diff --git a/LICENSE b/LICENSE index 086295a..3b6c4e1 100644 --- a/LICENSE +++ b/LICENSE @@ -14,4 +14,4 @@ freely, subject to the following restrictions: appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. -3. This notice may not be removed or altered from any source distribution. \ No newline at end of file +3. This notice may not be removed or altered from any source distribution. diff --git a/doc/appnote.txt b/doc/appnote.txt index d41dde4..e8e8b7c 100644 --- a/doc/appnote.txt +++ b/doc/appnote.txt @@ -1,5 +1,5 @@ File: APPNOTE.TXT - .ZIP File Format Specification -Version: 6.3.4 +Version: 6.3.4 Status: Final - replaces version 6.3.3 Revised: October 1, 2014 Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. @@ -11,60 +11,60 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. ----------- 1.1.1 This specification is intended to define a cross-platform, - interoperable file storage and transfer format. Since its - first publication in 1989, PKWARE, Inc. ("PKWARE") has remained - committed to ensuring the interoperability of the .ZIP file - format through periodic publication and maintenance of this - specification. We trust that all .ZIP compatible vendors and - application developers that use and benefit from this format + interoperable file storage and transfer format. Since its + first publication in 1989, PKWARE, Inc. ("PKWARE") has remained + committed to ensuring the interoperability of the .ZIP file + format through periodic publication and maintenance of this + specification. We trust that all .ZIP compatible vendors and + application developers that use and benefit from this format will share and support this commitment to interoperability. 1.2 Scope --------- - 1.2.1 ZIP is one of the most widely used compressed file formats. It is + 1.2.1 ZIP is one of the most widely used compressed file formats. It is universally used to aggregate, compress, and encrypt files into a single - interoperable container. No specific use or application need is - defined by this format and no specific implementation guidance is - provided. This document provides details on the storage format for - creating ZIP files. Information is provided on the records and - fields that describe what a ZIP file is. + interoperable container. No specific use or application need is + defined by this format and no specific implementation guidance is + provided. This document provides details on the storage format for + creating ZIP files. Information is provided on the records and + fields that describe what a ZIP file is. 1.3 Trademarks -------------- - 1.3.1 PKWARE, PKZIP, SecureZIP, and PKSFX are registered trademarks of - PKWARE, Inc. in the United States and elsewhere. PKPatchMaker, - Deflate64, and ZIP64 are trademarks of PKWARE, Inc. Other marks + 1.3.1 PKWARE, PKZIP, SecureZIP, and PKSFX are registered trademarks of + PKWARE, Inc. in the United States and elsewhere. PKPatchMaker, + Deflate64, and ZIP64 are trademarks of PKWARE, Inc. Other marks referenced within this document appear for identification purposes only and are the property of their respective owners. - + 1.4 Permitted Use ------------------ +----------------- 1.4.1 This document, "APPNOTE.TXT - .ZIP File Format Specification" is the - exclusive property of PKWARE. Use of the information contained in this - document is permitted solely for the purpose of creating products, + exclusive property of PKWARE. Use of the information contained in this + document is permitted solely for the purpose of creating products, programs and processes that read and write files in the ZIP format subject to the terms and conditions herein. - 1.4.2 Use of the content of this document within other publications is + 1.4.2 Use of the content of this document within other publications is permitted only through reference to this document. Any reproduction or distribution of this document in whole or in part without prior written permission from PKWARE is strictly prohibited. - 1.4.3 Certain technological components provided in this document are the - patented proprietary technology of PKWARE and as such require a - separate, executed license agreement from PKWARE. Applicable - components are marked with the following, or similar, statement: - 'Refer to the section in this document entitled "Incorporating + 1.4.3 Certain technological components provided in this document are the + patented proprietary technology of PKWARE and as such require a + separate, executed license agreement from PKWARE. Applicable + components are marked with the following, or similar, statement: + 'Refer to the section in this document entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information'. 