+Copyright (C) 1999-2020 Dieter Baron and Thomas Klausner

+The authors can be contacted at <info@libzip.org>

+# 1.10.1 [2023-08-23]

+

+* Add `ZIP_LENGTH_TO_END` and `ZIP_LENGTH_UNCHECKED`. Unless `ZIP_LENGTH_UNCHECKED` is used as `length`, it is an error for a file to shrink between the time when the source is created and when its data is read.

+* Fix test on Windows.

+

+# 1.10.0 [2023-06-23]

+

+* Make support for layered sources public.

+* Add `zip_source_zip_file` and `zip_source_zip_file_create`, deprecate `zip_source_zip` and `zip_source_zip_create`.

+* Allow reading changed file data.

+* Fix handling of files of size 4294967295.

+* `zipmerge`: copy extra fields.

+* `zipmerge`: add option to keep files uncompressed.

+* Switch test framework to use nihtest instead of Perl.

+* Fix reading/writing compressed data with buffers > 4GiB.

+* Restore support for torrentzip.

+* Add warnings when using deprecated functions.

+* Allow keeping files for empty archives.

+* Support mbedTLS>=3.3.0.

+* Support OpenSSL 3.

+* Use ISO C secure library functions, if available.

+

+

+# 1.9.2 [2022-06-28]

+

+* Fix version number in header file.

+

+

+# 1.9.1 [2022-06-28]

+

+* Fix `zip_file_is_seekable()`.

+

+

+# 1.9.0 [2022-06-13]

+

+* Add `zip_file_is_seekable()`.

+* Improve compatibility with WinAES.

+* Fix encoding handling in `zip_name_locate()`.

+* Add option to `zipcmp` to output summary of changes.

+* Various bug fixes and documentation improvements.

+

+

+# 1.8.0 [2021-06-18]

+

+* Add support for zstd (Zstandard) compression.

+* Add support for lzma (ID 14) compression.

+* Add `zip_source_window_create()`.

+* Add `zip_source_zip_create()` variant to `zip_source_zip()`.

+* Allow method specific `comp_flags` in `zip_set_file_compression()`.

+* Allow `zip_source_tell()` on sources that don't support seeking and `zip_ftell()` on compressed data.

+* Provide more details for consistency check errors.

+* Improve output of `zipcmp`.

+* In `zipcmp`, don’t ignore empty directories when comparing directory listing.

+* Treat empty string as no password given in `zip_file_set_encryption()`, `zip_fopen_encrypted()`, and `zip_set_default_password()`.

+

+

+# 1.7.3 [2020-07-15]

+

+* Support cmake < 3.17 again.

+* Fix pkgconfig file (regression in 1.7.2).

+

+

+# 1.7.2 [2020-07-11]

+

+* Fixes for the CMake `find_project()` files.

+* libzip moved to the CMake `libzip::` `NAMESPACE`.

+* CMake usage best practice cleanups.

+

+

+# 1.7.1 [2020-06-13]

+

+* Restore `LIBZIP_VERSION_{MAJOR,MINOR,MICRO}` symbols.

+* Fixes warnings reported by PVS-Studio.

+* Add `LIBZIP_DO_INSTALL` build setting to make it easier to use

+ libzip as subproject.

+

+

+# 1.7.0 [2020-06-05]

+

+* Add support for encrypting using traditional PKWare encryption.

+* Add `zip_compression_method_supported()`.

+* Add `zip_encryption_method_supported()`.

+* Add the `ZIP_SOURCE_GET_FILE_ATTRIBUTES` source command.

+* Refactor stdio file backend.

+* Add CMake find_project() support.

+

+

+# 1.6.1 [2020-02-03]

+

+* Bugfix for double-free in `zipcmp(1)` during cleanup.

+

+

+# 1.6.0 [2020-01-24]

+

+* Avoid using `umask()` since it's not thread-safe.

+* Set close-on-exec flag when opening files.

+* Do not accept empty files as valid zip archives any longer.

+* Add support for XZ compressed files (using liblzma).

+* Add support for cancelling while closing zip archives.

+* Add support for setting the time in the on-disk format.

+

+

+# 1.5.2 [2019-03-12]

+

+

+# 1.5.1 [2018-04-11]

+

+# 1.5.0 [2018-03-11]

+

+# 1.4.0 [2017-12-29]

+

+# 1.3.2 [2017-11-20]

+

+

+# 1.3.1 [2017-11-19]

+

+# 1.3.0 [2017-09-02]

+

+# 1.2.0 [2017-02-19]

+

+# 1.1.3 [2016-05-28]

+

+# 1.1.2 [2016-02-19]

+

+# 1.1.1 [2016-02-07]

+

+# 1.1 [2016-01-26]

+

+# 1.0.1 [2015-05-04]

+

+# 1.0 [2015-05-03]

+

+# 0.11.2 [2013-12-19]

+

+# 0.11.1 [2013-04-27]

+

+# 0.11 [2013-03-23]

+

+# 0.10.1 [2012-03-20]

+

+# 0.10 [2010-03-18]

+

+# 0.9.3 [2010-02-01]

+

+# 0.9.2 [2010-01-31]

+

+# 0.9.1 [2010-01-24]

+# 0.9 [2008-07-25]

+

+* on Windows, explicitly set dllimport/dllexport

+

+# 0.8 [2007-06-06]

+

+# 0.7.1 [2006-05-18]

+

+# 0.7 [2006-05-06]

+

+# 0.6.1 [2005-07-14]

+

+# 0.6 [2005-06-09]

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+/* to have ISO C secure library functions */

+#define __STDC_WANT_LIB_EXT1__ 1

+

+#if defined(_WIN32) && defined(ZIP_DLL) && !defined(ZIP_STATIC)

+#ifdef BUILDING_LIBZIP

+#define ZIP_EXTERN __declspec(dllimport)

+

+#ifdef _WIN32

+#elif !defined(__BOOL_DEFINED)

+/* not supported on at least Windows */

+#ifndef O_CLOEXEC

+#define O_CLOEXEC 0

+

+#ifdef _WIN32

+#if !defined(HAVE_SNPRINTF) && defined(HAVE__SNPRINTF)

+#if !defined(HAVE__SNWPRINTF_S)

+#define _snwprintf_s(buf, bufsz, len, fmt, ...) (_snwprintf((buf), (len), (fmt), __VA_ARGS__))

+#endif

+#ifdef HAVE_LOCALTIME_S

+#ifdef _WIN32

+/* Windows is incompatible to the C11 standard, hurray! */

+#define zip_localtime(t, tm) (localtime_s((tm), (t)) == 0 ? tm : NULL)

+#else

+#define zip_localtime localtime_s

+#endif

+#else

+#ifdef HAVE_LOCALTIME_R

+#define zip_localtime localtime_r

+#else

+#define zip_localtime(t, tm) (localtime(t))

+#endif

+#endif

+

+#ifndef HAVE_MEMCPY_S

+#define memcpy_s(dest, destsz, src, count) (memcpy((dest), (src), (count)) == NULL)

+#endif

+

+#ifndef HAVE_SNPRINTF_S

+#ifdef HAVE__SNPRINTF_S

+#define snprintf_s(buf, bufsz, fmt, ...) (_snprintf_s((buf), (bufsz), (bufsz), (fmt), __VA_ARGS__))

+#else

+#define snprintf_s snprintf

+#endif

+#ifndef HAVE_STRNCPY_S

+#define strncpy_s(dest, destsz, src, count) (strncpy((dest), (src), (count)), 0)

+#endif

+

+#ifndef HAVE_STRERROR_S

+#define strerrorlen_s(errnum) (strlen(strerror(errnum)))

+#define strerror_s(buf, bufsz, errnum) ((void)strncpy_s((buf), (bufsz), strerror(errnum), (bufsz)), (buf)[(bufsz)-1] = '\0', strerrorlen_s(errnum) >= (bufsz))

+#else

+#ifndef HAVE_STRERRORLEN_S

+#define strerrorlen_s(errnum) 8192

+#endif

+#endif

+

+#ifndef S_ISREG

+#define S_ISREG(mode) (((mode)&S_IFMT) == S_IFREG)

+#endif

+

+#define ENABLE_FDOPEN

+#if defined(_MSC_VER) && _MSC_VER < 1900

+#define HAVE__SNPRINTF

+#else

+#endif

+#define HAVE__SNPRINTF_S

+#define HAVE__SNWPRINTF_S

+/* #undef HAVE_ARC4RANDOM */

+#define HAVE_CRYPTO

+/* #undef HAVE_FCHMOD */

+/* #undef HAVE_LIBLZMA */

+/* #undef HAVE_LIBZSTD */

+/* #undef HAVE_LOCALTIME_R */

+#define HAVE_LOCALTIME_S

+#define HAVE_MEMCPY_S

+/* #undef HAVE_MBEDTLS */

+/* #undef HAVE_NULLABLE */

+/* #undef HAVE_OPENSSL */

+#if defined(_MSC_VER) && _MSC_VER < 1900

+#else

+#define HAVE_SNPRINTF

+#endif

+/* #undef HAVE_SNPRINTF_S */

+#define HAVE_STRERROR_S

+/* #undef HAVE_STRERRORLEN_S */

+#define HAVE_STRNCPY_S

+#if defined(_MSC_VER) && _MSC_VER < 1800

+#else

+#define HAVE_STRTOLL

+#define HAVE_STRTOULL

+#endif

+#if defined(_MSC_VER) && _MSC_VER < 1800

+#else

+#define HAVE_STDBOOL_H

+#endif

+#define HAVE_WINDOWS_CRYPTO

+#define SIZEOF_SIZE_T 8

+#define SIZEOF_SIZE_T 4

+#define VERSION "1.10.1"

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+#if defined(ZIP_DLL) && !defined(ZIP_STATIC)

+#ifdef BUILDING_LIBZIP

+#define ZIP_EXTERN __declspec(dllexport)

+#else

+#endif

+#ifndef ZIP_DEPRECATED

+#if defined(__GNUC__) || defined(__clang__)

+#define ZIP_DEPRECATED(x) __attribute__((deprecated(x)))

+#elif defined(_MSC_VER)

+#define ZIP_DEPRECATED(x) __declspec(deprecated(x))

+#else

+#define ZIP_DEPRECATED(x)

+#endif

+#endif

+

+/* 16u was ZIP_FL_RECOMPRESS, which is deprecated */

+#define ZIP_AFL_RDONLY 2u /* read only -- cannot be cleared */

+#define ZIP_AFL_IS_TORRENTZIP 4u /* current archive is torrentzipped */

+#define ZIP_AFL_WANT_TORRENTZIP 8u /* write archive in torrentzip format */

+#define ZIP_AFL_CREATE_OR_KEEP_FILE_FOR_EMPTY_ARCHIVE 16u /* don't remove file if archive is empty */

+/* length parameter to various functions */

+

+#define ZIP_LENGTH_TO_END 0

+#define ZIP_LENGTH_UNCHECKED (-2) /* only supported by zip_source_file and its variants */

+#define ZIP_ER_INCONS 21 /* L Zip archive inconsistent */

+#define ZIP_ER_CANCELLED 32 /* N Operation cancelled */

+#define ZIP_ER_DATA_LENGTH 33 /* N Unexpected length of data */

+#define ZIP_ER_NOT_ALLOWED 34 /* N Not allowed in torrentzip */

+#define ZIP_ET_NONE 0 /* sys_err unused */

+#define ZIP_ET_SYS 1 /* sys_err is errno */

+#define ZIP_ET_ZLIB 2 /* sys_err is zlib error code */

+#define ZIP_ET_LIBZIP 3 /* sys_err is libzip error code */

+#define ZIP_CM_TERSE 18 /* compressed using IBM TERSE (new) */

+#define ZIP_CM_LZ77 19 /* IBM LZ77 z Architecture (PFS) */

+/* 20 - old value for Zstandard */

+#define ZIP_CM_LZMA2 33

+#define ZIP_CM_ZSTD 93 /* Zstandard compressed data */

+ ZIP_SOURCE_OPEN, /* prepare for reading */

+ ZIP_SOURCE_READ, /* read data */

+ ZIP_SOURCE_CLOSE, /* reading is done */

+ ZIP_SOURCE_STAT, /* get meta information */

+ ZIP_SOURCE_ERROR, /* get error information */

+ ZIP_SOURCE_FREE, /* cleanup and free resources */

+ ZIP_SOURCE_SEEK, /* set position for reading */

+ ZIP_SOURCE_TELL, /* get read position */

+ ZIP_SOURCE_BEGIN_WRITE, /* prepare for writing */

+ ZIP_SOURCE_COMMIT_WRITE, /* writing is done */

+ ZIP_SOURCE_ROLLBACK_WRITE, /* discard written changes */

+ ZIP_SOURCE_WRITE, /* write data */

+ ZIP_SOURCE_SEEK_WRITE, /* set position for writing */

+ ZIP_SOURCE_TELL_WRITE, /* get write position */

+ ZIP_SOURCE_SUPPORTS, /* check whether source supports command */

+ ZIP_SOURCE_REMOVE, /* remove file */

+ ZIP_SOURCE_RESERVED_1, /* previously used internally */

+ ZIP_SOURCE_BEGIN_WRITE_CLONING, /* like ZIP_SOURCE_BEGIN_WRITE, but keep part of original file */

+ ZIP_SOURCE_ACCEPT_EMPTY, /* whether empty files are valid archives */

+ ZIP_SOURCE_GET_FILE_ATTRIBUTES, /* get additional file attributes */

+ ZIP_SOURCE_SUPPORTS_REOPEN /* allow reading from changed entry */

+#define ZIP_SOURCE_CHECK_SUPPORTED(supported, cmd) (((supported) & ZIP_SOURCE_MAKE_COMMAND_BITMASK(cmd)) != 0)

+

+/* clang-format off */

+/* clang-format on */

+ int zip_err; /* libzip error code (ZIP_ER_*) */

+ int sys_err; /* copy of errno (E*) or zlib error code */

+ char *_Nullable str; /* string representation or NULL */

+ const char *_Nullable name; /* name of the file */

+ zip_uint8_t *_Nonnull data;

+struct zip_file_attributes {

+ zip_uint64_t valid; /* which fields have valid values */

+ zip_uint8_t version; /* version of this struct, currently 1 */

+ zip_uint8_t host_system; /* host system on which file was created */

+ zip_uint8_t ascii; /* flag whether file is ASCII text */

+ zip_uint8_t version_needed; /* minimum version needed to extract file */

+ zip_uint32_t external_file_attributes; /* external file attributes (host-system specific) */

+ zip_uint16_t general_purpose_bit_flags; /* general purpose big flags, only some bits are honored */

+ zip_uint16_t general_purpose_bit_mask; /* which bits in general_purpose_bit_flags are valid */

+};

+

+#define ZIP_FILE_ATTRIBUTES_HOST_SYSTEM 0x0001u

+#define ZIP_FILE_ATTRIBUTES_ASCII 0x0002u

+#define ZIP_FILE_ATTRIBUTES_VERSION_NEEDED 0x0004u

+#define ZIP_FILE_ATTRIBUTES_EXTERNAL_FILE_ATTRIBUTES 0x0008u

+#define ZIP_FILE_ATTRIBUTES_GENERAL_PURPOSE_BIT_FLAGS 0x0010u

+

+typedef struct zip_file_attributes zip_file_attributes_t;

+typedef zip_int64_t (*zip_source_callback)(void *_Nullable, void *_Nullable, zip_uint64_t, zip_source_cmd_t);

+typedef zip_int64_t (*zip_source_layered_callback)(zip_source_t *_Nonnull, void *_Nullable, void *_Nullable, zip_uint64_t, enum zip_source_cmd);

+typedef void (*zip_progress_callback)(zip_t *_Nonnull, double, void *_Nullable);

+typedef int (*zip_cancel_callback)(zip_t *_Nonnull, void *_Nullable);

+#define ZIP_FL_RECOMPRESS 16u /* force recompression of data */

+

+ZIP_DEPRECATED("use 'zip_register_progress_callback_with_state' instead") ZIP_EXTERN void zip_register_progress_callback(zip_t *_Nonnull, zip_progress_callback_t _Nullable);

+

+ZIP_DEPRECATED("use 'zip_file_add' instead") ZIP_EXTERN zip_int64_t zip_add(zip_t *_Nonnull, const char *_Nonnull, zip_source_t *_Nonnull);

