[Git][java-team/zip4j][upstream] New upstream version 2.6.3
Andrius Merkys
gitlab at salsa.debian.org
Mon Sep 28 07:19:14 BST 2020
Andrius Merkys pushed to branch upstream at Debian Java Maintainers / zip4j
Commits:
f7d21821 by Andrius Merkys at 2020-09-25T02:42:22-04:00
New upstream version 2.6.3
- - - - -
4 changed files:
- README.md
- pom.xml
- src/main/java/net/lingala/zip4j/crypto/AESEncrpyter.java
- src/main/java/net/lingala/zip4j/crypto/StandardEncrypter.java
Changes:
=====================================
README.md
=====================================
@@ -60,10 +60,10 @@ once again, and makes me support Zip4j as much as I can.
JDK 7 or later<sup>*</sup>
-* zip4j is written on JDK 8, as some of the features (NIO) that zip4j supports require some features available only in
-JDK 8. However, considering the fact that zip4j is widely used in Android, and to support older versions of Android,
-zip4j supports JDK 7 as well. In cases where the feature/class from JDK 8 is missing, zip4j falls back to the features
-only available in JDK 7. In other words, when running on JDK 7, not all features might be supported.
+<sup>*</sup> Zip4j is written on JDK 8, as some of the features (NIO) that Zip4j supports requires features available only in
+JDK 8. However, considering the fact that Zip4j is widely used in Android, and to support older versions of Android,
+Zip4j supports JDK 7 as well. In cases where the feature/class from JDK 8 is missing, Zip4j falls back to the features
+ available in JDK 7. In other words, when running on JDK 7, not all features will be supported.
## Maven
@@ -71,7 +71,7 @@ only available in JDK 7. In other words, when running on JDK 7, not all features
<dependency>
<groupId>net.lingala.zip4j</groupId>
<artifactId>zip4j</artifactId>
- <version>2.6.2</version>
+ <version>2.6.3</version>
</dependency>
```
=====================================
pom.xml
=====================================
@@ -6,7 +6,7 @@
<groupId>net.lingala.zip4j</groupId>
<artifactId>zip4j</artifactId>
- <version>2.6.3-SNAPSHOT</version>
+ <version>2.6.4-SNAPSHOT</version>
<name>Zip4j</name>
<description>Zip4j - A Java library for zip files and streams</description>
=====================================
src/main/java/net/lingala/zip4j/crypto/AESEncrpyter.java
=====================================
@@ -1,182 +1,182 @@
-/*
- * Copyright 2010 Srikanth Reddy Lingala
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.lingala.zip4j.crypto;
-
-import net.lingala.zip4j.crypto.PBKDF2.MacBasedPRF;
-import net.lingala.zip4j.crypto.PBKDF2.PBKDF2Engine;
-import net.lingala.zip4j.crypto.PBKDF2.PBKDF2Parameters;
-import net.lingala.zip4j.crypto.engine.AESEngine;
-import net.lingala.zip4j.exception.ZipException;
-import net.lingala.zip4j.model.enums.AesKeyStrength;
-
-import java.util.Random;
-
-import static net.lingala.zip4j.crypto.AesCipherUtil.prepareBuffAESIVBytes;
-import static net.lingala.zip4j.util.InternalZipConstants.AES_BLOCK_SIZE;
-
-public class AESEncrpyter implements Encrypter {
-
- private static final int PASSWORD_VERIFIER_LENGTH = 2;
-
- private char[] password;
- private AesKeyStrength aesKeyStrength;
- private AESEngine aesEngine;
- private MacBasedPRF mac;
-
- private boolean finished;
-
- private int nonce = 1;
- private int loopCount = 0;
-
- private byte[] iv;
- private byte[] counterBlock;
- private byte[] derivedPasswordVerifier;
- private byte[] saltBytes;
-
- public AESEncrpyter(char[] password, AesKeyStrength aesKeyStrength) throws ZipException {
- if (password == null || password.length == 0) {
- throw new ZipException("input password is empty or null");
- }
- if (aesKeyStrength != AesKeyStrength.KEY_STRENGTH_128 &&
- aesKeyStrength != AesKeyStrength.KEY_STRENGTH_256) {