1.5 Contacting PKWARE --------------------- - 1.5.1 If you have questions on this format, its use, or licensing, or if you + 1.5.1 If you have questions on this format, its use, or licensing, or if you wish to report defects, request changes or additions, please contact: PKWARE, Inc. @@ -84,9 +84,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 1.6.1 Although PKWARE will attempt to supply current and accurate information relating to its file formats, algorithms, and the - subject programs, the possibility of error or omission cannot - be eliminated. PKWARE therefore expressly disclaims any warranty - that the information contained in the associated materials relating + subject programs, the possibility of error or omission cannot + be eliminated. PKWARE therefore expressly disclaims any warranty + that the information contained in the associated materials relating to the subject programs and/or the format of the files created or accessed by the subject programs and/or the algorithms used by the subject programs, or any other matter, is current, correct or @@ -103,21 +103,21 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 2.1 Document Status -------------------- - 2.1.1 If the STATUS of this file is marked as DRAFT, the content - defines proposed revisions to this specification which may consist - of changes to the ZIP format itself, or that may consist of other - content changes to this document. Versions of this document and - the format in DRAFT form may be subject to modification prior to - publication STATUS of FINAL. DRAFT versions are published periodically - to provide notification to the ZIP community of pending changes and to + 2.1.1 If the STATUS of this file is marked as DRAFT, the content + defines proposed revisions to this specification which may consist + of changes to the ZIP format itself, or that may consist of other + content changes to this document. Versions of this document and + the format in DRAFT form may be subject to modification prior to + publication STATUS of FINAL. DRAFT versions are published periodically + to provide notification to the ZIP community of pending changes and to provide opportunity for review and comment. - 2.1.2 Versions of this document having a STATUS of FINAL are - considered to be in the final form for that version of the document + 2.1.2 Versions of this document having a STATUS of FINAL are + considered to be in the final form for that version of the document and are not subject to further change until a new, higher version - numbered document is published. Newer versions of this format - specification are intended to remain interoperable with with all prior - versions whenever technically possible. + numbered document is published. Newer versions of this format + specification are intended to remain interoperable with with all prior + versions whenever technically possible. 2.2 Change Log -------------- @@ -137,13 +137,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 6.2.1 -Added Extra Field placeholder for 04/01/2005 POSZIP using ID 0x4690 - -Clarified size field on + -Clarified size field on "zip64 end of central directory record" 6.2.2 -Documented Final Feature Specification 01/06/2006 for Strong Encryption - -Clarifications and typographical + -Clarifications and typographical corrections 6.3.0 -Added tape positioning storage 09/29/2006 @@ -157,13 +157,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. -Expanded list of supported encryption algorithms - -Added option for Unicode filename + -Added option for Unicode filename storage -Clarifications for consistent use of Data Descriptor records - -Added additional "Extra Field" + -Added additional "Extra Field" definitions 6.3.1 -Corrected standard hash values for 04/11/2007 @@ -177,7 +177,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 6.3.3 -Formatting changes to support 09/01/2012 easier referencing of this APPNOTE - from other documents and standards + from other documents and standards 6.3.4 -Address change 10/01/2014 @@ -185,14 +185,14 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 3.0 Notations ------------- - 3.1 Use of the term MUST or SHALL indicates a required element. + 3.1 Use of the term MUST or SHALL indicates a required element. - 3.2 MAY NOT or SHALL NOT indicates an element is prohibited from use. + 3.2 MAY NOT or SHALL NOT indicates an element is prohibited from use. 3.3 SHOULD indicates a RECOMMENDED element. 3.4 SHOULD NOT indicates an element NOT RECOMMENDED for use. - + 3.5 MAY indicates an OPTIONAL element. @@ -202,66 +202,66 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.1 What is a ZIP file ---------------------- - 4.1.1 ZIP files MAY be identified by the standard .ZIP file extension - although use of a file extension is not required. Use of the - extension .ZIPX is also recognized and MAY be used for ZIP files. - Other common file extensions using the ZIP format include .JAR, .WAR, - .DOCX, .XLXS, .PPTX, .ODT, .ODS, .ODP and others. Programs reading or - writing ZIP files SHOULD rely on internal record signatures described + 4.1.1 ZIP files MAY be identified by the standard .ZIP file extension + although use of a file extension is not required. Use of the + extension .ZIPX is also recognized and MAY be used for ZIP files. + Other common file extensions using the ZIP format include .JAR, .WAR, + .DOCX, .XLXS, .PPTX, .ODT, .ODS, .ODP and others. Programs reading or + writing ZIP files SHOULD rely on internal record signatures described in this document to identify files in this format. - 4.1.2 ZIP files SHOULD contain at least one file and MAY contain - multiple files. + 4.1.2 ZIP files SHOULD contain at least one file and MAY contain + multiple files. 