+ZIP_DEPRECATED("use 'zip_dir_add' instead") ZIP_EXTERN zip_int64_t zip_add_dir(zip_t *_Nonnull, const char *_Nonnull);

+ZIP_DEPRECATED("use 'zip_file_get_comment' instead") ZIP_EXTERN const char *_Nullable zip_get_file_comment(zip_t *_Nonnull, zip_uint64_t, int *_Nullable, int);

+ZIP_DEPRECATED("use 'zip_get_num_entries' instead") ZIP_EXTERN int zip_get_num_files(zip_t *_Nonnull);

+ZIP_DEPRECATED("use 'zip_file_rename' instead") ZIP_EXTERN int zip_rename(zip_t *_Nonnull, zip_uint64_t, const char *_Nonnull);

+ZIP_DEPRECATED("use 'zip_file_replace' instead") ZIP_EXTERN int zip_replace(zip_t *_Nonnull, zip_uint64_t, zip_source_t *_Nonnull);

+ZIP_DEPRECATED("use 'zip_file_set_comment' instead") ZIP_EXTERN int zip_set_file_comment(zip_t *_Nonnull, zip_uint64_t, const char *_Nullable, int);

+ZIP_DEPRECATED("use 'zip_error_init_with_code' and 'zip_error_system_type' instead") ZIP_EXTERN int zip_error_get_sys_type(int);

+ZIP_DEPRECATED("use 'zip_get_error' instead") ZIP_EXTERN void zip_error_get(zip_t *_Nonnull, int *_Nullable, int *_Nullable);

+ZIP_DEPRECATED("use 'zip_error_strerror' instead") ZIP_EXTERN int zip_error_to_str(char *_Nonnull, zip_uint64_t, int, int);

+ZIP_DEPRECATED("use 'zip_file_get_error' instead") ZIP_EXTERN void zip_file_error_get(zip_file_t *_Nonnull, int *_Nullable, int *_Nullable);

+ZIP_DEPRECATED("use 'zip_source_zip_file' instead") ZIP_EXTERN zip_source_t *_Nullable zip_source_zip(zip_t *_Nonnull, zip_t *_Nonnull, zip_uint64_t, zip_flags_t, zip_uint64_t, zip_int64_t);

+ZIP_DEPRECATED("use 'zip_source_zip_file_create' instead") ZIP_EXTERN zip_source_t *_Nullable zip_source_zip_create(zip_t *_Nonnull, zip_uint64_t, zip_flags_t, zip_uint64_t, zip_int64_t, zip_error_t *_Nullable);

+ZIP_EXTERN int zip_close(zip_t *_Nonnull);

+ZIP_EXTERN int zip_delete(zip_t *_Nonnull, zip_uint64_t);

+ZIP_EXTERN zip_int64_t zip_dir_add(zip_t *_Nonnull, const char *_Nonnull, zip_flags_t);

+ZIP_EXTERN void zip_discard(zip_t *_Nonnull);

+

+ZIP_EXTERN zip_error_t *_Nonnull zip_get_error(zip_t *_Nonnull);

+ZIP_EXTERN void zip_error_clear(zip_t *_Nonnull);

+ZIP_EXTERN int zip_error_code_zip(const zip_error_t *_Nonnull);

+ZIP_EXTERN int zip_error_code_system(const zip_error_t *_Nonnull);

+ZIP_EXTERN void zip_error_fini(zip_error_t *_Nonnull);

+ZIP_EXTERN void zip_error_init(zip_error_t *_Nonnull);

+ZIP_EXTERN void zip_error_init_with_code(zip_error_t *_Nonnull, int);

+ZIP_EXTERN void zip_error_set(zip_error_t *_Nullable, int, int);

+ZIP_EXTERN void zip_error_set_from_source(zip_error_t *_Nonnull, zip_source_t *_Nullable);

+ZIP_EXTERN const char *_Nonnull zip_error_strerror(zip_error_t *_Nonnull);

+ZIP_EXTERN int zip_error_system_type(const zip_error_t *_Nonnull);

+ZIP_EXTERN zip_int64_t zip_error_to_data(const zip_error_t *_Nonnull, void *_Nonnull, zip_uint64_t);

+

+ZIP_EXTERN int zip_fclose(zip_file_t *_Nonnull);

+ZIP_EXTERN zip_t *_Nullable zip_fdopen(int, int, int *_Nullable);

+ZIP_EXTERN zip_int64_t zip_file_add(zip_t *_Nonnull, const char *_Nonnull, zip_source_t *_Nonnull, zip_flags_t);

+ZIP_EXTERN void zip_file_attributes_init(zip_file_attributes_t *_Nonnull);

+ZIP_EXTERN void zip_file_error_clear(zip_file_t *_Nonnull);

+ZIP_EXTERN int zip_file_extra_field_delete(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, zip_flags_t);

+ZIP_EXTERN int zip_file_extra_field_delete_by_id(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, zip_uint16_t, zip_flags_t);

+ZIP_EXTERN int zip_file_extra_field_set(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, zip_uint16_t, const zip_uint8_t *_Nullable, zip_uint16_t, zip_flags_t);

+ZIP_EXTERN zip_int16_t zip_file_extra_fields_count(zip_t *_Nonnull, zip_uint64_t, zip_flags_t);

+ZIP_EXTERN zip_int16_t zip_file_extra_fields_count_by_id(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, zip_flags_t);

+ZIP_EXTERN const zip_uint8_t *_Nullable zip_file_extra_field_get(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, zip_uint16_t *_Nullable, zip_uint16_t *_Nullable, zip_flags_t);

+ZIP_EXTERN const zip_uint8_t *_Nullable zip_file_extra_field_get_by_id(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, zip_uint16_t, zip_uint16_t *_Nullable, zip_flags_t);

+ZIP_EXTERN const char *_Nullable zip_file_get_comment(zip_t *_Nonnull, zip_uint64_t, zip_uint32_t *_Nullable, zip_flags_t);

+ZIP_EXTERN zip_error_t *_Nonnull zip_file_get_error(zip_file_t *_Nonnull);

+ZIP_EXTERN int zip_file_get_external_attributes(zip_t *_Nonnull, zip_uint64_t, zip_flags_t, zip_uint8_t *_Nullable, zip_uint32_t *_Nullable);

+ZIP_EXTERN int zip_file_is_seekable(zip_file_t *_Nonnull);

+ZIP_EXTERN int zip_file_rename(zip_t *_Nonnull, zip_uint64_t, const char *_Nonnull, zip_flags_t);

+ZIP_EXTERN int zip_file_replace(zip_t *_Nonnull, zip_uint64_t, zip_source_t *_Nonnull, zip_flags_t);

+ZIP_EXTERN int zip_file_set_comment(zip_t *_Nonnull, zip_uint64_t, const char *_Nullable, zip_uint16_t, zip_flags_t);

+ZIP_EXTERN int zip_file_set_dostime(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, zip_uint16_t, zip_flags_t);

+ZIP_EXTERN int zip_file_set_encryption(zip_t *_Nonnull, zip_uint64_t, zip_uint16_t, const char *_Nullable);

+ZIP_EXTERN int zip_file_set_external_attributes(zip_t *_Nonnull, zip_uint64_t, zip_flags_t, zip_uint8_t, zip_uint32_t);

+ZIP_EXTERN int zip_file_set_mtime(zip_t *_Nonnull, zip_uint64_t, time_t, zip_flags_t);

+ZIP_EXTERN const char *_Nonnull zip_file_strerror(zip_file_t *_Nonnull);

+ZIP_EXTERN zip_file_t *_Nullable zip_fopen(zip_t *_Nonnull, const char *_Nonnull, zip_flags_t);

+ZIP_EXTERN zip_file_t *_Nullable zip_fopen_encrypted(zip_t *_Nonnull, const char *_Nonnull, zip_flags_t, const char *_Nullable);

+ZIP_EXTERN zip_file_t *_Nullable zip_fopen_index(zip_t *_Nonnull, zip_uint64_t, zip_flags_t);

+ZIP_EXTERN zip_file_t *_Nullable zip_fopen_index_encrypted(zip_t *_Nonnull, zip_uint64_t, zip_flags_t, const char *_Nullable);

+ZIP_EXTERN zip_int64_t zip_fread(zip_file_t *_Nonnull, void *_Nonnull, zip_uint64_t);

+ZIP_EXTERN zip_int8_t zip_fseek(zip_file_t *_Nonnull, zip_int64_t, int);

+ZIP_EXTERN zip_int64_t zip_ftell(zip_file_t *_Nonnull);

+ZIP_EXTERN const char *_Nullable zip_get_archive_comment(zip_t *_Nonnull, int *_Nullable, zip_flags_t);

+ZIP_EXTERN int zip_get_archive_flag(zip_t *_Nonnull, zip_flags_t, zip_flags_t);

+ZIP_EXTERN const char *_Nullable zip_get_name(zip_t *_Nonnull, zip_uint64_t, zip_flags_t);

+ZIP_EXTERN zip_int64_t zip_get_num_entries(zip_t *_Nonnull, zip_flags_t);

+ZIP_EXTERN const char *_Nonnull zip_libzip_version(void);

+ZIP_EXTERN zip_int64_t zip_name_locate(zip_t *_Nonnull, const char *_Nonnull, zip_flags_t);

+ZIP_EXTERN zip_t *_Nullable zip_open(const char *_Nonnull, int, int *_Nullable);

+ZIP_EXTERN zip_t *_Nullable zip_open_from_source(zip_source_t *_Nonnull, int, zip_error_t *_Nullable);

+ZIP_EXTERN int zip_register_progress_callback_with_state(zip_t *_Nonnull, double, zip_progress_callback _Nullable, void (*_Nullable)(void *_Nullable), void *_Nullable);

+ZIP_EXTERN int zip_register_cancel_callback_with_state(zip_t *_Nonnull, zip_cancel_callback _Nullable, void (*_Nullable)(void *_Nullable), void *_Nullable);

+ZIP_EXTERN int zip_set_archive_comment(zip_t *_Nonnull, const char *_Nullable, zip_uint16_t);

+ZIP_EXTERN int zip_set_archive_flag(zip_t *_Nonnull, zip_flags_t, int);

+ZIP_EXTERN int zip_set_default_password(zip_t *_Nonnull, const char *_Nullable);

+ZIP_EXTERN int zip_set_file_compression(zip_t *_Nonnull, zip_uint64_t, zip_int32_t, zip_uint32_t);

+ZIP_EXTERN int zip_source_begin_write(zip_source_t *_Nonnull);

+ZIP_EXTERN int zip_source_begin_write_cloning(zip_source_t *_Nonnull, zip_uint64_t);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_buffer(zip_t *_Nonnull, const void *_Nullable, zip_uint64_t, int);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_buffer_create(const void *_Nullable, zip_uint64_t, int, zip_error_t *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_buffer_fragment(zip_t *_Nonnull, const zip_buffer_fragment_t *_Nonnull, zip_uint64_t, int);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_buffer_fragment_create(const zip_buffer_fragment_t *_Nullable, zip_uint64_t, int, zip_error_t *_Nullable);

+ZIP_EXTERN int zip_source_close(zip_source_t *_Nonnull);

+ZIP_EXTERN int zip_source_commit_write(zip_source_t *_Nonnull);

+ZIP_EXTERN zip_error_t *_Nonnull zip_source_error(zip_source_t *_Nonnull);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_file(zip_t *_Nonnull, const char *_Nonnull, zip_uint64_t, zip_int64_t);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_file_create(const char *_Nonnull, zip_uint64_t, zip_int64_t, zip_error_t *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_filep(zip_t *_Nonnull, FILE *_Nonnull, zip_uint64_t, zip_int64_t);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_filep_create(FILE *_Nonnull, zip_uint64_t, zip_int64_t, zip_error_t *_Nullable);

+ZIP_EXTERN void zip_source_free(zip_source_t *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_function(zip_t *_Nonnull, zip_source_callback _Nonnull, void *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_function_create(zip_source_callback _Nonnull, void *_Nullable, zip_error_t *_Nullable);

+ZIP_EXTERN int zip_source_get_file_attributes(zip_source_t *_Nonnull, zip_file_attributes_t *_Nonnull);

+ZIP_EXTERN int zip_source_is_deleted(zip_source_t *_Nonnull);

+ZIP_EXTERN int zip_source_is_seekable(zip_source_t *_Nonnull);

+ZIP_EXTERN void zip_source_keep(zip_source_t *_Nonnull);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_layered(zip_t *_Nullable, zip_source_t *_Nonnull, zip_source_layered_callback _Nonnull, void *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_layered_create(zip_source_t *_Nonnull, zip_source_layered_callback _Nonnull, void *_Nullable, zip_error_t *_Nullable);

+ZIP_EXTERN int zip_source_open(zip_source_t *_Nonnull);

+ZIP_EXTERN zip_int64_t zip_source_pass_to_lower_layer(zip_source_t *_Nonnull, void *_Nullable, zip_uint64_t, zip_source_cmd_t);

+ZIP_EXTERN zip_int64_t zip_source_read(zip_source_t *_Nonnull, void *_Nonnull, zip_uint64_t);

+ZIP_EXTERN void zip_source_rollback_write(zip_source_t *_Nonnull);

+ZIP_EXTERN int zip_source_seek(zip_source_t *_Nonnull, zip_int64_t, int);

+ZIP_EXTERN zip_int64_t zip_source_seek_compute_offset(zip_uint64_t, zip_uint64_t, void *_Nonnull, zip_uint64_t, zip_error_t *_Nullable);

+ZIP_EXTERN int zip_source_seek_write(zip_source_t *_Nonnull, zip_int64_t, int);

+ZIP_EXTERN int zip_source_stat(zip_source_t *_Nonnull, zip_stat_t *_Nonnull);

+ZIP_EXTERN zip_int64_t zip_source_tell(zip_source_t *_Nonnull);

+ZIP_EXTERN zip_int64_t zip_source_tell_write(zip_source_t *_Nonnull);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_win32a(zip_t *_Nonnull, const char *_Nonnull, zip_uint64_t, zip_int64_t);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_win32a_create(const char *_Nonnull, zip_uint64_t, zip_int64_t, zip_error_t *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_win32handle(zip_t *_Nonnull, void *_Nonnull, zip_uint64_t, zip_int64_t);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_win32handle_create(void *_Nonnull, zip_uint64_t, zip_int64_t, zip_error_t *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_win32w(zip_t *_Nonnull, const wchar_t *_Nonnull, zip_uint64_t, zip_int64_t);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_win32w_create(const wchar_t *_Nonnull, zip_uint64_t, zip_int64_t, zip_error_t *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_window_create(zip_source_t *_Nonnull, zip_uint64_t, zip_int64_t, zip_error_t *_Nullable);

+ZIP_EXTERN zip_int64_t zip_source_write(zip_source_t *_Nonnull, const void *_Nullable, zip_uint64_t);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_zip_file(zip_t *_Nonnull, zip_t *_Nonnull, zip_uint64_t, zip_flags_t, zip_uint64_t, zip_int64_t, const char *_Nullable);

+ZIP_EXTERN zip_source_t *_Nullable zip_source_zip_file_create(zip_t *_Nonnull, zip_uint64_t, zip_flags_t, zip_uint64_t, zip_int64_t, const char *_Nullable, zip_error_t *_Nullable);

+ZIP_EXTERN int zip_stat(zip_t *_Nonnull, const char *_Nonnull, zip_flags_t, zip_stat_t *_Nonnull);

+ZIP_EXTERN int zip_stat_index(zip_t *_Nonnull, zip_uint64_t, zip_flags_t, zip_stat_t *_Nonnull);

+ZIP_EXTERN void zip_stat_init(zip_stat_t *_Nonnull);

+ZIP_EXTERN const char *_Nonnull zip_strerror(zip_t *_Nonnull);

+ZIP_EXTERN int zip_unchange(zip_t *_Nonnull, zip_uint64_t);

+ZIP_EXTERN int zip_unchange_all(zip_t *_Nonnull);

+ZIP_EXTERN int zip_unchange_archive(zip_t *_Nonnull);

+ZIP_EXTERN int zip_compression_method_supported(zip_int32_t method, int compress);

+ZIP_EXTERN int zip_encryption_method_supported(zip_uint16_t method, int encode);

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+ The index can not be larger than ZIP_INT64_MAX since the size

+ of the central directory cannot be larger than

+ ZIP_UINT64_MAX, and each entry is larger than 2 bytes.