- throw new ZipException("Invalid AES key strength");
- }
-
- this.password = password;
- this.aesKeyStrength = aesKeyStrength;
- this.finished = false;
- counterBlock = new byte[AES_BLOCK_SIZE];
- iv = new byte[AES_BLOCK_SIZE];
- init();
- }
-
- private void init() throws ZipException {
- int keyLength = aesKeyStrength.getKeyLength();
- int macLength = aesKeyStrength.getMacLength();
- int saltLength = aesKeyStrength.getSaltLength();
-
- saltBytes = generateSalt(saltLength);
- byte[] keyBytes = deriveKey(saltBytes, password, keyLength, macLength);
-
- if (keyBytes == null || keyBytes.length != (keyLength + macLength + PASSWORD_VERIFIER_LENGTH)) {
- throw new ZipException("invalid key generated, cannot decrypt file");
- }
-
- byte[] aesKey = new byte[keyLength];
- byte[] macKey = new byte[macLength];
- derivedPasswordVerifier = new byte[PASSWORD_VERIFIER_LENGTH];
-
- System.arraycopy(keyBytes, 0, aesKey, 0, keyLength);
- System.arraycopy(keyBytes, keyLength, macKey, 0, macLength);
- System.arraycopy(keyBytes, keyLength + macLength, derivedPasswordVerifier, 0, PASSWORD_VERIFIER_LENGTH);
-
- aesEngine = new AESEngine(aesKey);
- mac = new MacBasedPRF("HmacSHA1");
- mac.init(macKey);
- }
-
- private byte[] deriveKey(byte[] salt, char[] password, int keyLength, int macLength) throws ZipException {
- try {
- PBKDF2Parameters p = new PBKDF2Parameters("HmacSHA1", "ISO-8859-1",
- salt, 1000);
- PBKDF2Engine e = new PBKDF2Engine(p);
- byte[] derivedKey = e.deriveKey(password, keyLength + macLength + PASSWORD_VERIFIER_LENGTH);
- return derivedKey;
- } catch (Exception e) {
- throw new ZipException(e);
- }
- }
-
- public int encryptData(byte[] buff) throws ZipException {
-
- if (buff == null) {
- throw new ZipException("input bytes are null, cannot perform AES encrpytion");
- }
- return encryptData(buff, 0, buff.length);
- }
-
- public int encryptData(byte[] buff, int start, int len) throws ZipException {
-
- if (finished) {
- // A non 16 byte block has already been passed to encrypter
- // non 16 byte block should be the last block of compressed data in AES encryption
- // any more encryption will lead to corruption of data
- throw new ZipException("AES Encrypter is in finished state (A non 16 byte block has already been passed to encrypter)");
- }
-
- if (len % 16 != 0) {
- this.finished = true;
- }
-
- for (int j = start; j < (start + len); j += AES_BLOCK_SIZE) {
- loopCount = (j + AES_BLOCK_SIZE <= (start + len)) ?
- AES_BLOCK_SIZE : ((start + len) - j);
-
- prepareBuffAESIVBytes(iv, nonce);
- aesEngine.processBlock(iv, counterBlock);
-
- for (int k = 0; k < loopCount; k++) {
- buff[j + k] = (byte) (buff[j + k] ^ counterBlock[k]);
- }
-
- mac.update(buff, j, loopCount);
- nonce++;
- }
-
- return len;
- }
-
- private static byte[] generateSalt(int size) throws ZipException {
-
- if (size != 8 && size != 16) {
- throw new ZipException("invalid salt size, cannot generate salt");
- }
-
- int rounds = 0;
-
- if (size == 8)
- rounds = 2;
- if (size == 16)
- rounds = 4;
-
- byte[] salt = new byte[size];
- for (int j = 0; j < rounds; j++) {
- Random rand = new Random();
- int i = rand.nextInt();
- salt[0 + j * 4] = (byte) (i >> 24);
- salt[1 + j * 4] = (byte) (i >> 16);
- salt[2 + j * 4] = (byte) (i >> 8);
- salt[3 + j * 4] = (byte) i;
- }
- return salt;
- }
-
- public byte[] getFinalMac() {
- byte[] rawMacBytes = mac.doFinal();
- byte[] macBytes = new byte[10];
- System.arraycopy(rawMacBytes, 0, macBytes, 0, 10);
- return macBytes;
- }
-
- public byte[] getDerivedPasswordVerifier() {
- return derivedPasswordVerifier;
- }
-
- public byte[] getSaltBytes() {
- return saltBytes;
- }
-}
+/*
+ * Copyright 2010 Srikanth Reddy Lingala
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.lingala.zip4j.crypto;
+