4.1.3 Data compression MAY be used to reduce the size of files - placed into a ZIP file, but is not required. This format supports the - use of multiple data compression algorithms. When compression is used, - one of the documented compression algorithms MUST be used. Implementors - are advised to experiment with their data to determine which of the + placed into a ZIP file, but is not required. This format supports the + use of multiple data compression algorithms. When compression is used, + one of the documented compression algorithms MUST be used. Implementors + are advised to experiment with their data to determine which of the available algorithms provides the best compression for their needs. - Compression method 8 (Deflate) is the method used by default by most - ZIP compatible application programs. + Compression method 8 (Deflate) is the method used by default by most + ZIP compatible application programs. - 4.1.4 Data encryption MAY be used to protect files within a ZIP file. + 4.1.4 Data encryption MAY be used to protect files within a ZIP file. Keying methods supported for encryption within this format include passwords and public/private keys. Either MAY be used individually - or in combination. Encryption MAY be applied to individual files. - Additional security MAY be used through the encryption of ZIP file - metadata stored within the Central Directory. See the section on the - Strong Encryption Specification for information. Refer to the section - in this document entitled "Incorporating PKWARE Proprietary Technology + or in combination. Encryption MAY be applied to individual files. + Additional security MAY be used through the encryption of ZIP file + metadata stored within the Central Directory. See the section on the + Strong Encryption Specification for information. Refer to the section + in this document entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information. - 4.1.5 Data integrity MUST be provided for each file using CRC32. - - 4.1.6 Additional data integrity MAY be included through the use of - digital signatures. Individual files MAY be signed with one or more - digital signatures. The Central Directory, if signed, MUST use a - single signature. + 4.1.5 Data integrity MUST be provided for each file using CRC32. - 4.1.7 Files MAY be placed within a ZIP file uncompressed or stored. - The term "stored" as used in the context of this document means the file - is copied into the ZIP file uncompressed. + 4.1.6 Additional data integrity MAY be included through the use of + digital signatures. Individual files MAY be signed with one or more + digital signatures. The Central Directory, if signed, MUST use a + single signature. - 4.1.8 Each data file placed into a ZIP file MAY be compressed, stored, - encrypted or digitally signed independent of how other data files in the + 4.1.7 Files MAY be placed within a ZIP file uncompressed or stored. + The term "stored" as used in the context of this document means the file + is copied into the ZIP file uncompressed. + + 4.1.8 Each data file placed into a ZIP file MAY be compressed, stored, + encrypted or digitally signed independent of how other data files in the same ZIP file are archived. 4.1.9 ZIP files MAY be streamed, split into segments (on fixed or on - removable media) or "self-extracting". Self-extracting ZIP - files MUST include extraction code for a target platform within - the ZIP file. + removable media) or "self-extracting". Self-extracting ZIP + files MUST include extraction code for a target platform within + the ZIP file. 4.1.10 Extensibility is provided for platform or application specific needs through extra data fields that MAY be defined for custom purposes. Extra data definitions MUST NOT conflict with existing - documented record definitions. + documented record definitions. - 4.1.11 Common uses for ZIP MAY also include the use of manifest files. - Manifest files store application specific information within a file stored - within the ZIP file. This manifest file SHOULD be the first file in the - ZIP file. This specification does not provide any information or guidance on + 4.1.11 Common uses for ZIP MAY also include the use of manifest files. + Manifest files store application specific information within a file stored + within the ZIP file. This manifest file SHOULD be the first file in the + ZIP file. This specification does not provide any information or guidance on the use of manifest files within ZIP files. Refer to the application developer for information on using manifest files and for any additional profile information on using ZIP within an application. @@ -271,64 +271,64 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.2 ZIP Metadata ---------------- - 4.2.1 ZIP files are identified by metadata consisting of defined record types - containing the storage information necessary for maintaining the files - placed into a ZIP file. Each record type MUST be identified using a header - signature that identifies the record type. Signature values begin with the + 4.2.1 ZIP files are identified by metadata consisting of defined record types + containing the storage information necessary for maintaining the files + placed into a ZIP file. Each record type MUST be identified using a header + signature that identifies the record type. Signature values begin with the two byte constant marker of 0x4b50, representing the characters "PK". 