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+ zip_entry_t *rentries;

+ zip_uint64_t nalloc = za->nentry_alloc;

+ zip_uint64_t additional_entries = 2 * nalloc;

+ zip_uint64_t realloc_size;

+ if (additional_entries < 16) {

+ additional_entries = 16;

+ }

+ else if (additional_entries > 1024) {

+ additional_entries = 1024;

+ }

+ /* neither + nor * overflows can happen: nentry_alloc * sizeof(struct zip_entry) < UINT64_MAX */

+ nalloc += additional_entries;

+ realloc_size = sizeof(struct zip_entry) * (size_t)nalloc;

+ if (sizeof(struct zip_entry) * (size_t)za->nentry_alloc > realloc_size) {

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ return -1;

+ }

+ rentries = (zip_entry_t *)realloc(za->entry, sizeof(struct zip_entry) * (size_t)nalloc);

+ if (!rentries) {

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ return -1;

+ }

+ za->entry = rentries;

+ za->nentry_alloc = nalloc;

+/*

+ zip_algorithm_bzip2.c -- bzip2 (de)compression routines

+ Copyright (C) 2017-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#include "zipint.h"

+

+#include <bzlib.h>

+#include <limits.h>

+#include <stdlib.h>

+

+struct ctx {

+ zip_error_t *error;

+ bool compress;

+ int compression_flags;

+ bool end_of_input;

+ bz_stream zstr;

+};

+

+

+static zip_uint64_t

+maximum_compressed_size(zip_uint64_t uncompressed_size) {

+ zip_uint64_t compressed_size = (zip_uint64_t)((double)uncompressed_size * 1.006);

+

+ if (compressed_size < uncompressed_size) {

+ return ZIP_UINT64_MAX;

+ }

+ return compressed_size;

+}

+

+

+static void *

+allocate(bool compress, zip_uint32_t compression_flags, zip_error_t *error) {

+ struct ctx *ctx;

+

+ if ((ctx = (struct ctx *)malloc(sizeof(*ctx))) == NULL) {

+ return NULL;

+ }

+

+ ctx->error = error;

+ ctx->compress = compress;

+ if (compression_flags >= 1 && compression_flags <= 9) {

+ ctx->compression_flags = (int)compression_flags;

+ }

+ else {

+ ctx->compression_flags = 9;

+ }

+ ctx->end_of_input = false;

+

+ ctx->zstr.bzalloc = NULL;

+ ctx->zstr.bzfree = NULL;

+ ctx->zstr.opaque = NULL;

+

+ return ctx;

+}

+

+

+static void *

+compress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ (void)method;

+ return allocate(true, compression_flags, error);

+}

+

+

+static void *

+decompress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ (void)method;

+ return allocate(false, compression_flags, error);

+}

+

+

+static void

+deallocate(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ free(ctx);

+}

+

+

+static zip_uint16_t

+general_purpose_bit_flags(void *ud) {

+ (void)ud;

+ return 0;

+}

+

+

+static int

+map_error(int ret) {

+ switch (ret) {

+ case BZ_FINISH_OK:

+ case BZ_FLUSH_OK:

+ case BZ_OK:

+ case BZ_RUN_OK:

+ case BZ_STREAM_END:

+ return ZIP_ER_OK;

+

+ case BZ_DATA_ERROR:

+ case BZ_DATA_ERROR_MAGIC:

+ case BZ_UNEXPECTED_EOF:

+ return ZIP_ER_COMPRESSED_DATA;

+

+ case BZ_MEM_ERROR:

+ return ZIP_ER_MEMORY;

+

+ case BZ_PARAM_ERROR:

+ return ZIP_ER_INVAL;

+

+ case BZ_CONFIG_ERROR: /* actually, bzip2 miscompiled */

+ case BZ_IO_ERROR:

+ case BZ_OUTBUFF_FULL:

+ case BZ_SEQUENCE_ERROR:

+ default:

+ return ZIP_ER_INTERNAL;

+ }

+}

+

+static bool

+start(void *ud, zip_stat_t *st, zip_file_attributes_t *attributes) {

+ struct ctx *ctx = (struct ctx *)ud;

+ int ret;

+

+ (void)st;

+ (void)attributes;

+

+ ctx->zstr.avail_in = 0;

+ ctx->zstr.next_in = NULL;

+ ctx->zstr.avail_out = 0;

+ ctx->zstr.next_out = NULL;

+

+ if (ctx->compress) {

+ ret = BZ2_bzCompressInit(&ctx->zstr, ctx->compression_flags, 0, 30);

+ }

+ else {

+ ret = BZ2_bzDecompressInit(&ctx->zstr, 0, 0);

+ }

+

+ if (ret != BZ_OK) {

+ zip_error_set(ctx->error, map_error(ret), 0);

+ return false;

+ }

+

+ return true;

+}

+

+

+static bool

+end(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+ int err;

+

+ if (ctx->compress) {

+ err = BZ2_bzCompressEnd(&ctx->zstr);

+ }

+ else {

+ err = BZ2_bzDecompressEnd(&ctx->zstr);

+ }

+

+ if (err != BZ_OK) {

+ zip_error_set(ctx->error, map_error(err), 0);

+ return false;

+ }

+

+ return true;

+}

+

+

+static bool

+input(void *ud, zip_uint8_t *data, zip_uint64_t length) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ if (length > UINT_MAX || ctx->zstr.avail_in > 0) {

+ zip_error_set(ctx->error, ZIP_ER_INVAL, 0);

+ return false;

+ }

+

+ ctx->zstr.avail_in = (unsigned int)length;

+ ctx->zstr.next_in = (char *)data;

+

+ return true;

+}

+

+

+static void

+end_of_input(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ ctx->end_of_input = true;

+}

+

+

+static zip_compression_status_t

+process(void *ud, zip_uint8_t *data, zip_uint64_t *length) {

+ struct ctx *ctx = (struct ctx *)ud;

+ unsigned int avail_out;

+

+ int ret;

+

+ if (ctx->zstr.avail_in == 0 && !ctx->end_of_input) {

+ *length = 0;

+ return ZIP_COMPRESSION_NEED_DATA;

+ }

+

+ avail_out = (unsigned int)ZIP_MIN(UINT_MAX, *length);

+ ctx->zstr.avail_out = avail_out;

+ ctx->zstr.next_out = (char *)data;

+

+ if (ctx->compress) {

+ ret = BZ2_bzCompress(&ctx->zstr, ctx->end_of_input ? BZ_FINISH : BZ_RUN);

+ }

+ else {

+ ret = BZ2_bzDecompress(&ctx->zstr);

+ }

+

+ *length = avail_out - ctx->zstr.avail_out;

+

+ switch (ret) {

+ case BZ_FINISH_OK: /* compression */

+ return ZIP_COMPRESSION_OK;

+

+ case BZ_OK: /* decompression */

+ case BZ_RUN_OK: /* compression */

+ if (ctx->zstr.avail_in == 0) {

+ return ZIP_COMPRESSION_NEED_DATA;

+ }

+ return ZIP_COMPRESSION_OK;

+

+ case BZ_STREAM_END:

+ return ZIP_COMPRESSION_END;

+

+ default:

+ zip_error_set(ctx->error, map_error(ret), 0);

+ return ZIP_COMPRESSION_ERROR;

+ }

+}

+

+/* clang-format off */

+

+zip_compression_algorithm_t zip_algorithm_bzip2_compress = {

+ maximum_compressed_size,

+ compress_allocate,

+ deallocate,

+ general_purpose_bit_flags,

+ 46,

+ start,

+ end,

+ input,

+ end_of_input,

+ process

+};

+

+

+zip_compression_algorithm_t zip_algorithm_bzip2_decompress = {

+ maximum_compressed_size,

+ decompress_allocate,

+ deallocate,

+ general_purpose_bit_flags,

+ 46,

+ start,

+ end,

+ input,

+ end_of_input,

+ process

+};

+

+/* clang-format on */

+ Copyright (C) 2017-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+ int level;

+ int mem_level;

+static zip_uint64_t

+maximum_compressed_size(zip_uint64_t uncompressed_size) {

+ /* max deflate size increase: size + ceil(size/16k)*5+6 */

+

+ zip_uint64_t compressed_size = uncompressed_size + (uncompressed_size + 16383) / 16384 * 5 + 6;

+

+ if (compressed_size < uncompressed_size) {

+ return ZIP_UINT64_MAX;

+ }

+ return compressed_size;

+}

+

+

+allocate(bool compress, zip_uint32_t compression_flags, zip_error_t *error) {

+ zip_error_set(error, ZIP_ET_SYS, errno);

+ return NULL;

+ if (compression_flags >= 1 && compression_flags <= 9) {

+ ctx->level = (int)compression_flags;

+ }

+ else {

+ ctx->level = Z_BEST_COMPRESSION;

+ ctx->mem_level = compression_flags == TORRENTZIP_COMPRESSION_FLAGS ? TORRENTZIP_MEM_LEVEL : MAX_MEM_LEVEL;

+compress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ (void)method;

+decompress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ (void)method;

+static zip_uint16_t

+general_purpose_bit_flags(void *ud) {

+ return 0;

+ if (ctx->level < 3) {

+ return 2 << 1;

+ else if (ctx->level > 7) {

+ return 1 << 1;

+start(void *ud, zip_stat_t *st, zip_file_attributes_t *attributes) {

+ (void)st;

+ (void)attributes;

+

+ /* negative value to tell zlib not to write a header */

+ ret = deflateInit2(&ctx->zstr, ctx->level, Z_DEFLATED, -MAX_WBITS, ctx->mem_level, Z_DEFAULT_STRATEGY);

+ ret = inflateInit2(&ctx->zstr, -MAX_WBITS);

+ zip_error_set(ctx->error, ZIP_ER_ZLIB, ret);

+ return false;

+ err = deflateEnd(&ctx->zstr);

+ err = inflateEnd(&ctx->zstr);

+ zip_error_set(ctx->error, ZIP_ER_ZLIB, err);

+ return false;

+ zip_error_set(ctx->error, ZIP_ER_INVAL, 0);

+ return false;

+ uInt avail_out;

+ avail_out = (uInt)ZIP_MIN(UINT_MAX, *length);

+ ctx->zstr.avail_out = avail_out;

+ ret = deflate(&ctx->zstr, ctx->end_of_input ? Z_FINISH : 0);

+ ret = inflate(&ctx->zstr, Z_SYNC_FLUSH);

+ *length = avail_out - ctx->zstr.avail_out;

+ return ZIP_COMPRESSION_OK;

+ return ZIP_COMPRESSION_END;

+ if (ctx->zstr.avail_in == 0) {

+ return ZIP_COMPRESSION_NEED_DATA;

+ }

+ /* fallthrough */

+ zip_error_set(ctx->error, ZIP_ER_ZLIB, ret);

+ return ZIP_COMPRESSION_ERROR;

+/* clang-format off */

+ maximum_compressed_size,

+ general_purpose_bit_flags,

+ 20,

+ maximum_compressed_size,

+ general_purpose_bit_flags,

+ 20,

+/* clang-format on */

+/*

+ zip_algorithm_xz.c -- LZMA/XZ (de)compression routines

+ Bazed on zip_algorithm_deflate.c -- deflate (de)compression routines

+ Copyright (C) 2017-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#include "zipint.h"

+

+#include <limits.h>

+#include <lzma.h>

+#include <stdlib.h>

+#include <zlib.h>

+

+enum header_state { INCOMPLETE, OUTPUT, DONE };

+

+#define HEADER_BYTES_ZIP 9

+#define HEADER_MAGIC_LENGTH 4

+#define HEADER_MAGIC1_OFFSET 0

+#define HEADER_MAGIC2_OFFSET 2

+#define HEADER_SIZE_OFFSET 9

+#define HEADER_SIZE_LENGTH 8

+#define HEADER_PARAMETERS_LENGTH 5

+#define HEADER_LZMA_ALONE_LENGTH (HEADER_PARAMETERS_LENGTH + HEADER_SIZE_LENGTH)

+

+struct ctx {

+ zip_error_t *error;

+ bool compress;

+ zip_uint32_t compression_flags;

+ bool end_of_input;

+ lzma_stream zstr;

+ zip_uint16_t method;

+ /* header member is used for converting from zip to "lzma alone"

+ * format

+ *

+ * "lzma alone" file format starts with:

+ * 5 bytes lzma parameters

+ * 8 bytes uncompressed size

+ * compressed data

+ *

+ * zip archive on-disk format starts with

+ * 4 bytes magic (first two bytes vary, e.g. 0x0914 or 0x1002, next bytes are 0x0500)

+ * 5 bytes lzma parameters

+ * compressed data

+ *

+ * we read the data into a header of the form

+ * 4 bytes magic

+ * 5 bytes lzma parameters

+ * 8 bytes uncompressed size

+ */

+ zip_uint8_t header[HEADER_MAGIC_LENGTH + HEADER_LZMA_ALONE_LENGTH];

+ zip_uint8_t header_bytes_offset;

+ enum header_state header_state;

+ zip_uint64_t uncompresssed_size;

+};

+

+

+static zip_uint64_t

+maximum_compressed_size(zip_uint64_t uncompressed_size) {

+ /*

+ According to https://sourceforge.net/p/sevenzip/discussion/45797/thread/b6bd62f8/

+

+ 1) you can use

+ outSize = 1.10 * originalSize + 64 KB.

+ in most cases outSize is less then 1.02 from originalSize.

+ 2) You can try LZMA2, where

+ outSize can be = 1.001 * originalSize + 1 KB.

+ */

+ /* 13 bytes added for lzma alone header */

+ zip_uint64_t compressed_size = (zip_uint64_t)((double)uncompressed_size * 1.1) + 64 * 1024 + 13;

+

+ if (compressed_size < uncompressed_size) {

+ return ZIP_UINT64_MAX;

+ }

+ return compressed_size;

+}

+

+

+static void *

+allocate(bool compress, zip_uint32_t compression_flags, zip_error_t *error, zip_uint16_t method) {

+ struct ctx *ctx;

+

+ if ((ctx = (struct ctx *)malloc(sizeof(*ctx))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ ctx->error = error;

+ ctx->compress = compress;

+ if (compression_flags <= 9) {

+ ctx->compression_flags = compression_flags;

+ } else {

+ ctx->compression_flags = 6; /* default value */

+ }

+ ctx->compression_flags |= LZMA_PRESET_EXTREME;

+ ctx->end_of_input = false;

+ memset(ctx->header, 0, sizeof(ctx->header));

+ ctx->header_bytes_offset = 0;

+ if (method == ZIP_CM_LZMA) {

+ ctx->header_state = INCOMPLETE;

+ }

+ else {

+ ctx->header_state = DONE;

+ }

+ memset(&ctx->zstr, 0, sizeof(ctx->zstr));

+ ctx->method = method;

+ return ctx;

+}

+

+

+static void *

+compress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ return allocate(true, compression_flags, error, method);

+}

+

+

+static void *

+decompress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ return allocate(false, compression_flags, error, method);

+}

+

+

+static void

+deallocate(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+ free(ctx);

+}

+

+

+static zip_uint16_t

+general_purpose_bit_flags(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ if (!ctx->compress) {

+ return 0;

+ }

+

+ if (ctx->method == ZIP_CM_LZMA) {

+ /* liblzma always returns an EOS/EOPM marker, see

+ * https://sourceforge.net/p/lzmautils/discussion/708858/thread/84c5dbb9/#a5e4/3764 */

+ return 1 << 1;

+ }

+ return 0;

+}

+

+static int

+map_error(lzma_ret ret) {

+ switch (ret) {

+ case LZMA_DATA_ERROR:

+ case LZMA_UNSUPPORTED_CHECK:

+ return ZIP_ER_COMPRESSED_DATA;

+

+ case LZMA_MEM_ERROR:

+ return ZIP_ER_MEMORY;

+

+ case LZMA_OPTIONS_ERROR:

+ return ZIP_ER_INVAL;

+

+ default:

+ return ZIP_ER_INTERNAL;

+ }

+}

+

+

+static bool

+start(void *ud, zip_stat_t *st, zip_file_attributes_t *attributes) {

+ struct ctx *ctx = (struct ctx *)ud;

+ lzma_ret ret;

+

+ lzma_options_lzma opt_lzma;