+import net.lingala.zip4j.crypto.PBKDF2.MacBasedPRF;
+import net.lingala.zip4j.crypto.PBKDF2.PBKDF2Engine;
+import net.lingala.zip4j.crypto.PBKDF2.PBKDF2Parameters;
+import net.lingala.zip4j.crypto.engine.AESEngine;
+import net.lingala.zip4j.exception.ZipException;
+import net.lingala.zip4j.model.enums.AesKeyStrength;
+
+import java.security.SecureRandom;
+
+import static net.lingala.zip4j.crypto.AesCipherUtil.prepareBuffAESIVBytes;
+import static net.lingala.zip4j.util.InternalZipConstants.AES_BLOCK_SIZE;
+
+public class AESEncrpyter implements Encrypter {
+
+ private static final int PASSWORD_VERIFIER_LENGTH = 2;
+
+ private char[] password;
+ private AesKeyStrength aesKeyStrength;
+ private AESEngine aesEngine;
+ private MacBasedPRF mac;
+ private SecureRandom random = new SecureRandom();
+
+ private boolean finished;
+
+ private int nonce = 1;
+ private int loopCount = 0;
+
+ private byte[] iv;
+ private byte[] counterBlock;
+ private byte[] derivedPasswordVerifier;
+ private byte[] saltBytes;
+
+ public AESEncrpyter(char[] password, AesKeyStrength aesKeyStrength) throws ZipException {
+ if (password == null || password.length == 0) {
+ throw new ZipException("input password is empty or null");
+ }
+ if (aesKeyStrength != AesKeyStrength.KEY_STRENGTH_128 &&
+ aesKeyStrength != AesKeyStrength.KEY_STRENGTH_256) {
+ throw new ZipException("Invalid AES key strength");
+ }
+
+ this.password = password;
+ this.aesKeyStrength = aesKeyStrength;
+ this.finished = false;
+ counterBlock = new byte[AES_BLOCK_SIZE];
+ iv = new byte[AES_BLOCK_SIZE];
+ init();
+ }
+
+ private void init() throws ZipException {
+ int keyLength = aesKeyStrength.getKeyLength();
+ int macLength = aesKeyStrength.getMacLength();
+ int saltLength = aesKeyStrength.getSaltLength();
+
+ saltBytes = generateSalt(saltLength);
+ byte[] keyBytes = deriveKey(saltBytes, password, keyLength, macLength);
+
+ if (keyBytes == null || keyBytes.length != (keyLength + macLength + PASSWORD_VERIFIER_LENGTH)) {
+ throw new ZipException("invalid key generated, cannot decrypt file");
+ }
+
+ byte[] aesKey = new byte[keyLength];
+ byte[] macKey = new byte[macLength];
+ derivedPasswordVerifier = new byte[PASSWORD_VERIFIER_LENGTH];
+
+ System.arraycopy(keyBytes, 0, aesKey, 0, keyLength);
+ System.arraycopy(keyBytes, keyLength, macKey, 0, macLength);
+ System.arraycopy(keyBytes, keyLength + macLength, derivedPasswordVerifier, 0, PASSWORD_VERIFIER_LENGTH);
+
+ aesEngine = new AESEngine(aesKey);
+ mac = new MacBasedPRF("HmacSHA1");
+ mac.init(macKey);
+ }
+
+ private byte[] deriveKey(byte[] salt, char[] password, int keyLength, int macLength) throws ZipException {
+ try {
+ PBKDF2Parameters p = new PBKDF2Parameters("HmacSHA1", "ISO-8859-1",
+ salt, 1000);
+ PBKDF2Engine e = new PBKDF2Engine(p);
+ return e.deriveKey(password, keyLength + macLength + PASSWORD_VERIFIER_LENGTH);
+ } catch (Exception e) {
+ throw new ZipException(e);
+ }
+ }
+
+ public int encryptData(byte[] buff) throws ZipException {
+
+ if (buff == null) {
+ throw new ZipException("input bytes are null, cannot perform AES encrpytion");
+ }
+ return encryptData(buff, 0, buff.length);
+ }
+
+ public int encryptData(byte[] buff, int start, int len) throws ZipException {
+
+ if (finished) {
+ // A non 16 byte block has already been passed to encrypter
+ // non 16 byte block should be the last block of compressed data in AES encryption
+ // any more encryption will lead to corruption of data
+ throw new ZipException("AES Encrypter is in finished state (A non 16 byte block has already been passed to encrypter)");
+ }
+
+ if (len % 16 != 0) {
+ this.finished = true;
+ }
+
+ for (int j = start; j < (start + len); j += AES_BLOCK_SIZE) {
+ loopCount = (j + AES_BLOCK_SIZE <= (start + len)) ?