4.3 General Format of a .ZIP file --------------------------------- - 4.3.1 A ZIP file MUST contain an "end of central directory record". A ZIP - file containing only an "end of central directory record" is considered an - empty ZIP file. Files may be added or replaced within a ZIP file, or deleted. - A ZIP file MUST have only one "end of central directory record". Other - records defined in this specification MAY be used as needed to support + 4.3.1 A ZIP file MUST contain an "end of central directory record". A ZIP + file containing only an "end of central directory record" is considered an + empty ZIP file. Files may be added or replaced within a ZIP file, or deleted. + A ZIP file MUST have only one "end of central directory record". Other + records defined in this specification MAY be used as needed to support storage requirements for individual ZIP files. - 4.3.2 Each file placed into a ZIP file MUST be preceeded by a "local - file header" record for that file. Each "local file header" MUST be - accompanied by a corresponding "central directory header" record within + 4.3.2 Each file placed into a ZIP file MUST be preceeded by a "local + file header" record for that file. Each "local file header" MUST be + accompanied by a corresponding "central directory header" record within the central directory section of the ZIP file. - 4.3.3 Files MAY be stored in arbitrary order within a ZIP file. A ZIP - file MAY span multiple volumes or it MAY be split into user-defined - segment sizes. All values MUST be stored in little-endian byte order unless - otherwise specified in this document for a specific data element. + 4.3.3 Files MAY be stored in arbitrary order within a ZIP file. A ZIP + file MAY span multiple volumes or it MAY be split into user-defined + segment sizes. All values MUST be stored in little-endian byte order unless + otherwise specified in this document for a specific data element. 4.3.4 Compression MUST NOT be applied to a "local file header", an "encryption - header", or an "end of central directory record". Individual "central + header", or an "end of central directory record". Individual "central directory records" must not be compressed, but the aggregate of all central - directory records MAY be compressed. + directory records MAY be compressed. + + 4.3.5 File data MAY be followed by a "data descriptor" for the file. Data + descriptors are used to facilitate ZIP file streaming. - 4.3.5 File data MAY be followed by a "data descriptor" for the file. Data - descriptors are used to facilitate ZIP file streaming. - 4.3.6 Overall .ZIP file format: [local file header 1] [encryption header 1] [file data 1] [data descriptor 1] - . + . . . [local file header n] [encryption header n] [file data n] [data descriptor n] - [archive decryption header] - [archive extra data record] + [archive decryption header] + [archive extra data record] [central directory header 1] . . . [central directory header n] [zip64 end of central directory record] - [zip64 end of central directory locator] + [zip64 end of central directory locator] [end of central directory record] @@ -353,13 +353,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Immediately following the local header for a file SHOULD be placed the compressed or stored data for the file. - If the file is encrypted, the encryption header for the file - SHOULD be placed after the local header and before the file + If the file is encrypted, the encryption header for the file + SHOULD be placed after the local header and before the file data. The series of [local file header][encryption header] - [file data][data descriptor] repeats for each file in the - .ZIP archive. + [file data][data descriptor] repeats for each file in the + .ZIP archive. - Zero-byte files, directories, and other file types that + Zero-byte files, directories, and other file types that contain no content MUST not include file data. 4.3.9 Data descriptor: @@ -376,18 +376,18 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. was standard output or a non-seekable device. For ZIP64(tm) format archives, the compressed and uncompressed sizes are 8 bytes each. - 4.3.9.2 When compressing files, compressed and uncompressed sizes - should be stored in ZIP64 format (as 8 byte values) when a - file's size exceeds 0xFFFFFFFF. However ZIP64 format may be - used regardless of the size of a file. When extracting, if - the zip64 extended information extra field is present for + 4.3.9.2 When compressing files, compressed and uncompressed sizes + should be stored in ZIP64 format (as 8 byte values) when a + file's size exceeds 0xFFFFFFFF. However ZIP64 format may be + used regardless of the size of a file. When extracting, if + the zip64 extended information extra field is present for the file the compressed and uncompressed sizes will be 8 - byte values. + byte values. - 4.3.9.3 Although not originally assigned a signature, the value - 0x08074b50 has commonly been adopted as a signature value - for the data descriptor record. Implementers should be - aware that ZIP files may be encountered with or without this + 4.3.9.3 Although not originally assigned a signature, the value + 0x08074b50 has commonly been adopted as a signature value + for the data descriptor record. Implementers should be + aware that ZIP files may be encountered with or without this signature marking data descriptors and SHOULD account for either case when reading ZIP files to ensure