+ lzma_lzma_preset(&opt_lzma, ctx->compression_flags);

+ lzma_filter filters[] = {

+ {.id = (ctx->method == ZIP_CM_LZMA ? LZMA_FILTER_LZMA1 : LZMA_FILTER_LZMA2), .options = &opt_lzma},

+ {.id = LZMA_VLI_UNKNOWN, .options = NULL},

+ };

+

+ ctx->zstr.avail_in = 0;

+ ctx->zstr.next_in = NULL;

+ ctx->zstr.avail_out = 0;

+ ctx->zstr.next_out = NULL;

+

+ if (ctx->compress) {

+ if (ctx->method == ZIP_CM_LZMA)

+ ret = lzma_alone_encoder(&ctx->zstr, filters[0].options);

+ else

+ ret = lzma_stream_encoder(&ctx->zstr, filters, LZMA_CHECK_CRC64);

+ }

+ else {

+ if (ctx->method == ZIP_CM_LZMA)

+ ret = lzma_alone_decoder(&ctx->zstr, UINT64_MAX);

+ else

+ ret = lzma_stream_decoder(&ctx->zstr, UINT64_MAX, LZMA_CONCATENATED);

+ }

+

+ if (ret != LZMA_OK) {

+ zip_error_set(ctx->error, map_error(ret), 0);

+ return false;

+ }

+

+ /* If general purpose bits 1 & 2 are both zero, write real uncompressed size in header. */

+ if ((attributes->valid & ZIP_FILE_ATTRIBUTES_GENERAL_PURPOSE_BIT_FLAGS) && (attributes->general_purpose_bit_mask & 0x6) == 0x6 && (attributes->general_purpose_bit_flags & 0x06) == 0 && (st->valid & ZIP_STAT_SIZE)) {

+ ctx->uncompresssed_size = st->size;

+ }

+ else {

+ ctx->uncompresssed_size = ZIP_UINT64_MAX;

+ }

+

+ return true;

+}

+

+

+static bool

+end(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ lzma_end(&ctx->zstr);

+ return true;

+}

+

+

+static bool

+input(void *ud, zip_uint8_t *data, zip_uint64_t length) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ if (length > UINT_MAX || ctx->zstr.avail_in > 0) {

+ zip_error_set(ctx->error, ZIP_ER_INVAL, 0);

+ return false;

+ }

+

+ /* For decompression of LZMA1: Have we read the full "lzma alone" header yet? */

+ if (ctx->method == ZIP_CM_LZMA && !ctx->compress && ctx->header_state == INCOMPLETE) {

+ /* if not, get more of the data */

+ zip_uint8_t got = (zip_uint8_t)ZIP_MIN(HEADER_BYTES_ZIP - ctx->header_bytes_offset, length);

+ (void)memcpy_s(ctx->header + ctx->header_bytes_offset, sizeof(ctx->header) - ctx->header_bytes_offset, data, got);

+ ctx->header_bytes_offset += got;

+ length -= got;

+ data += got;

+ /* Do we have a complete header now? */

+ if (ctx->header_bytes_offset == HEADER_BYTES_ZIP) {

+ Bytef empty_buffer[1];

+ zip_buffer_t *buffer;

+ /* check magic */

+ if (ctx->header[HEADER_MAGIC2_OFFSET] != 0x05 || ctx->header[HEADER_MAGIC2_OFFSET + 1] != 0x00) {

+ /* magic does not match */

+ zip_error_set(ctx->error, ZIP_ER_COMPRESSED_DATA, 0);

+ return false;

+ }

+ /* set size of uncompressed data in "lzma alone" header to "unknown" */

+ if ((buffer = _zip_buffer_new(ctx->header + HEADER_SIZE_OFFSET, HEADER_SIZE_LENGTH)) == NULL) {

+ zip_error_set(ctx->error, ZIP_ER_MEMORY, 0);

+ return false;

+ }

+ _zip_buffer_put_64(buffer, ctx->uncompresssed_size);

+ _zip_buffer_free(buffer);

+ /* Feed header into "lzma alone" decoder, for

+ * initialization; this should not produce output. */

+ ctx->zstr.next_in = (void *)(ctx->header + HEADER_MAGIC_LENGTH);

+ ctx->zstr.avail_in = HEADER_LZMA_ALONE_LENGTH;

+ ctx->zstr.total_in = 0;

+ ctx->zstr.next_out = empty_buffer;

+ ctx->zstr.avail_out = sizeof(*empty_buffer);

+ ctx->zstr.total_out = 0;

+ /* this just initializes the decoder and does not produce output, so it consumes the complete header */

+ if (lzma_code(&ctx->zstr, LZMA_RUN) != LZMA_OK || ctx->zstr.total_out > 0) {

+ zip_error_set(ctx->error, ZIP_ER_COMPRESSED_DATA, 0);

+ return false;

+ }

+ ctx->header_state = DONE;

+ }

+ }

+ ctx->zstr.avail_in = (uInt)length;

+ ctx->zstr.next_in = (Bytef *)data;

+

+ return true;

+}

+

+

+static void

+end_of_input(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ ctx->end_of_input = true;

+}

+

+

+static zip_compression_status_t

+process(void *ud, zip_uint8_t *data, zip_uint64_t *length) {

+ struct ctx *ctx = (struct ctx *)ud;

+ uInt avail_out;

+ lzma_ret ret;

+ /* for compression of LZMA1 */

+ if (ctx->method == ZIP_CM_LZMA && ctx->compress) {

+ if (ctx->header_state == INCOMPLETE) {

+ /* write magic to output buffer */

+ ctx->header[0] = 0x09;

+ ctx->header[1] = 0x14;

+ ctx->header[2] = 0x05;

+ ctx->header[3] = 0x00;

+ /* generate lzma parameters into output buffer */

+ ctx->zstr.avail_out = HEADER_LZMA_ALONE_LENGTH;

+ ctx->zstr.next_out = ctx->header + HEADER_MAGIC_LENGTH;

+ ret = lzma_code(&ctx->zstr, LZMA_RUN);

+ if (ret != LZMA_OK || ctx->zstr.avail_out != 0) {

+ /* assume that the whole header will be provided with the first call to lzma_code */

+ return ZIP_COMPRESSION_ERROR;

+ }

+ ctx->header_state = OUTPUT;

+ }

+ if (ctx->header_state == OUTPUT) {

+ /* write header */

+ zip_uint8_t write_len = (zip_uint8_t)ZIP_MIN(HEADER_BYTES_ZIP - ctx->header_bytes_offset, *length);

+ (void)memcpy_s(data, *length, ctx->header + ctx->header_bytes_offset, write_len);

+ ctx->header_bytes_offset += write_len;

+ *length = write_len;

+ if (ctx->header_bytes_offset == HEADER_BYTES_ZIP) {

+ ctx->header_state = DONE;

+ }

+ return ZIP_COMPRESSION_OK;

+ }

+ }

+

+ avail_out = (uInt)ZIP_MIN(UINT_MAX, *length);

+ ctx->zstr.avail_out = avail_out;

+ ctx->zstr.next_out = (Bytef *)data;

+

+ ret = lzma_code(&ctx->zstr, ctx->end_of_input ? LZMA_FINISH : LZMA_RUN);

+ *length = avail_out - ctx->zstr.avail_out;

+

+ switch (ret) {

+ case LZMA_OK:

+ return ZIP_COMPRESSION_OK;

+

+ case LZMA_STREAM_END:

+ return ZIP_COMPRESSION_END;

+

+ case LZMA_BUF_ERROR:

+ if (ctx->zstr.avail_in == 0) {

+ return ZIP_COMPRESSION_NEED_DATA;

+ }

+

+ /* fallthrough */

+ default:

+ zip_error_set(ctx->error, map_error(ret), 0);

+ return ZIP_COMPRESSION_ERROR;

+ }

+}

+

+/* Version Required should be set to 63 (6.3) because this compression

+ method was only defined in appnote.txt version 6.3.8, but Winzip

+ does not unpack it if the value is not 20. */

+

+/* clang-format off */

+

+zip_compression_algorithm_t zip_algorithm_xz_compress = {

+ maximum_compressed_size,

+ compress_allocate,

+ deallocate,

+ general_purpose_bit_flags,

+ 20,

+ start,

+ end,

+ input,

+ end_of_input,

+ process

+};

+

+

+zip_compression_algorithm_t zip_algorithm_xz_decompress = {

+ maximum_compressed_size,

+ decompress_allocate,

+ deallocate,

+ general_purpose_bit_flags,

+ 20,

+ start,

+ end,

+ input,

+ end_of_input,

+ process

+};

+

+/* clang-format on */

+/*

+ zip_algorithm_zstd.c -- zstd (de)compression routines

+ Copyright (C) 2020-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#include "zipint.h"

+

+#include <stdlib.h>

+#include <zstd.h>

+#include <zstd_errors.h>

+

+struct ctx {

+ zip_error_t *error;

+ bool compress;

+ int compression_flags;

+ bool end_of_input;

+ ZSTD_DStream *zdstream;

+ ZSTD_CStream *zcstream;

+ ZSTD_outBuffer out;

+ ZSTD_inBuffer in;

+};

+

+static zip_uint64_t

+maximum_compressed_size(zip_uint64_t uncompressed_size) {

+ return ZSTD_compressBound(uncompressed_size);

+}

+

+

+static void *

+allocate(bool compress, zip_uint32_t compression_flags, zip_error_t *error) {

+ struct ctx *ctx;

+

+ if ((ctx = (struct ctx *)malloc(sizeof(*ctx))) == NULL) {

+ return NULL;

+ }

+

+ ctx->compression_flags = (zip_int32_t)compression_flags;

+ if (ctx->compression_flags < ZSTD_minCLevel() || ctx->compression_flags > ZSTD_maxCLevel()) {

+ ctx->compression_flags = 0; /* let zstd choose */

+ }

+

+ ctx->error = error;

+ ctx->compress = compress;

+ ctx->end_of_input = false;

+

+ ctx->zdstream = NULL;

+ ctx->zcstream = NULL;

+ ctx->in.src = NULL;

+ ctx->in.pos = 0;

+ ctx->in.size = 0;

+ ctx->out.dst = NULL;

+ ctx->out.pos = 0;

+ ctx->out.size = 0;

+

+ return ctx;

+}

+

+

+static void *

+compress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ (void)method;

+ return allocate(true, compression_flags, error);

+}

+

+

+static void *

+decompress_allocate(zip_uint16_t method, zip_uint32_t compression_flags, zip_error_t *error) {

+ (void)method;

+ return allocate(false, compression_flags, error);

+}

+

+

+static void

+deallocate(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+ free(ctx);

+}

+

+

+static zip_uint16_t

+general_purpose_bit_flags(void *ud) {

+ (void)ud;

+ return 0;

+}

+

+static int

+map_error(size_t ret) {

+ switch (ret) {

+ case ZSTD_error_no_error:

+ return ZIP_ER_OK;

+

+ case ZSTD_error_corruption_detected:

+ case ZSTD_error_checksum_wrong:

+ case ZSTD_error_dictionary_corrupted:

+ case ZSTD_error_dictionary_wrong:

+ return ZIP_ER_COMPRESSED_DATA;

+

+ case ZSTD_error_memory_allocation:

+ return ZIP_ER_MEMORY;

+

+ case ZSTD_error_parameter_unsupported:

+ case ZSTD_error_parameter_outOfBound:

+ return ZIP_ER_INVAL;

+

+ default:

+ return ZIP_ER_INTERNAL;

+ }

+}

+

+

+static bool

+start(void *ud, zip_stat_t *st, zip_file_attributes_t *attributes) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ (void)st;

+ (void)attributes;

+

+ ctx->in.src = NULL;

+ ctx->in.pos = 0;

+ ctx->in.size = 0;

+ ctx->out.dst = NULL;

+ ctx->out.pos = 0;

+ ctx->out.size = 0;

+ if (ctx->compress) {

+ size_t ret;

+ ctx->zcstream = ZSTD_createCStream();

+ if (ctx->zcstream == NULL) {

+ zip_error_set(ctx->error, ZIP_ER_MEMORY, 0);

+ return false;

+ }

+ ret = ZSTD_initCStream(ctx->zcstream, ctx->compression_flags);

+ if (ZSTD_isError(ret)) {

+ zip_error_set(ctx->error, ZIP_ER_ZLIB, map_error(ret));

+ return false;

+ }

+ }

+ else {

+ ctx->zdstream = ZSTD_createDStream();

+ if (ctx->zdstream == NULL) {

+ zip_error_set(ctx->error, ZIP_ER_MEMORY, 0);

+ return false;

+ }

+ }

+

+ return true;

+}

+

+

+static bool

+end(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+ size_t ret;

+

+ if (ctx->compress) {

+ ret = ZSTD_freeCStream(ctx->zcstream);

+ ctx->zcstream = NULL;

+ }

+ else {

+ ret = ZSTD_freeDStream(ctx->zdstream);

+ ctx->zdstream = NULL;

+ }

+

+ if (ZSTD_isError(ret)) {

+ zip_error_set(ctx->error, map_error(ret), 0);

+ return false;

+ }

+

+ return true;

+}

+

+

+static bool

+input(void *ud, zip_uint8_t *data, zip_uint64_t length) {

+ struct ctx *ctx = (struct ctx *)ud;

+ if (length > SIZE_MAX || ctx->in.pos != ctx->in.size) {

+ zip_error_set(ctx->error, ZIP_ER_INVAL, 0);

+ return false;

+ }

+ ctx->in.src = (const void *)data;

+ ctx->in.size = (size_t)length;

+ ctx->in.pos = 0;

+ return true;

+}

+

+

+static void

+end_of_input(void *ud) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ ctx->end_of_input = true;

+}

+

+

+static zip_compression_status_t

+process(void *ud, zip_uint8_t *data, zip_uint64_t *length) {

+ struct ctx *ctx = (struct ctx *)ud;

+

+ size_t ret;

+

+ if (ctx->in.pos == ctx->in.size && !ctx->end_of_input) {

+ *length = 0;

+ return ZIP_COMPRESSION_NEED_DATA;

+ }

+

+ ctx->out.dst = data;

+ ctx->out.pos = 0;

+ ctx->out.size = ZIP_MIN(SIZE_MAX, *length);

+

+ if (ctx->compress) {

+ if (ctx->in.pos == ctx->in.size && ctx->end_of_input) {

+ ret = ZSTD_endStream(ctx->zcstream, &ctx->out);

+ if (ret == 0) {

+ *length = ctx->out.pos;

+ return ZIP_COMPRESSION_END;

+ }

+ }

+ else {

+ ret = ZSTD_compressStream(ctx->zcstream, &ctx->out, &ctx->in);

+ }

+ }

+ else {

+ ret = ZSTD_decompressStream(ctx->zdstream, &ctx->out, &ctx->in);

+ }

+ if (ZSTD_isError(ret)) {

+ zip_error_set(ctx->error, map_error(ret), 0);

+ return ZIP_COMPRESSION_ERROR;

+ }

+

+ *length = ctx->out.pos;

+ if (ctx->in.pos == ctx->in.size) {

+ return ZIP_COMPRESSION_NEED_DATA;

+ }

+

+ return ZIP_COMPRESSION_OK;

+}

+

+/* Version Required should be set to 63 (6.3) because this compression

+ method was only defined in appnote.txt version 6.3.7, but Winzip

+ does not unpack it if the value is not 20. */

+

+/* clang-format off */

+

+zip_compression_algorithm_t zip_algorithm_zstd_compress = {

+ maximum_compressed_size,

+ compress_allocate,

+ deallocate,

+ general_purpose_bit_flags,

+ 20,

+ start,

+ end,

+ input,

+ end_of_input,

+ process

+};

+

+

+zip_compression_algorithm_t zip_algorithm_zstd_decompress = {

+ maximum_compressed_size,

+ decompress_allocate,

+ deallocate,

+ general_purpose_bit_flags,

+ 20,

+ start,

+ end,

+ input,

+ end_of_input,

+ process

+};

+

+/* clang-format on */

+ Copyright (C) 2014-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+ return;

+ free(buffer->data);

+ buffer->offset += length;

+ return 0;

+ return 0;

+ return 0;

+ return 0;

+ zip_uint64_t copied;

+

+ length = _zip_buffer_left(buffer);

+ copied = 0;

+ while (copied < length) {

+ size_t n = ZIP_MIN(length - copied, SIZE_MAX);