+ AES_BLOCK_SIZE : ((start + len) - j);
+
+ prepareBuffAESIVBytes(iv, nonce);
+ aesEngine.processBlock(iv, counterBlock);
+
+ for (int k = 0; k < loopCount; k++) {
+ buff[j + k] = (byte) (buff[j + k] ^ counterBlock[k]);
+ }
+
+ mac.update(buff, j, loopCount);
+ nonce++;
+ }
+
+ return len;
+ }
+
+ private byte[] generateSalt(int size) throws ZipException {
+
+ if (size != 8 && size != 16) {
+ throw new ZipException("invalid salt size, cannot generate salt");
+ }
+
+ int rounds = 0;
+
+ if (size == 8) {
+ rounds = 2;
+ } else if (size == 16) {
+ rounds = 4;
+ }
+
+ byte[] salt = new byte[size];
+ for (int j = 0; j < rounds; j++) {
+ int i = random.nextInt();
+ salt[0 + j * 4] = (byte) (i >> 24);
+ salt[1 + j * 4] = (byte) (i >> 16);
+ salt[2 + j * 4] = (byte) (i >> 8);
+ salt[3 + j * 4] = (byte) i;
+ }
+ return salt;
+ }
+
+ public byte[] getFinalMac() {
+ byte[] rawMacBytes = mac.doFinal();
+ byte[] macBytes = new byte[10];
+ System.arraycopy(rawMacBytes, 0, macBytes, 0, 10);
+ return macBytes;
+ }
+
+ public byte[] getDerivedPasswordVerifier() {
+ return derivedPasswordVerifier;
+ }
+
+ public byte[] getSaltBytes() {
+ return saltBytes;
+ }
+}
=====================================
src/main/java/net/lingala/zip4j/crypto/StandardEncrypter.java
=====================================
@@ -1,102 +1,99 @@
-/*
- * Copyright 2010 Srikanth Reddy Lingala
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.lingala.zip4j.crypto;
-
-import net.lingala.zip4j.crypto.engine.ZipCryptoEngine;
-import net.lingala.zip4j.exception.ZipException;
-
-import java.util.Random;
-
-import static net.lingala.zip4j.util.InternalZipConstants.STD_DEC_HDR_SIZE;
-
-public class StandardEncrypter implements Encrypter {
-
- private ZipCryptoEngine zipCryptoEngine;
- private byte[] headerBytes;
-
- public StandardEncrypter(char[] password, long key) throws ZipException {
- this.zipCryptoEngine = new ZipCryptoEngine();
-
- this.headerBytes = new byte[STD_DEC_HDR_SIZE];
- init(password, key);
- }
-
- private void init(char[] password, long key) throws ZipException {
- if (password == null || password.length <= 0) {
- throw new ZipException("input password is null or empty, cannot initialize standard encrypter");
- }
- zipCryptoEngine.initKeys(password);
- headerBytes = generateRandomBytes(STD_DEC_HDR_SIZE);
- // Initialize again since the generated bytes were encrypted.
- zipCryptoEngine.initKeys(password);
-
- headerBytes[STD_DEC_HDR_SIZE - 1] = (byte) ((key >>> 24));
- headerBytes[STD_DEC_HDR_SIZE - 2] = (byte) ((key >>> 16));
-
- if (headerBytes.length < STD_DEC_HDR_SIZE) {
- throw new ZipException("invalid header bytes generated, cannot perform standard encryption");
- }
-
- encryptData(headerBytes);
- }
-
- public int encryptData(byte[] buff) throws ZipException {
- if (buff == null) {
- throw new NullPointerException();
- }
- return encryptData(buff, 0, buff.length);
- }
-
- public int encryptData(byte[] buff, int start, int len) throws ZipException {
- if (len < 0) {
- throw new ZipException("invalid length specified to decrpyt data");
- }
-
- for (int i = start; i < start + len; i++) {
- buff[i] = encryptByte(buff[i]);
- }
- return len;
- }
-
- protected byte encryptByte(byte val) {
- byte temp_val = (byte) (val ^ zipCryptoEngine.decryptByte() & 0xff);
- zipCryptoEngine.updateKeys(val);
- return temp_val;
- }
-
- protected byte[] generateRandomBytes(int size) throws ZipException {
-
- if (size <= 0) {
- throw new ZipException("size is either 0 or less than 0, cannot generate header for standard encryptor");
- }
-
- byte[] buff = new byte[size];
-
- Random rand = new Random();
-
- for (int i = 0; i < buff.length; i++) {
- // Encrypted to get less predictability for poorly implemented rand functions.