compatibility. @@ -397,44 +397,44 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. the data descriptor record will immediately follow the signature. - 4.3.9.5 An extensible data descriptor will be released in a + 4.3.9.5 An extensible data descriptor will be released in a future version of this APPNOTE. This new record is intended to resolve conflicts with the use of this record going forward, and to provide better support for streamed file processing. - 4.3.9.6 When the Central Directory Encryption method is used, - the data descriptor record is not required, but MAY be used. - If present, and bit 3 of the general purpose bit field is set to + 4.3.9.6 When the Central Directory Encryption method is used, + the data descriptor record is not required, but MAY be used. + If present, and bit 3 of the general purpose bit field is set to indicate its presence, the values in fields of the data descriptor - record MUST be set to binary zeros. See the section on the Strong - Encryption Specification for information. Refer to the section in - this document entitled "Incorporating PKWARE Proprietary Technology + record MUST be set to binary zeros. See the section on the Strong + Encryption Specification for information. Refer to the section in + this document entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information. - 4.3.10 Archive decryption header: + 4.3.10 Archive decryption header: 4.3.10.1 The Archive Decryption Header is introduced in version 6.2 of the ZIP format specification. This record exists in support - of the Central Directory Encryption Feature implemented as part of + of the Central Directory Encryption Feature implemented as part of the Strong Encryption Specification as described in this document. When the Central Directory Structure is encrypted, this decryption - header MUST precede the encrypted data segment. + header MUST precede the encrypted data segment. - 4.3.10.2 The encrypted data segment SHALL consist of the Archive - extra data record (if present) and the encrypted Central Directory - Structure data. The format of this data record is identical to the - Decryption header record preceding compressed file data. If the + 4.3.10.2 The encrypted data segment SHALL consist of the Archive + extra data record (if present) and the encrypted Central Directory + Structure data. The format of this data record is identical to the + Decryption header record preceding compressed file data. If the central directory structure is encrypted, the location of the start of this data record is determined using the Start of Central Directory - field in the Zip64 End of Central Directory record. See the + field in the Zip64 End of Central Directory record. See the section on the Strong Encryption Specification for information on the fields used in the Archive Decryption Header record. - Refer to the section in this document entitled "Incorporating + Refer to the section in this document entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information. - 4.3.11 Archive extra data record: + 4.3.11 Archive extra data record: archive extra data signature 4 bytes (0x08064b50) extra field length 4 bytes @@ -442,18 +442,18 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.3.11.1 The Archive Extra Data Record is introduced in version 6.2 of the ZIP format specification. This record MAY be used in support - of the Central Directory Encryption Feature implemented as part of + of the Central Directory Encryption Feature implemented as part of the Strong Encryption Specification as described in this document. - When present, this record MUST immediately precede the central - directory data structure. + When present, this record MUST immediately precede the central + directory data structure. - 4.3.11.2 The size of this data record SHALL be included in the - Size of the Central Directory field in the End of Central - Directory record. If the central directory structure is compressed, - but not encrypted, the location of the start of this data record is - determined using the Start of Central Directory field in the Zip64 - End of Central Directory record. Refer to the section in this document - entitled "Incorporating PKWARE Proprietary Technology into Your + 4.3.11.2 The size of this data record SHALL be included in the + Size of the Central Directory field in the End of Central + Directory record. If the central directory structure is compressed, + but not encrypted, the location of the start of this data record is + determined using the Start of Central Directory field in the Zip64 + End of Central Directory record. Refer to the section in this document + entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information. 4.3.12 Central directory structure: @@ -461,9 +461,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. [central directory header 1] . . - . + . [central directory header n] - [digital signature] + [digital signature] File header: @@ -495,26 +495,26 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. size of data 2 bytes signature data (variable size) - With the introduction of the Central Directory Encryption - feature in version 6.2 of this specification, the Central - Directory Structure MAY be stored both compressed and encrypted. + With the introduction of the Central Directory Encryption + feature in version 6.2 of this specification, the Central + Directory Structure MAY be stored both compressed and encrypted. Although not required, it is assumed when encrypting the Central Directory Structure, that it will be compressed for greater storage efficiency. Information on the Central Directory Encryption feature can be found in the section - describing the Strong Encryption Specification. The Digital + describing the Strong Encryption Specification. The Digital Signature record will be neither compressed nor encrypted. 