+ (void)memcpy_s(data + copied, n, _zip_buffer_get(buffer, n), n);

+ copied += n;

+ }

+ return copied;

+#if ZIP_UINT64_MAX > SIZE_MAX

+ if (size > SIZE_MAX) {

+ return NULL;

+ }

+#endif

+

+ if ((data = (zip_uint8_t *)malloc((size_t)size)) == NULL) {

+ return NULL;

+ }

+ if (free_data) {

+ free(data);

+ }

+ return NULL;

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ _zip_buffer_free(buffer);

+ return NULL;

+ buffer->ok = false;

+ return NULL;

+ return -1;

+ (void)memcpy_s(dst, length, src, length);

+ return -1;

+ return -1;

+ return -1;

+ return -1;

+ buffer->ok = false;

+ return -1;

+ buffer->ok = false;

+ return -1;

+ Copyright (C) 1999-2022 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+static int add_data(zip_t *, zip_source_t *, zip_dirent_t *, zip_uint32_t);

+static int torrentzip_compare_names(const void *a, const void *b);

+static int write_data_descriptor(zip_t *za, const zip_dirent_t *dirent, int is_zip64);

+ return -1;

+ if (survivors == 0 && !(za->ch_flags & ZIP_AFL_CREATE_OR_KEEP_FILE_FOR_EMPTY_ARCHIVE)) {

+ /* don't create zip files with no entries */

+ if ((za->open_flags & ZIP_TRUNCATE) || changed) {

+ if (zip_source_remove(za->src) < 0) {

+ if (!((zip_error_code_zip(zip_source_error(za->src)) == ZIP_ER_REMOVE) && (zip_error_code_system(zip_source_error(za->src)) == ENOENT))) {

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ }

+ }

+ }

+ zip_discard(za);

+ return 0;

+ /* Always write empty archive if we are told to keep it, otherwise it wouldn't be created if the file doesn't already exist. */

+ if (!changed && survivors > 0) {

+ zip_discard(za);

+ return 0;

+ zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);

+ return -1;

+ return -1;

+ if (za->entry[i].orig != NULL && ZIP_ENTRY_HAS_CHANGES(&za->entry[i])) {

+ unchanged_offset = ZIP_MIN(unchanged_offset, za->entry[i].orig->offset);

+ }

+ if (za->entry[i].deleted) {

+ continue;

+ }

+

+ if (j >= survivors) {

+ free(filelist);

+ zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);

+ return -1;

+ }

+

+ filelist[j].idx = i;

+ filelist[j].name = zip_get_name(za, i, 0);

+ j++;

+ free(filelist);

+ zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);

+ return -1;

+ }

+

+ if (ZIP_WANT_TORRENTZIP(za)) {

+ qsort(filelist, (size_t)survivors, sizeof(filelist[0]), torrentzip_compare_names);

+ if (ZIP_WANT_TORRENTZIP(za) || (zip_source_supports(za->src) & ZIP_SOURCE_MAKE_COMMAND_BITMASK(ZIP_SOURCE_BEGIN_WRITE_CLONING)) == 0) {

+ unchanged_offset = 0;

+ if (unchanged_offset == ZIP_UINT64_MAX) {

+ /* we're keeping all file data, find the end of the last one */

+ zip_uint64_t last_index = ZIP_UINT64_MAX;

+ unchanged_offset = 0;

+

+ for (i = 0; i < za->nentry; i++) {

+ if (za->entry[i].orig != NULL) {

+ if (za->entry[i].orig->offset >= unchanged_offset) {

+ unchanged_offset = za->entry[i].orig->offset;

+ last_index = i;

+ }

+ }

+ }

+ if (last_index != ZIP_UINT64_MAX) {

+ if ((unchanged_offset = _zip_file_get_end(za, last_index, &za->error)) == 0) {

+ free(filelist);

+ return -1;

+ }

+ }

+ }

+ if (unchanged_offset > 0) {

+ if (zip_source_begin_write_cloning(za->src, unchanged_offset) < 0) {

+ /* cloning not supported, need to copy everything */

+ unchanged_offset = 0;

+ }

+ }

+ if (zip_source_begin_write(za->src) < 0) {

+ zip_error_set_from_source(&za->error, za->src);

+ free(filelist);

+ return -1;

+ }

+ if (_zip_progress_start(za->progress) != 0) {

+ zip_error_set(&za->error, ZIP_ER_CANCELLED, 0);

+ zip_source_rollback_write(za->src);

+ free(filelist);

+ return -1;

+ }

+ int new_data;

+ zip_entry_t *entry;

+ zip_dirent_t *de;

+

+ if (_zip_progress_subrange(za->progress, (double)j / (double)survivors, (double)(j + 1) / (double)survivors) != 0) {

+ zip_error_set(&za->error, ZIP_ER_CANCELLED, 0);

+ error = 1;

+ break;

+ }

+

+ i = filelist[j].idx;

+ entry = za->entry + i;

+

+ if (entry->orig != NULL && entry->orig->offset < unchanged_offset) {

+ /* already implicitly copied by cloning */

+ continue;

+ }

+

+ new_data = (ZIP_ENTRY_DATA_CHANGED(entry) || ZIP_ENTRY_CHANGED(entry, ZIP_DIRENT_COMP_METHOD) || ZIP_ENTRY_CHANGED(entry, ZIP_DIRENT_ENCRYPTION_METHOD)) || (ZIP_WANT_TORRENTZIP(za) && !ZIP_IS_TORRENTZIP(za));

+

+ /* create new local directory entry */

+ if (entry->changes == NULL) {

+ if ((entry->changes = _zip_dirent_clone(entry->orig)) == NULL) {

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ error = 1;

+ break;

+ }

+ }

+ de = entry->changes;

+

+ if (_zip_read_local_ef(za, i) < 0) {

+ error = 1;

+ break;

+ }

+

+ if (ZIP_WANT_TORRENTZIP(za)) {

+ zip_dirent_torrentzip_normalize(entry->changes);

+ }

+

+ if ((off = zip_source_tell_write(za->src)) < 0) {

+ zip_error_set_from_source(&za->error, za->src);

+ error = 1;

+ break;

+ }

+ de->offset = (zip_uint64_t)off;

+

+ if (new_data) {

+ zip_source_t *zs;

+

+ zs = NULL;

+ if (!ZIP_ENTRY_DATA_CHANGED(entry)) {

+ if ((zs = zip_source_zip_file_create(za, i, ZIP_FL_UNCHANGED, 0, -1, NULL, &za->error)) == NULL) {

+ error = 1;

+ break;

+ }

+ }

+

+ /* add_data writes dirent */

+ if (add_data(za, zs ? zs : entry->source, de, entry->changes ? entry->changes->changed : 0) < 0) {

+ error = 1;

+ if (zs)

+ zip_source_free(zs);

+ break;

+ }

+ if (zs)

+ zip_source_free(zs);

+ }

+ else {

+ zip_uint64_t offset;

+

+ if (de->encryption_method != ZIP_EM_TRAD_PKWARE) {

+ /* when copying data, all sizes are known -> no data descriptor needed */

+ /* except for PKWare encryption, where removing the data descriptor breaks password validation */

+ de->bitflags &= (zip_uint16_t)~ZIP_GPBF_DATA_DESCRIPTOR;

+ }

+ if (_zip_dirent_write(za, de, ZIP_FL_LOCAL) < 0) {

+ error = 1;

+ break;

+ }

+ if ((offset = _zip_file_get_offset(za, i, &za->error)) == 0) {

+ error = 1;

+ break;

+ }

+ if (zip_source_seek(za->src, (zip_int64_t)offset, SEEK_SET) < 0) {

+ zip_error_set_from_source(&za->error, za->src);

+ error = 1;

+ break;

+ }

+ if (copy_data(za, de->comp_size) < 0) {

+ error = 1;

+ break;

+ }

+

+ if (de->bitflags & ZIP_GPBF_DATA_DESCRIPTOR) {

+ if (write_data_descriptor(za, de, _zip_dirent_needs_zip64(de, 0)) < 0) {

+ error = 1;

+ break;

+ }

+ }

+ }

+ if (write_cdir(za, filelist, survivors) < 0)

+ error = 1;

+ if (zip_source_commit_write(za->src) != 0) {

+ zip_error_set_from_source(&za->error, za->src);

+ error = 1;

+ }

+ _zip_progress_end(za->progress);

+ zip_source_rollback_write(za->src);

+ return -1;

+add_data(zip_t *za, zip_source_t *src, zip_dirent_t *de, zip_uint32_t changed) {

+ zip_stat_t st;

+ zip_file_attributes_t attributes;

+ zip_error_set_from_source(&za->error, src);

+ return -1;

+ st.valid |= ZIP_STAT_COMP_METHOD;

+ st.comp_method = ZIP_CM_STORE;

+ de->comp_method = st.comp_method;

+ st.valid |= ZIP_STAT_COMP_SIZE;

+ st.comp_size = st.size;

+ /* we'll recompress */

+ st.valid &= ~ZIP_STAT_COMP_SIZE;

+ st.valid |= ZIP_STAT_ENCRYPTION_METHOD;

+ st.encryption_method = ZIP_EM_NONE;

+ /* TODO: not valid for torrentzip */

+ flags |= ZIP_FL_FORCE_ZIP64;

+ data_length = -1;

+ de->uncomp_size = st.size;

+ /* this is technically incorrect (copy_source counts compressed data), but it's the best we have */

+ data_length = (zip_int64_t)st.size;

+

+ if ((st.valid & ZIP_STAT_COMP_SIZE) == 0) {

+ zip_uint64_t max_compressed_size;

+ zip_uint16_t compression_method = ZIP_CM_ACTUAL(de->comp_method);

+

+ if (compression_method == ZIP_CM_STORE) {

+ max_compressed_size = st.size;

+ }

+ else {

+ zip_compression_algorithm_t *algorithm = _zip_get_compression_algorithm(compression_method, true);

+ if (algorithm == NULL) {

+ max_compressed_size = ZIP_UINT64_MAX;

+ }

+ else {

+ max_compressed_size = algorithm->maximum_compressed_size(st.size);

+ }

+ }

+

+ if (max_compressed_size > 0xffffffffu) {

+ /* TODO: not valid for torrentzip */

+ flags |= ZIP_FL_FORCE_ZIP64;

+ }

+ }

+ else {

+ de->comp_size = st.comp_size;

+ data_length = (zip_int64_t)st.comp_size;

+ }

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ return -1;

+ needs_recompress = ZIP_WANT_TORRENTZIP(za) || st.comp_method != ZIP_CM_ACTUAL(de->comp_method);

+ /* in these cases we can compute the CRC ourselves, so we do */

+ if (!needs_decrypt && st.encryption_method == ZIP_EM_TRAD_PKWARE && (de->changed & ZIP_DIRENT_LAST_MOD)) {

+ /* PKWare encryption uses the last modification time for password verification, therefore we can't change it without re-encrypting. Ignoring the requested modification time change seems more sensible than failing to close the archive. */

+ de->changed &= ~ZIP_DIRENT_LAST_MOD;

+ }

+

+ zip_encryption_implementation impl;

+ if ((impl = _zip_get_encryption_implementation(st.encryption_method, ZIP_CODEC_DECODE)) == NULL) {

+ zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0);

+ zip_source_free(src_final);

+ return -1;

+ }

+ if ((src_tmp = impl(za, src_final, st.encryption_method, ZIP_CODEC_DECODE, za->default_password)) == NULL) {

+ /* error set by impl */

+ zip_source_free(src_final);

+ return -1;

+ }

+ src_final = src_tmp;

+ if ((src_tmp = zip_source_decompress(za, src_final, st.comp_method)) == NULL) {

+ zip_source_free(src_final);

+ return -1;

+ }

+ src_final = src_tmp;

+ if ((src_tmp = zip_source_crc_create(src_final, 0, &za->error)) == NULL) {

+ zip_source_free(src_final);

+ return -1;

+ }

+ src_final = src_tmp;

+ if ((src_tmp = zip_source_compress(za, src_final, de->comp_method, de->compression_level)) == NULL) {

+ zip_source_free(src_final);

+ return -1;

+ }

+ src_final = src_tmp;

+ zip_encryption_implementation impl;

+ const char *password = NULL;

+

+ if (de->password) {

+ password = de->password;

+ }

+ else if (za->default_password) {

+ password = za->default_password;

+ }

+

+ if ((impl = _zip_get_encryption_implementation(de->encryption_method, ZIP_CODEC_ENCODE)) == NULL) {

+ zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0);

+ zip_source_free(src_final);

+ return -1;

+ }

+

+ if (de->encryption_method == ZIP_EM_TRAD_PKWARE) {

+ de->bitflags |= ZIP_GPBF_DATA_DESCRIPTOR;

+

+ /* PKWare encryption uses last_mod, make sure it gets the right value. */

+ if (de->changed & ZIP_DIRENT_LAST_MOD) {

+ zip_stat_t st_mtime;

+ zip_stat_init(&st_mtime);

+ st_mtime.valid = ZIP_STAT_MTIME;

+ st_mtime.mtime = de->last_mod;

+ if ((src_tmp = _zip_source_window_new(src_final, 0, -1, &st_mtime, 0, NULL, NULL, 0, true, &za->error)) == NULL) {

+ zip_source_free(src_final);

+ return -1;

+ }

+ src_final = src_tmp;

+ }

+ }

+

+ if ((src_tmp = impl(za, src_final, de->encryption_method, ZIP_CODEC_ENCODE, password)) == NULL) {

+ /* error set by impl */

+ zip_source_free(src_final);

+ return -1;

+ }

+

+ src_final = src_tmp;

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ zip_error_set_from_source(&za->error, src_final);

+ ret = -1;

+ if (zip_source_get_file_attributes(src_final, &attributes) != 0) {

+ zip_error_set_from_source(&za->error, src_final);

+ ret = -1;

+ return -1;

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);

+ return -1;

+ if (st.valid & ZIP_STAT_MTIME)

+ de->last_mod = st.mtime;

+ else

+ time(&de->last_mod);

+ _zip_dirent_apply_attributes(de, &attributes, (flags & ZIP_FL_FORCE_ZIP64) != 0, changed);

+

+ if (ZIP_WANT_TORRENTZIP(za)) {

+ zip_dirent_torrentzip_normalize(de);

+ }

+ return -1;

+ /* Zip64 mismatch between preliminary file header written before data and final file header written afterwards */

+ zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);

+ return -1;

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ }

+

+ if (de->bitflags & ZIP_GPBF_DATA_DESCRIPTOR) {

+ if (write_data_descriptor(za, de, is_zip64) < 0) {

+ return -1;

+ }

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ return -1;

+ zip_uint64_t n = ZIP_MIN(len, BUFSIZE);

+ if (_zip_read(za->src, buf, n, &za->error) < 0) {

+ byte_array_fini(buf);

+ return -1;

+ }

+ if (_zip_write(za, buf, n) < 0) {

+ byte_array_fini(buf);

+ return -1;

+ }

+ len -= n;

+

+ if (_zip_progress_update(za->progress, (total - (double)len) / total) != 0) {

+ zip_error_set(&za->error, ZIP_ER_CANCELLED, 0);

+ return -1;

+ }

+ zip_error_set_from_source(&za->error, src);

+ return -1;

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ return -1;

+ if (_zip_write(za, buf, (zip_uint64_t)n) < 0) {

+ ret = -1;

+ break;

+ }

+ if (n == BUFSIZE && za->progress && data_length > 0) {

+ current += n;

+ if (_zip_progress_update(za->progress, (double)current / (double)data_length) != 0) {

+ zip_error_set(&za->error, ZIP_ER_CANCELLED, 0);

+ ret = -1;

+ break;

+ }

+ }

+ zip_error_set_from_source(&za->error, src);

+ ret = -1;

+ if (zip_source_tell_write(za->src) < 0) {

+ return -1;

+ if (_zip_cdir_write(za, filelist, survivors) < 0) {

+ return -1;

+ if (zip_source_tell_write(za->src) < 0) {

+ return -1;

+ if (za->comment_changed || (ZIP_WANT_TORRENTZIP(za) && !ZIP_IS_TORRENTZIP(za))) {

+ changed = 1;

+ if (ZIP_ENTRY_HAS_CHANGES(&za->entry[i])) {

+ changed = 1;

