the specification). + /// Therefore, if `&str` was used, the password would be UTF-8 and it + /// would be impossible to decrypt files that were encrypted with a + /// password byte sequence that is unrepresentable in UTF-8. pub fn new(file: R, password: &[u8]) -> ZipCryptoReader { - // Note: The password is &[u8] and not &str because the documentation - // https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.3.TXT - // does not specify password encoding (see function update_keys) - // Therefore, if &str was used, the password would be UTF-8 and it - // would be impossible to decrypt files that were encrypted with a - // password byte sequence that is unrepresentable in UTF-8. - let mut result = ZipCryptoReader { file: file, keys: ZipCryptoKeys::new(), }; - // Key the cipher by updating the keys with the password + // Key the cipher by updating the keys with the password. for byte in password.iter() { result.keys.update(*byte); } @@ -75,7 +78,7 @@ impl ZipCryptoReader { result } - /// Read the ZipCrypto header bytes and validate the password + /// Read the ZipCrypto header bytes and validate the password. pub fn validate( mut self, crc32_plaintext: u32, @@ -98,6 +101,7 @@ impl ZipCryptoReader { } } +/// A ZipCrypto reader with verified password pub struct ZipCryptoReaderValid { reader: ZipCryptoReader, }