- buff[i] = encryptByte((byte) rand.nextInt(256));
- }
- return buff;
- }
-
- public byte[] getHeaderBytes() {
- return headerBytes;
- }
-
-}
+/*
+ * Copyright 2010 Srikanth Reddy Lingala
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.lingala.zip4j.crypto;
+
+import net.lingala.zip4j.crypto.engine.ZipCryptoEngine;
+import net.lingala.zip4j.exception.ZipException;
+
+import java.security.SecureRandom;
+
+import static net.lingala.zip4j.util.InternalZipConstants.STD_DEC_HDR_SIZE;
+
+public class StandardEncrypter implements Encrypter {
+
+ private ZipCryptoEngine zipCryptoEngine;
+ private byte[] headerBytes;
+
+ public StandardEncrypter(char[] password, long key) throws ZipException {
+ this.zipCryptoEngine = new ZipCryptoEngine();
+
+ this.headerBytes = new byte[STD_DEC_HDR_SIZE];
+ init(password, key);
+ }
+
+ private void init(char[] password, long key) throws ZipException {
+ if (password == null || password.length <= 0) {
+ throw new ZipException("input password is null or empty, cannot initialize standard encrypter");
+ }
+ zipCryptoEngine.initKeys(password);
+ headerBytes = generateRandomBytes(STD_DEC_HDR_SIZE);
+ // Initialize again since the generated bytes were encrypted.
+ zipCryptoEngine.initKeys(password);
+
+ headerBytes[STD_DEC_HDR_SIZE - 1] = (byte) ((key >>> 24));
+ headerBytes[STD_DEC_HDR_SIZE - 2] = (byte) ((key >>> 16));
+
+ if (headerBytes.length < STD_DEC_HDR_SIZE) {
+ throw new ZipException("invalid header bytes generated, cannot perform standard encryption");
+ }
+
+ encryptData(headerBytes);
+ }
+
+ public int encryptData(byte[] buff) throws ZipException {
+ if (buff == null) {
+ throw new NullPointerException();
+ }
+ return encryptData(buff, 0, buff.length);
+ }
+
+ public int encryptData(byte[] buff, int start, int len) throws ZipException {
+ if (len < 0) {
+ throw new ZipException("invalid length specified to decrpyt data");
+ }
+
+ for (int i = start; i < start + len; i++) {
+ buff[i] = encryptByte(buff[i]);
+ }
+ return len;
+ }
+
+ protected byte encryptByte(byte val) {
+ byte temp_val = (byte) (val ^ zipCryptoEngine.decryptByte() & 0xff);
+ zipCryptoEngine.updateKeys(val);
+ return temp_val;
+ }
+
+ protected byte[] generateRandomBytes(int size) throws ZipException {
+ if (size <= 0) {
+ throw new ZipException("size is either 0 or less than 0, cannot generate header for standard encryptor");
+ }
+
+ byte[] buff = new byte[size];
+ SecureRandom random = new SecureRandom();
+ for (int i = 0; i < buff.length; i++) {
+ buff[i] = encryptByte((byte) random.nextInt(256));
+ }
+
+ return buff;
+ }
+
+ public byte[] getHeaderBytes() {
+ return headerBytes;
+ }
+
+}
View it on GitLab: https://salsa.debian.org/java-team/zip4j/-/commit/f7d218210dfa6ea0a971ffd2ef95e4b18c391011
--
View it on GitLab: https://salsa.debian.org/java-team/zip4j/-/commit/f7d218210dfa6ea0a971ffd2ef95e4b18c391011
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20200928/8619b0d3/attachment.html>
More information about the pkg-java-commits
mailing list