+ }

+ if (!za->entry[i].deleted) {

+ survivors++;

+ }

+ *survivorsp = survivors;

+

+static int

+write_data_descriptor(zip_t *za, const zip_dirent_t *de, int is_zip64) {

+ zip_buffer_t *buffer = _zip_buffer_new(NULL, MAX_DATA_DESCRIPTOR_LENGTH);

+ int ret = 0;

+

+ if (buffer == NULL) {

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ return -1;

+ }

+

+ _zip_buffer_put(buffer, DATADES_MAGIC, 4);

+ _zip_buffer_put_32(buffer, de->crc);

+ if (is_zip64) {

+ _zip_buffer_put_64(buffer, de->comp_size);

+ _zip_buffer_put_64(buffer, de->uncomp_size);

+ }

+ else {

+ _zip_buffer_put_32(buffer, (zip_uint32_t)de->comp_size);

+ _zip_buffer_put_32(buffer, (zip_uint32_t)de->uncomp_size);

+ }

+

+ if (!_zip_buffer_ok(buffer)) {

+ zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);

+ ret = -1;

+ }

+ else {

+ ret = _zip_write(za, _zip_buffer_data(buffer), _zip_buffer_offset(buffer));

+ }

+

+ _zip_buffer_free(buffer);

+

+ return ret;

+}

+

+

+static int torrentzip_compare_names(const void *a, const void *b) {

+ const char *aname = ((const zip_filelist_t *)a)->name;

+ const char *bname = ((const zip_filelist_t *)b)->name;

+

+ if (aname == NULL) {

+ return (bname != NULL) * -1;

+ }

+ else if (bname == NULL) {

+ return 1;

+ }

+

+ return strcasecmp(aname, bname);

+} \ No newline at end of file

+/*

+ zip_crypto.h -- crypto definitions

+ Copyright (C) 2017-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#ifndef HAD_ZIP_CRYPTO_H

+#define HAD_ZIP_CRYPTO_H

+

+#define ZIP_CRYPTO_SHA1_LENGTH 20

+#define ZIP_CRYPTO_AES_BLOCK_LENGTH 16

+

+#if defined(HAVE_WINDOWS_CRYPTO)

+#include "zip_crypto_win.h"

+#elif defined(HAVE_COMMONCRYPTO)

+#include "zip_crypto_commoncrypto.h"

+#elif defined(HAVE_GNUTLS)

+#include "zip_crypto_gnutls.h"

+#elif defined(HAVE_OPENSSL)

+#include "zip_crypto_openssl.h"

+#elif defined(HAVE_MBEDTLS)

+#include "zip_crypto_mbedtls.h"

+#else

+#error "no crypto backend found"

+#endif

+

+#endif /* HAD_ZIP_CRYPTO_H */

+/*

+ zip_crypto_commoncrypto.c -- CommonCrypto wrapper.

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#include <stdlib.h>

+

+#include "zipint.h"

+

+#include "zip_crypto.h"

+

+#include <fcntl.h>

+#include <unistd.h>

+

+void

+_zip_crypto_aes_free(_zip_crypto_aes_t *aes) {

+ if (aes == NULL) {

+ return;

+ }

+

+ CCCryptorRelease(aes);

+}

+

+

+bool

+_zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) {

+ size_t len;

+ CCCryptorUpdate(aes, in, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, ZIP_CRYPTO_AES_BLOCK_LENGTH, &len);

+ return true;

+}

+

+

+_zip_crypto_aes_t *

+_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) {

+ _zip_crypto_aes_t *aes;

+ CCCryptorStatus ret;

+

+ ret = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionECBMode, key, key_size / 8, NULL, &aes);

+

+ switch (ret) {

+ case kCCSuccess:

+ return aes;

+

+ case kCCMemoryFailure:

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+

+ case kCCParamError:

+ zip_error_set(error, ZIP_ER_INVAL, 0);

+ return NULL;

+

+ default:

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+ return NULL;

+ }

+}

+

+

+void

+_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) {

+ if (hmac == NULL) {

+ return;

+ }

+

+ _zip_crypto_clear(hmac, sizeof(*hmac));

+ free(hmac);

+}

+

+

+_zip_crypto_hmac_t *

+_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) {

+ _zip_crypto_hmac_t *hmac;

+

+ if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ CCHmacInit(hmac, kCCHmacAlgSHA1, secret, secret_length);

+

+ return hmac;

+}

+/*

+ zip_crypto_commoncrypto.h -- definitions for CommonCrypto wrapper.

+ Copyright (C) 2018 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#ifndef HAD_ZIP_CRYPTO_COMMONCRYPTO_H

+#define HAD_ZIP_CRYPTO_COMMONCRYPTO_H

+

+#include <CommonCrypto/CommonCrypto.h>

+

+#define _zip_crypto_aes_t struct _CCCryptor

+#define _zip_crypto_hmac_t CCHmacContext

+

+void _zip_crypto_aes_free(_zip_crypto_aes_t *aes);

+bool _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out);

+_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error);

+

+#define _zip_crypto_hmac(hmac, data, length) (CCHmacUpdate((hmac), (data), (length)), true)

+void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac);

+_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error);

+#define _zip_crypto_hmac_output(hmac, data) (CCHmacFinal((hmac), (data)), true)

+

+#define _zip_crypto_pbkdf2(key, key_length, salt, salt_length, iterations, output, output_length) (CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)(key), (key_length), (salt), (salt_length), kCCPRFHmacAlgSHA1, (iterations), (output), (output_length)) == kCCSuccess)

+

+#endif /* HAD_ZIP_CRYPTO_COMMONCRYPTO_H */

+/*

+ zip_crypto_gnutls.c -- GnuTLS wrapper.

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#include <stdlib.h>

+

+#include "zipint.h"

+

+#include "zip_crypto.h"

+

+_zip_crypto_aes_t *

+_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) {

+ _zip_crypto_aes_t *aes;

+

+ if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ aes->key_size = key_size;

+

+ switch (aes->key_size) {

+ case 128:

+ nettle_aes128_set_encrypt_key(&aes->ctx.ctx_128, key);

+ break;

+ case 192:

+ nettle_aes192_set_encrypt_key(&aes->ctx.ctx_192, key);

+ break;

+ case 256:

+ nettle_aes256_set_encrypt_key(&aes->ctx.ctx_256, key);

+ break;

+ default:

+ zip_error_set(error, ZIP_ER_INVAL, 0);

+ free(aes);

+ return NULL;

+ }

+

+ return aes;

+}

+

+bool

+_zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) {

+ switch (aes->key_size) {

+ case 128:

+ nettle_aes128_encrypt(&aes->ctx.ctx_128, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in);

+ break;

+ case 192:

+ nettle_aes192_encrypt(&aes->ctx.ctx_192, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in);

+ break;

+ case 256:

+ nettle_aes256_encrypt(&aes->ctx.ctx_256, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in);

+ break;

+ }

+

+ return true;

+}

+

+void

+_zip_crypto_aes_free(_zip_crypto_aes_t *aes) {

+ if (aes == NULL) {

+ return;

+ }

+

+ _zip_crypto_clear(aes, sizeof(*aes));

+ free(aes);

+}

+

+

+_zip_crypto_hmac_t *

+_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) {

+ _zip_crypto_hmac_t *hmac;

+

+ if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ if (gnutls_hmac_init(hmac, GNUTLS_MAC_SHA1, secret, secret_length) < 0) {

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+ free(hmac);

+ return NULL;

+ }

+

+ return hmac;

+}

+

+

+void

+_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) {

+ zip_uint8_t buf[ZIP_CRYPTO_SHA1_LENGTH];

+

+ if (hmac == NULL) {

+ return;

+ }

+

+ gnutls_hmac_deinit(*hmac, buf);

+ _zip_crypto_clear(hmac, sizeof(*hmac));

+ free(hmac);

+}

+

+

+ZIP_EXTERN bool

+zip_secure_random(zip_uint8_t *buffer, zip_uint16_t length) {

+ return gnutls_rnd(GNUTLS_RND_KEY, buffer, length) == 0;

+}

+/*

+ zip_crypto_gnutls.h -- definitions for GnuTLS wrapper.

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#ifndef HAD_ZIP_CRYPTO_GNUTLS_H

+#define HAD_ZIP_CRYPTO_GNUTLS_H

+

+#define HAVE_SECURE_RANDOM

+

+#include <nettle/aes.h>

+#include <nettle/pbkdf2.h>

+

+#include <gnutls/gnutls.h>

+

+#include <gnutls/crypto.h>

+

+typedef struct {

+ union {

+ struct aes128_ctx ctx_128;

+ struct aes192_ctx ctx_192;

+ struct aes256_ctx ctx_256;

+ } ctx;

+ zip_uint16_t key_size;

+} _zip_crypto_aes_t;

+

+#define _zip_crypto_hmac_t gnutls_hmac_hd_t

+

+void _zip_crypto_aes_free(_zip_crypto_aes_t *aes);

+bool _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out);

+_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error);

+

+#define _zip_crypto_hmac(hmac, data, length) (gnutls_hmac(*(hmac), (data), (length)) == 0)

+void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac);

+_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error);

+#define _zip_crypto_hmac_output(hmac, data) (gnutls_hmac_output(*(hmac), (data)), true)

+

+#define _zip_crypto_pbkdf2(key, key_length, salt, salt_length, iterations, output, output_length) (pbkdf2_hmac_sha1((key_length), (key), (iterations), (salt_length), (salt), (output_length), (output)), true)

+

+#endif /* HAD_ZIP_CRYPTO_GNUTLS_H */

+/*

+ zip_crypto_mbedtls.c -- mbed TLS wrapper

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#include <stdlib.h>

+

+#include "zipint.h"

+

+#include "zip_crypto.h"

+

+#include <mbedtls/ctr_drbg.h>

+#include <mbedtls/entropy.h>

+#include <mbedtls/pkcs5.h>

+

+#include <limits.h>

+

+_zip_crypto_aes_t *

+_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) {

+ _zip_crypto_aes_t *aes;

+

+ if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ mbedtls_aes_init(aes);

+ mbedtls_aes_setkey_enc(aes, (const unsigned char *)key, (unsigned int)key_size);

+

+ return aes;

+}

+

+void

+_zip_crypto_aes_free(_zip_crypto_aes_t *aes) {

+ if (aes == NULL) {

+ return;

+ }

+

+ mbedtls_aes_free(aes);

+ free(aes);

+}

+

+

+_zip_crypto_hmac_t *

+_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) {

+ _zip_crypto_hmac_t *hmac;

+

+ if (secret_length > INT_MAX) {

+ zip_error_set(error, ZIP_ER_INVAL, 0);

+ return NULL;

+ }

+

+ if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ mbedtls_md_init(hmac);

+

+ if (mbedtls_md_setup(hmac, mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), 1) != 0) {

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+ free(hmac);

+ return NULL;

+ }

+

+ if (mbedtls_md_hmac_starts(hmac, (const unsigned char *)secret, (size_t)secret_length) != 0) {

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+ free(hmac);

+ return NULL;

+ }

+

+ return hmac;

+}

+

+

+void

+_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) {

+ if (hmac == NULL) {

+ return;

+ }

+

+ mbedtls_md_free(hmac);

+ free(hmac);

+}

+

+

+bool

+_zip_crypto_pbkdf2(const zip_uint8_t *key, zip_uint64_t key_length, const zip_uint8_t *salt, zip_uint16_t salt_length, int iterations, zip_uint8_t *output, zip_uint64_t output_length) {

+ mbedtls_md_context_t sha1_ctx;

+ bool ok = true;

+

+#if MBEDTLS_VERSION_NUMBER < 0x03030000

+

+ mbedtls_md_init(&sha1_ctx);

+

+ if (mbedtls_md_setup(&sha1_ctx, mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), 1) != 0) {

+ ok = false;

+ }

+

+ if (ok && mbedtls_pkcs5_pbkdf2_hmac(&sha1_ctx, (const unsigned char *)key, (size_t)key_length, (const unsigned char *)salt, (size_t)salt_length, (unsigned int)iterations, (uint32_t)output_length, (unsigned char *)output) != 0) {

+ ok = false;

+ }

+

+ mbedtls_md_free(&sha1_ctx);

+

+#else

+

+ ok = mbedtls_pkcs5_pbkdf2_hmac_ext(MBEDTLS_MD_SHA1, (const unsigned char *)key, (size_t)key_length, (const unsigned char *)salt, (size_t)salt_length, (unsigned int)iterations, (uint32_t)output_length, (unsigned char *)output) == 0;

+

+#endif // !defined(MBEDTLS_DEPRECATED_REMOVED) || MBEDTLS_VERSION_NUMBER < 0x03030000

+

+ return ok;

+}

+

+

+typedef struct {

+ mbedtls_entropy_context entropy;

+ mbedtls_ctr_drbg_context ctr_drbg;

+} zip_random_context_t;

+

+ZIP_EXTERN bool

+zip_secure_random(zip_uint8_t *buffer, zip_uint16_t length) {

+ static zip_random_context_t *ctx = NULL;

+ const unsigned char *pers = "zip_crypto_mbedtls";

+

+ if (!ctx) {

+ ctx = (zip_random_context_t *)malloc(sizeof(zip_random_context_t));

+ if (!ctx) {

+ return false;

+ }

+ mbedtls_entropy_init(&ctx->entropy);

+ mbedtls_ctr_drbg_init(&ctx->ctr_drbg);

+ if (mbedtls_ctr_drbg_seed(&ctx->ctr_drbg, mbedtls_entropy_func, &ctx->entropy, pers, strlen(pers)) != 0) {

+ mbedtls_ctr_drbg_free(&ctx->ctr_drbg);

+ mbedtls_entropy_free(&ctx->entropy);

+ free(ctx);

+ ctx = NULL;

+ return false;

+ }

+ }

+

+ return mbedtls_ctr_drbg_random(&ctx->ctr_drbg, (unsigned char *)buffer, (size_t)length) == 0;

+}

+/*

+ zip_crypto_mbedtls.h -- definitions for mbedtls wrapper

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#ifndef HAD_ZIP_CRYPTO_MBEDTLS_H

+#define HAD_ZIP_CRYPTO_MBEDTLS_H

+

+#define HAVE_SECURE_RANDOM

+

+#include <mbedtls/aes.h>

+#include <mbedtls/md.h>

+

+#define _zip_crypto_aes_t mbedtls_aes_context

+#define _zip_crypto_hmac_t mbedtls_md_context_t

+

+_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error);

+#define _zip_crypto_aes_encrypt_block(aes, in, out) (mbedtls_aes_crypt_ecb((aes), MBEDTLS_AES_ENCRYPT, (in), (out)) == 0)

+void _zip_crypto_aes_free(_zip_crypto_aes_t *aes);

+

+_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error);

+#define _zip_crypto_hmac(hmac, data, length) (mbedtls_md_hmac_update((hmac), (data), (length)) == 0)

+#define _zip_crypto_hmac_output(hmac, data) (mbedtls_md_hmac_finish((hmac), (data)) == 0)

+void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac);

+

+bool _zip_crypto_pbkdf2(const zip_uint8_t *key, zip_uint64_t key_length, const zip_uint8_t *salt, zip_uint16_t salt_length, int iterations, zip_uint8_t *output, zip_uint64_t output_length);

+

+#endif /* HAD_ZIP_CRYPTO_MBEDTLS_H */

+/*

+ zip_crypto_openssl.c -- OpenSSL wrapper.

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#include <stdlib.h>

+

+#include "zipint.h"

+

+#include "zip_crypto.h"

+

+#include <limits.h>

+#include <openssl/rand.h>

+

+#ifdef USE_OPENSSL_3_API

+static _zip_crypto_hmac_t* hmac_new() {

+ _zip_crypto_hmac_t *hmac = (_zip_crypto_hmac_t*)malloc(sizeof(*hmac));

+ if (hmac != NULL) {

+ hmac->mac = NULL;

+ hmac->ctx = NULL;

+ }

+ return hmac;

+}

+static void hmac_free(_zip_crypto_hmac_t* hmac) {

+ if (hmac != NULL) {

+ if (hmac->ctx != NULL) {

+ EVP_MAC_CTX_free(hmac->ctx);

+ }

+ if (hmac->mac != NULL) {

+ EVP_MAC_free(hmac->mac);

+ }

+ free(hmac);

+ }

+}

+#endif

+

+_zip_crypto_aes_t *

+_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) {

+ _zip_crypto_aes_t *aes;

+ const EVP_CIPHER* cipher_type;

+

+ switch (key_size) {

+ case 128:

+ cipher_type = EVP_aes_128_ecb();

+ break;

+ case 192:

+ cipher_type = EVP_aes_192_ecb();

+ break;

+ case 256:

+ cipher_type = EVP_aes_256_ecb();

+ break;

+ default:

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+ return NULL;

+ }

+

+#ifdef USE_OPENSSL_1_0_API

+ if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+ memset(aes, 0, sizeof(*aes));

+#else

+ if ((aes = EVP_CIPHER_CTX_new()) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+#endif

+

+ if (EVP_EncryptInit_ex(aes, cipher_type, NULL, key, NULL) != 1) {

+#ifdef USE_OPENSSL_1_0_API

+ free(aes);

+#else

+ EVP_CIPHER_CTX_free(aes);

+#endif

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+ return NULL;

+ }

+

+ return aes;

+}

+

+void

+_zip_crypto_aes_free(_zip_crypto_aes_t *aes) {

+ if (aes == NULL) {

+ return;

+ }

+

+#ifdef USE_OPENSSL_1_0_API

+ EVP_CIPHER_CTX_cleanup(aes);

+ _zip_crypto_clear(aes, sizeof(*aes));

+ free(aes);

+#else

+ EVP_CIPHER_CTX_free(aes);

+#endif

+}

+

+

+bool

+_zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) {

+ int len;

+ if (EVP_EncryptUpdate(aes, out, &len, in, ZIP_CRYPTO_AES_BLOCK_LENGTH) != 1) {

+ return false;

+ }

+ return true;

+}

+

+

+_zip_crypto_hmac_t *

+_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) {

+ _zip_crypto_hmac_t *hmac;

+

+ if (secret_length > INT_MAX) {

+ zip_error_set(error, ZIP_ER_INVAL, 0);

+ return NULL;

+ }

+

+#ifdef USE_OPENSSL_3_API

+ if ((hmac = hmac_new()) == NULL

+ || (hmac->mac = EVP_MAC_fetch(NULL, "HMAC", "provider=default")) == NULL

+ || (hmac->ctx = EVP_MAC_CTX_new(hmac->mac)) == NULL) {

+ hmac_free(hmac);

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ {

+ OSSL_PARAM params[2];

+ params[0] = OSSL_PARAM_construct_utf8_string("digest", "SHA1", 0);

+ params[1] = OSSL_PARAM_construct_end();

+

+ if (!EVP_MAC_init(hmac->ctx, (const unsigned char *)secret, secret_length, params)) {

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+ hmac_free(hmac);

+ return NULL;

+ }

+ }

+#else

+#ifdef USE_OPENSSL_1_0_API

+ if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ HMAC_CTX_init(hmac);

+#else

+ if ((hmac = HMAC_CTX_new()) == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+#endif

+

+ if (HMAC_Init_ex(hmac, secret, (int)secret_length, EVP_sha1(), NULL) != 1) {

+ zip_error_set(error, ZIP_ER_INTERNAL, 0);

+#ifdef USE_OPENSSL_1_0_API

+ free(hmac);

+#else

+ HMAC_CTX_free(hmac);

+#endif

+ return NULL;

+ }

+#endif

+

+ return hmac;

+}

+

+

+void

+_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) {

+ if (hmac == NULL) {

+ return;

+ }

+

+#if defined(USE_OPENSSL_3_API)

+ hmac_free(hmac);

+#elif defined(USE_OPENSSL_1_0_API)

+ HMAC_CTX_cleanup(hmac);

+ _zip_crypto_clear(hmac, sizeof(*hmac));

+ free(hmac);

+#else

+ HMAC_CTX_free(hmac);

+#endif

+}

+

+

+bool

+_zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data) {

+#ifdef USE_OPENSSL_3_API

+ size_t length;

+ return EVP_MAC_final(hmac->ctx, data, &length, ZIP_CRYPTO_SHA1_LENGTH) == 1 && length == ZIP_CRYPTO_SHA1_LENGTH;

+#else

+ unsigned int length;

+ return HMAC_Final(hmac, data, &length) == 1;

+#endif

+}

+

+

+ZIP_EXTERN bool

+zip_secure_random(zip_uint8_t *buffer, zip_uint16_t length) {

+ return RAND_bytes(buffer, length) == 1;

+}

+/*

+ zip_crypto_openssl.h -- definitions for OpenSSL wrapper.

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#ifndef HAD_ZIP_CRYPTO_OPENSSL_H

+#define HAD_ZIP_CRYPTO_OPENSSL_H

+

+#define HAVE_SECURE_RANDOM

+

+#include <openssl/evp.h>

+#include <openssl/hmac.h>

+

+#if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x02070000fL)

+#define USE_OPENSSL_1_0_API

+#elif OPENSSL_VERSION_NUMBER < 0x3000000fL

+#define USE_OPENSSL_1_1_API

+#else

+#define USE_OPENSSL_3_API

+#endif

+

+#define _zip_crypto_aes_t EVP_CIPHER_CTX

+#ifdef USE_OPENSSL_3_API

+struct _zip_crypto_hmac_t {

+ EVP_MAC *mac;

+ EVP_MAC_CTX *ctx;

+};

+typedef struct _zip_crypto_hmac_t _zip_crypto_hmac_t;

+#define _zip_crypto_hmac(hmac, data, length) (EVP_MAC_update((hmac->ctx), (data), (length)) == 1)

+#else

+#define _zip_crypto_hmac_t HMAC_CTX

+#define _zip_crypto_hmac(hmac, data, length) (HMAC_Update((hmac), (data), (length)) == 1)

+#endif

+

+void _zip_crypto_aes_free(_zip_crypto_aes_t *aes);

+bool _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out);

+_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error);

+

+void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac);

+_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error);

+bool _zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data);

+

+#define _zip_crypto_pbkdf2(key, key_length, salt, salt_length, iterations, output, output_length) (PKCS5_PBKDF2_HMAC_SHA1((const char *)(key), (key_length), (salt), (salt_length), (iterations), (output_length), (output)))

+

+#endif /* HAD_ZIP_CRYPTO_OPENSSL_H */

+/*

+ zip_crypto_win.c -- Windows Crypto API wrapper.

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+#include <stdlib.h>

+#include <limits.h>

+

+#include "zipint.h"

+

+#include "zip_crypto.h"

+

+#define WIN32_LEAN_AND_MEAN

+#define NOCRYPT

+

+#include <windows.h>

+

+#include <bcrypt.h>

+

+#pragma comment(lib, "bcrypt.lib")

+

+/*

+

+This code is using the Cryptography API: Next Generation (CNG)

+https://docs.microsoft.com/en-us/windows/desktop/seccng/cng-portal

+

+This API is supported on

+ - Windows Vista or later (client OS)

+ - Windows Server 2008 (server OS)

+ - Windows Embedded Compact 2013 (don't know about Windows Embedded Compact 7)

+

+The code was developed for Windows Embedded Compact 2013 (WEC2013),

+but should be working for all of the above mentioned OSes.

+

+There are 2 restrictions for WEC2013, Windows Vista and Windows Server 2008:

+

+1.) The function "BCryptDeriveKeyPBKDF2" is not available

+

+I found some code which is implementing this function using the deprecated Crypto API here:

+https://www.idrix.fr/Root/content/view/37/54/

+

+I took this code and converted it to the newer CNG API. The original code was more

+flexible, but this is not needed here so i refactored it a bit and just kept what is needed.

+

+The define "HAS_BCRYPTDERIVEKEYPBKDF2" controls whether "BCryptDeriveKeyPBKDF2"

+of the CNG API is used or not. This define must not be set if you are compiling for WEC2013 or Windows Vista.

+

+

+2.) "BCryptCreateHash" can't manage the memory needed for the hash object internally

+

+On Windows 7 or later it is possible to pass NULL for the hash object buffer.

+This is not supported on WEC2013, so we have to handle the memory allocation/deallocation ourselves.

+There is no #ifdef to control that, because this is working for all supported OSes.

+

+*/

+

+#if !defined(WINCE) && !defined(__MINGW32__)

+#define HAS_BCRYPTDERIVEKEYPBKDF2

+#endif

+

+#ifdef HAS_BCRYPTDERIVEKEYPBKDF2

+

+bool

+_zip_crypto_pbkdf2(const zip_uint8_t *key, zip_uint64_t key_length, const zip_uint8_t *salt, zip_uint16_t salt_length, zip_uint16_t iterations, zip_uint8_t *output, zip_uint16_t output_length) {

+ BCRYPT_ALG_HANDLE hAlgorithm = NULL;

+ bool result;

+

+ if (!BCRYPT_SUCCESS(BCryptOpenAlgorithmProvider(&hAlgorithm, BCRYPT_SHA1_ALGORITHM, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG))) {

+ return false;

+ }

+

+ result = BCRYPT_SUCCESS(BCryptDeriveKeyPBKDF2(hAlgorithm, (PUCHAR)key, (ULONG)key_length, (PUCHAR)salt, salt_length, iterations, output, output_length, 0));

+

+ BCryptCloseAlgorithmProvider(hAlgorithm, 0);

+

+ return result;

+}

+

+#else

+

+#include <math.h>

+

+#define DIGEST_SIZE 20

+#define BLOCK_SIZE 64

+

+typedef struct {

+ BCRYPT_ALG_HANDLE hAlgorithm;

+ BCRYPT_HASH_HANDLE hInnerHash;

+ BCRYPT_HASH_HANDLE hOuterHash;

+ ULONG cbHashObject;

+ PUCHAR pbInnerHash;

+ PUCHAR pbOuterHash;

+} PRF_CTX;

+

+static void

+hmacFree(PRF_CTX *pContext) {

+ if (pContext->hOuterHash)

+ BCryptDestroyHash(pContext->hOuterHash);

+ if (pContext->hInnerHash)

+ BCryptDestroyHash(pContext->hInnerHash);

+ free(pContext->pbOuterHash);

+ free(pContext->pbInnerHash);

+ if (pContext->hAlgorithm)

+ BCryptCloseAlgorithmProvider(pContext->hAlgorithm, 0);

+}

+

+static BOOL

+hmacPrecomputeDigest(BCRYPT_HASH_HANDLE hHash, PUCHAR pbPassword, DWORD cbPassword, BYTE mask) {

+ BYTE buffer[BLOCK_SIZE];

+ DWORD i;

+

+ if (cbPassword > BLOCK_SIZE) {

+ return FALSE;

+ }

+

+ memset(buffer, mask, sizeof(buffer));

+

+ for (i = 0; i < cbPassword; ++i) {

+ buffer[i] = (char)(pbPassword[i] ^ mask);

+ }

+

+ return BCRYPT_SUCCESS(BCryptHashData(hHash, buffer, sizeof(buffer), 0));

+}

+

+static BOOL

+hmacInit(PRF_CTX *pContext, PUCHAR pbPassword, DWORD cbPassword) {

+ BOOL bStatus = FALSE;

+ ULONG cbResult;

+ BYTE key[DIGEST_SIZE];

+

+ if (!BCRYPT_SUCCESS(BCryptOpenAlgorithmProvider(&pContext->hAlgorithm, BCRYPT_SHA1_ALGORITHM, NULL, 0)) || !BCRYPT_SUCCESS(BCryptGetProperty(pContext->hAlgorithm, BCRYPT_OBJECT_LENGTH, (PUCHAR)&pContext->cbHashObject, sizeof(pContext->cbHashObject), &cbResult, 0)) || ((pContext->pbInnerHash = malloc(pContext->cbHashObject)) == NULL) || ((pContext->pbOuterHash = malloc(pContext->cbHashObject)) == NULL) || !BCRYPT_SUCCESS(BCryptCreateHash(pContext->hAlgorithm, &pContext->hInnerHash, pContext->pbInnerHash, pContext->cbHashObject, NULL, 0, 0)) || !BCRYPT_SUCCESS(BCryptCreateHash(pContext->hAlgorithm, &pContext->hOuterHash, pContext->pbOuterHash, pContext->cbHashObject, NULL, 0, 0))) {

+ goto hmacInit_end;

+ }

+

+ if (cbPassword > BLOCK_SIZE) {

+ BCRYPT_HASH_HANDLE hHash = NULL;

+ PUCHAR pbHashObject = malloc(pContext->cbHashObject);

+ if (pbHashObject == NULL) {

+ goto hmacInit_end;

+ }

+

+ bStatus = BCRYPT_SUCCESS(BCryptCreateHash(pContext->hAlgorithm, &hHash, pbHashObject, pContext->cbHashObject, NULL, 0, 0)) && BCRYPT_SUCCESS(BCryptHashData(hHash, pbPassword, cbPassword, 0)) && BCRYPT_SUCCESS(BCryptGetProperty(hHash, BCRYPT_HASH_LENGTH, (PUCHAR)&cbPassword, sizeof(cbPassword), &cbResult, 0)) && BCRYPT_SUCCESS(BCryptFinishHash(hHash, key, cbPassword, 0));

+

+ if (hHash)

+ BCryptDestroyHash(hHash);

+ free(pbHashObject);

+

+ if (!bStatus) {

+ goto hmacInit_end;

+ }

+

+ pbPassword = key;

+ }

+

+ bStatus = hmacPrecomputeDigest(pContext->hInnerHash, pbPassword, cbPassword, 0x36) && hmacPrecomputeDigest(pContext->hOuterHash, pbPassword, cbPassword, 0x5C);

+

+hmacInit_end:

+

+ if (bStatus == FALSE)

+ hmacFree(pContext);

+

+ return bStatus;

+}

+

+static BOOL

+hmacCalculateInternal(BCRYPT_HASH_HANDLE hHashTemplate, PUCHAR pbData, DWORD cbData, PUCHAR pbOutput, DWORD cbOutput, DWORD cbHashObject) {

+ BOOL success = FALSE;

+ BCRYPT_HASH_HANDLE hHash = NULL;

+ PUCHAR pbHashObject = malloc(cbHashObject);

+

+ if (pbHashObject == NULL) {

+ return FALSE;

+ }

+

+ if (BCRYPT_SUCCESS(BCryptDuplicateHash(hHashTemplate, &hHash, pbHashObject, cbHashObject, 0))) {

+ success = BCRYPT_SUCCESS(BCryptHashData(hHash, pbData, cbData, 0)) && BCRYPT_SUCCESS(BCryptFinishHash(hHash, pbOutput, cbOutput, 0));

+

+ BCryptDestroyHash(hHash);

+ }

+

+ free(pbHashObject);

+

+ return success;

+}

+

+static BOOL

+hmacCalculate(PRF_CTX *pContext, PUCHAR pbData, DWORD cbData, PUCHAR pbDigest) {

+ DWORD cbResult;

+ DWORD cbHashObject;

+

+ return BCRYPT_SUCCESS(BCryptGetProperty(pContext->hAlgorithm, BCRYPT_OBJECT_LENGTH, (PUCHAR)&cbHashObject, sizeof(cbHashObject), &cbResult, 0)) && hmacCalculateInternal(pContext->hInnerHash, pbData, cbData, pbDigest, DIGEST_SIZE, cbHashObject) && hmacCalculateInternal(pContext->hOuterHash, pbDigest, DIGEST_SIZE, pbDigest, DIGEST_SIZE, cbHashObject);

+}

+

+static void

+myxor(LPBYTE ptr1, LPBYTE ptr2, DWORD dwLen) {

+ while (dwLen--)

+ *ptr1++ ^= *ptr2++;

+}

+

+BOOL

+pbkdf2(PUCHAR pbPassword, ULONG cbPassword, PUCHAR pbSalt, ULONG cbSalt, DWORD cIterations, PUCHAR pbDerivedKey, ULONG cbDerivedKey) {

+ BOOL bStatus = FALSE;

+ DWORD l, r, dwULen, i, j;

+ BYTE Ti[DIGEST_SIZE];

+ BYTE V[DIGEST_SIZE];

+ LPBYTE U = malloc(max((cbSalt + 4), DIGEST_SIZE));

+ PRF_CTX prfCtx = {0};

+

+ if (U == NULL) {

+ return FALSE;

+ }

+

+ if (pbPassword == NULL || cbPassword == 0 || pbSalt == NULL || cbSalt == 0 || cIterations == 0 || pbDerivedKey == NULL || cbDerivedKey == 0) {

+ free(U);

+ return FALSE;

+ }

+

+ if (!hmacInit(&prfCtx, pbPassword, cbPassword)) {

+ goto PBKDF2_end;

+ }

+

+ l = (DWORD)ceil((double)cbDerivedKey / (double)DIGEST_SIZE);

+ r = cbDerivedKey - (l - 1) * DIGEST_SIZE;

+

+ for (i = 1; i <= l; i++) {

+ ZeroMemory(Ti, DIGEST_SIZE);

+ for (j = 0; j < cIterations; j++) {

+ if (j == 0) {

+ /* construct first input for PRF */

+ (void)memcpy_s(U, cbSalt, pbSalt, cbSalt);

+ U[cbSalt] = (BYTE)((i & 0xFF000000) >> 24);

+ U[cbSalt + 1] = (BYTE)((i & 0x00FF0000) >> 16);

+ U[cbSalt + 2] = (BYTE)((i & 0x0000FF00) >> 8);

+ U[cbSalt + 3] = (BYTE)((i & 0x000000FF));

+ dwULen = cbSalt + 4;

+ }

+ else {

+ (void)memcpy_s(U, DIGEST_SIZE, V, DIGEST_SIZE);

+ dwULen = DIGEST_SIZE;

+ }

+

+ if (!hmacCalculate(&prfCtx, U, dwULen, V)) {

+ goto PBKDF2_end;

+ }

+

+ myxor(Ti, V, DIGEST_SIZE);

+ }

+

+ if (i != l) {

+ (void)memcpy_s(&pbDerivedKey[(i - 1) * DIGEST_SIZE], cbDerivedKey - (i - 1) * DIGEST_SIZE, Ti, DIGEST_SIZE);

+ }

+ else {

+ /* Take only the first r bytes */

+ (void)memcpy_s(&pbDerivedKey[(i - 1) * DIGEST_SIZE], cbDerivedKey - (i - 1) * DIGEST_SIZE, Ti, r);

+ }

+ }

+

+ bStatus = TRUE;

+

+PBKDF2_end:

+

+ hmacFree(&prfCtx);

+ free(U);

+ return bStatus;

+}

+

+bool

+_zip_crypto_pbkdf2(const zip_uint8_t *key, zip_uint64_t key_length, const zip_uint8_t *salt, zip_uint16_t salt_length, zip_uint16_t iterations, zip_uint8_t *output, zip_uint16_t output_length) {

+ return (key_length <= ZIP_UINT32_MAX) && pbkdf2((PUCHAR)key, (ULONG)key_length, (PUCHAR)salt, salt_length, iterations, output, output_length);

+}

+

+#endif

+

+

+struct _zip_crypto_aes_s {

+ BCRYPT_ALG_HANDLE hAlgorithm;

+ BCRYPT_KEY_HANDLE hKey;

+ ULONG cbKeyObject;

+ PUCHAR pbKeyObject;

+};

+

+_zip_crypto_aes_t *

+_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) {

+ _zip_crypto_aes_t *aes = (_zip_crypto_aes_t *)calloc(1, sizeof(*aes));

+

+ ULONG cbResult;

+ ULONG key_length = key_size / 8;

+

+ if (aes == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ if (!BCRYPT_SUCCESS(BCryptOpenAlgorithmProvider(&aes->hAlgorithm, BCRYPT_AES_ALGORITHM, NULL, 0))) {

+ _zip_crypto_aes_free(aes);

+ return NULL;

+ }

+

+ if (!BCRYPT_SUCCESS(BCryptSetProperty(aes->hAlgorithm, BCRYPT_CHAINING_MODE, (PUCHAR)BCRYPT_CHAIN_MODE_ECB, sizeof(BCRYPT_CHAIN_MODE_ECB), 0))) {

+ _zip_crypto_aes_free(aes);

+ return NULL;

+ }

+

+ if (!BCRYPT_SUCCESS(BCryptGetProperty(aes->hAlgorithm, BCRYPT_OBJECT_LENGTH, (PUCHAR)&aes->cbKeyObject, sizeof(aes->cbKeyObject), &cbResult, 0))) {

+ _zip_crypto_aes_free(aes);

+ return NULL;

+ }

+

+ aes->pbKeyObject = malloc(aes->cbKeyObject);

+ if (aes->pbKeyObject == NULL) {

+ _zip_crypto_aes_free(aes);

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ if (!BCRYPT_SUCCESS(BCryptGenerateSymmetricKey(aes->hAlgorithm, &aes->hKey, aes->pbKeyObject, aes->cbKeyObject, (PUCHAR)key, key_length, 0))) {

+ _zip_crypto_aes_free(aes);

+ return NULL;

+ }

+

+ return aes;

+}

+

+void

+_zip_crypto_aes_free(_zip_crypto_aes_t *aes) {

+ if (aes == NULL) {

+ return;

+ }

+

+ if (aes->hKey != NULL) {

+ BCryptDestroyKey(aes->hKey);

+ }

+

+ if (aes->pbKeyObject != NULL) {

+ free(aes->pbKeyObject);

+ }

+

+ if (aes->hAlgorithm != NULL) {

+ BCryptCloseAlgorithmProvider(aes->hAlgorithm, 0);

+ }

+

+ free(aes);

+}

+

+bool

+_zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) {

+ ULONG cbResult;

+ NTSTATUS status = BCryptEncrypt(aes->hKey, (PUCHAR)in, ZIP_CRYPTO_AES_BLOCK_LENGTH, NULL, NULL, 0, (PUCHAR)out, ZIP_CRYPTO_AES_BLOCK_LENGTH, &cbResult, 0);

+ return BCRYPT_SUCCESS(status);

+}

+

+struct _zip_crypto_hmac_s {

+ BCRYPT_ALG_HANDLE hAlgorithm;

+ BCRYPT_HASH_HANDLE hHash;

+ DWORD cbHashObject;

+ PUCHAR pbHashObject;

+ DWORD cbHash;

+ PUCHAR pbHash;

+};

+

+/* https://code.msdn.microsoft.com/windowsdesktop/Hmac-Computation-Sample-11fe8ec1/sourcecode?fileId=42820&pathId=283874677 */

+

+_zip_crypto_hmac_t *

+_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) {

+ NTSTATUS status;

+ ULONG cbResult;

+ _zip_crypto_hmac_t *hmac;

+

+ if (secret_length > INT_MAX) {

+ zip_error_set(error, ZIP_ER_INVAL, 0);

+ return NULL;

+ }

+

+ hmac = (_zip_crypto_hmac_t *)calloc(1, sizeof(*hmac));

+

+ if (hmac == NULL) {

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ status = BCryptOpenAlgorithmProvider(&hmac->hAlgorithm, BCRYPT_SHA1_ALGORITHM, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG);

+ if (!BCRYPT_SUCCESS(status)) {

+ _zip_crypto_hmac_free(hmac);

+ return NULL;

+ }

+

+ status = BCryptGetProperty(hmac->hAlgorithm, BCRYPT_OBJECT_LENGTH, (PUCHAR)&hmac->cbHashObject, sizeof(hmac->cbHashObject), &cbResult, 0);

+ if (!BCRYPT_SUCCESS(status)) {

+ _zip_crypto_hmac_free(hmac);

+ return NULL;

+ }

+

+ hmac->pbHashObject = malloc(hmac->cbHashObject);

+ if (hmac->pbHashObject == NULL) {

+ _zip_crypto_hmac_free(hmac);

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ status = BCryptGetProperty(hmac->hAlgorithm, BCRYPT_HASH_LENGTH, (PUCHAR)&hmac->cbHash, sizeof(hmac->cbHash), &cbResult, 0);

+ if (!BCRYPT_SUCCESS(status)) {

+ _zip_crypto_hmac_free(hmac);

+ return NULL;

+ }

+

+ hmac->pbHash = malloc(hmac->cbHash);

+ if (hmac->pbHash == NULL) {

+ _zip_crypto_hmac_free(hmac);

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ }

+

+ status = BCryptCreateHash(hmac->hAlgorithm, &hmac->hHash, hmac->pbHashObject, hmac->cbHashObject, (PUCHAR)secret, (ULONG)secret_length, 0);

+ if (!BCRYPT_SUCCESS(status)) {

+ _zip_crypto_hmac_free(hmac);

+ return NULL;

+ }

+

+ return hmac;

+}

+

+void

+_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) {

+ if (hmac == NULL) {

+ return;

+ }

+

+ if (hmac->hHash != NULL) {

+ BCryptDestroyHash(hmac->hHash);

+ }

+

+ if (hmac->pbHash != NULL) {

+ free(hmac->pbHash);

+ }

+

+ if (hmac->pbHashObject != NULL) {

+ free(hmac->pbHashObject);

+ }

+

+ if (hmac->hAlgorithm) {

+ BCryptCloseAlgorithmProvider(hmac->hAlgorithm, 0);

+ }

+

+ free(hmac);

+}

+

+bool

+_zip_crypto_hmac(_zip_crypto_hmac_t *hmac, zip_uint8_t *data, zip_uint64_t length) {

+ if (hmac == NULL || length > ULONG_MAX) {

+ return false;

+ }

+

+ return BCRYPT_SUCCESS(BCryptHashData(hmac->hHash, data, (ULONG)length, 0));

+}

+

+bool

+_zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data) {

+ if (hmac == NULL) {

+ return false;

+ }

+

+ return BCRYPT_SUCCESS(BCryptFinishHash(hmac->hHash, data, hmac->cbHash, 0));

+}

+

+ZIP_EXTERN bool

+zip_secure_random(zip_uint8_t *buffer, zip_uint16_t length) {

+ return BCRYPT_SUCCESS(BCryptGenRandom(NULL, buffer, length, BCRYPT_USE_SYSTEM_PREFERRED_RNG));

+}

+/*

+ zip_crypto_win.h -- Windows Crypto API wrapper.

+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner

+

+ This file is part of libzip, a library to manipulate ZIP archives.

+ The authors can be contacted at <info@libzip.org>

+

+ Redistribution and use in source and binary forms, with or without

+ modification, are permitted provided that the following conditions

+ are met:

+ 1. Redistributions of source code must retain the above copyright

+ notice, this list of conditions and the following disclaimer.

+ 2. Redistributions in binary form must reproduce the above copyright

+ notice, this list of conditions and the following disclaimer in

+ the documentation and/or other materials provided with the

+ distribution.

+ 3. The names of the authors may not be used to endorse or promote

+ products derived from this software without specific prior

+ written permission.

+

+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS

+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY

+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE

+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER

+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR

+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN

+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

+*/

+

+#ifndef HAD_ZIP_CRYPTO_WIN_H

+#define HAD_ZIP_CRYPTO_WIN_H

+

+#define HAVE_SECURE_RANDOM

+

+typedef struct _zip_crypto_aes_s _zip_crypto_aes_t;

+typedef struct _zip_crypto_hmac_s _zip_crypto_hmac_t;

+

+void _zip_crypto_aes_free(_zip_crypto_aes_t *aes);

+_zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error);

+bool _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out);

+

+bool _zip_crypto_pbkdf2(const zip_uint8_t *key, zip_uint64_t key_length, const zip_uint8_t *salt, zip_uint16_t salt_length, zip_uint16_t iterations, zip_uint8_t *output, zip_uint16_t output_length);

+

+_zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error);

+void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac);

+bool _zip_crypto_hmac(_zip_crypto_hmac_t *hmac, zip_uint8_t *data, zip_uint64_t length);

+bool _zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data);

+

+#endif /* HAD_ZIP_CRYPTO_WIN_H */

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+ zip_error_set(&za->error, ZIP_ER_INVAL, 0);

+ return -1;

+ zip_error_set(&za->error, ZIP_ER_RDONLY, 0);

+ return -1;

+ return -1;

+ return -1;

+ return -1;

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+ zip_error_set(&za->error, ZIP_ER_RDONLY, 0);

+ return -1;

+ zip_error_set(&za->error, ZIP_ER_INVAL, 0);

+ return -1;

+ if (len > SIZE_MAX - 2 || (s = (char *)malloc(len + 2)) == NULL) {

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ return -1;

+ }

+ (void)strncpy_s(s, len + 2, name, len);

+ s[len] = '/';

+ s[len + 1] = '\0';

+ free(s);

+ return -1;

+ zip_source_free(source);

+ if (zip_file_set_external_attributes(za, (zip_uint64_t)idx, 0, ZIP_OPSYS_DEFAULT, ZIP_EXT_ATTRIB_DEFAULT_DIR) < 0) {

+ zip_delete(za, (zip_uint64_t)idx);

+ return -1;

+ }

+ Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner

+ The authors can be contacted at <info@libzip.org>

+#include <zlib.h>

+ return;

+ _zip_entry_finalize(cd->entry + i);

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return NULL;

+ _zip_cdir_free(cd);

+ return NULL;

+ return true;

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return false;

+ zip_error_set(error, ZIP_ER_MEMORY, 0);

+ return false;

+ _zip_entry_init(cd->entry + i);

+ zip_uint32_t cdir_crc;

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ if (ZIP_WANT_TORRENTZIP(za)) {

+ cdir_crc = (zip_uint32_t)crc32(0, NULL, 0);

+ za->write_crc = &cdir_crc;

+ }

+

+ zip_entry_t *entry = za->entry + filelist[i].idx;

+ if ((ret = _zip_dirent_write(za, entry->changes ? entry->changes : entry->orig, ZIP_FL_CENTRAL)) < 0)

+ return -1;

+ if (ret)

+ is_zip64 = true;

+ za->write_crc = NULL;

+

+ zip_error_set_from_source(&za->error, za->src);

+ return -1;

+ if (offset > ZIP_UINT32_MAX || survivors > ZIP_UINT16_MAX) {

+ is_zip64 = true;

+ }

+ zip_error_set(&za->error, ZIP_ER_MEMORY, 0);

+ return -1;

+ _zip_buffer_put(buffer, EOCD64_MAGIC, 4);

+ _zip_buffer_put_64(buffer, EOCD64LEN - 12);

+ _zip_buffer_put_16(buffer, 45);

+ _zip_buffer_put_16(buffer, 45);

+ _zip_buffer_put_32(buffer, 0);

+ _zip_buffer_put_32(buffer, 0);

+ _zip_buffer_put_64(buffer, survivors);

+ _zip_buffer_put_64(buffer, survivors);

+ _zip_buffer_put_64(buffer, size);

+ _zip_buffer_put_64(buffer, offset);

+ _zip_buffer_put(buffer, EOCD64LOC_MAGIC, 4);

+ _zip_buffer_put_32(buffer, 0);

+ _zip_buffer_put_64(buffer, offset + size);

+ _zip_buffer_put_32(buffer, 1);

+ if (ZIP_WANT_TORRENTZIP(za)) {

+ _zip_buffer_put_16(buffer, TORRENTZIP_SIGNATURE_LENGTH + TORRENTZIP_CRC_LENGTH);

+ }

+ else {

+ _zip_buffer_put_16(buffer, (zip_uint16_t)(comment ? comment->length : 0));

+ }

+

+ zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);

+ _zip_buffer_free(buffer);

+ return -1;

+ _zip_buffer_free(buffer);

+ return -1;

+ if (ZIP_WANT_TORRENTZIP(za)) {

+ char torrentzip_comment[TORRENTZIP_SIGNATURE_LENGTH + TORRENTZIP_CRC_LENGTH + 1];

+ snprintf(torrentzip_comment, sizeof(torrentzip_comment), TORRENTZIP_SIGNATURE "%08X", cdir_crc);

+

+ if (_zip_write(za, torrentzip_comment, strlen(torrentzip_comment)) < 0) {

+ return -1;

+ }

+ }

+ else if (comment != NULL) {

+ if (_zip_write(za, comment->raw, comment->length) < 0) {

+ return -1;

+ }

+ return NULL;

+ (void)memcpy_s(tde, sizeof(*tde), sde, sizeof(*sde));

+ _zip_dirent_init(tde);

+ _zip_string_free(zde->filename);

+ zde->filename = NULL;

+ _zip_ef_free(zde->extra_fields);

+ zde->extra_fields = NULL;

+ _zip_string_free(zde->comment);

+ zde->comment = NULL;

+ if (zde->password) {

+ _zip_crypto_clear(zde->password, strlen(zde->password));

+ }

+ free(zde->password);

+ zde->password = NULL;