4.3.14 Zip64 end of central directory record - zip64 end of central dir + zip64 end of central dir signature 4 bytes (0x06064b50) size of zip64 end of central directory record 8 bytes version made by 2 bytes version needed to extract 2 bytes number of this disk 4 bytes - number of the disk with the + number of the disk with the start of the central directory 4 bytes total number of entries in the central directory on this disk 8 bytes @@ -529,24 +529,24 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.3.14.1 The value stored into the "size of zip64 end of central directory record" should be the size of the remaining record and should not include the leading 12 bytes. - + Size = SizeOfFixedFields + SizeOfVariableData - 12. - 4.3.14.2 The above record structure defines Version 1 of the - zip64 end of central directory record. Version 1 was - implemented in versions of this specification preceding - 6.2 in support of the ZIP64 large file feature. The - introduction of the Central Directory Encryption feature - implemented in version 6.2 as part of the Strong Encryption - Specification defines Version 2 of this record structure. - Refer to the section describing the Strong Encryption - Specification for details on the version 2 format for - this record. Refer to the section in this document entitled + 4.3.14.2 The above record structure defines Version 1 of the + zip64 end of central directory record. Version 1 was + implemented in versions of this specification preceding + 6.2 in support of the ZIP64 large file feature. The + introduction of the Central Directory Encryption feature + implemented in version 6.2 as part of the Strong Encryption + Specification defines Version 2 of this record structure. + Refer to the section describing the Strong Encryption + Specification for details on the version 2 format for + this record. Refer to the section in this document entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information applicable to use of Version 2 of this record. - 4.3.14.3 Special purpose data MAY reside in the zip64 extensible + 4.3.14.3 Special purpose data MAY reside in the zip64 extensible data sector field following either a V1 or V2 version of this record. To ensure identification of this special purpose data it must include an identifying header block consisting of the @@ -555,28 +555,28 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Header ID - 2 bytes Data Size - 4 bytes - The Header ID field indicates the type of data that is in the + The Header ID field indicates the type of data that is in the data block that follows. Data Size identifies the number of bytes that follow for this data block type. - 4.3.14.4 Multiple special purpose data blocks MAY be present. + 4.3.14.4 Multiple special purpose data blocks MAY be present. Each MUST be preceded by a Header ID and Data Size field. Current mappings of Header ID values supported in this field are as defined in APPENDIX C. 4.3.15 Zip64 end of central directory locator - zip64 end of central dir locator + zip64 end of central dir locator signature 4 bytes (0x07064b50) number of the disk with the - start of the zip64 end of + start of the zip64 end of central directory 4 bytes relative offset of the zip64 end of central directory record 8 bytes total number of disks 4 bytes - + 4.3.16 End of central directory record: end of central dir signature 4 bytes (0x06054b50) @@ -593,40 +593,40 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. the starting disk number 4 bytes .ZIP file comment length 2 bytes .ZIP file comment (variable size) - + 4.4 Explanation of fields -------------------------- - + 4.4.1 General notes on fields 4.4.1.1 All fields unless otherwise noted are unsigned and stored in Intel low-byte:high-byte, low-word:high-word order. - 4.4.1.2 String fields are not null terminated, since the length + 4.4.1.2 String fields are not null terminated, since the length is given explicitly. 4.4.1.3 The entries in the central directory may not necessarily be in the same order that files appear in the .ZIP file. 4.4.1.4 If one of the fields in the end of central directory - record is too small to hold required data, the field should be - set to -1 (0xFFFF or 0xFFFFFFFF) and the ZIP64 format record + record is too small to hold required data, the field should be + set to -1 (0xFFFF or 0xFFFFFFFF) and the ZIP64 format record should be created. - 4.4.1.5 The end of central directory record and the Zip64 end - of central directory locator record MUST reside on the same + 4.4.1.5 The end of central directory record and the Zip64 end + of central directory locator record MUST reside on the same disk when splitting or spanning an archive. 4.4.2 version made by (2 bytes) 4.4.2.1 The upper byte indicates the compatibility of the file - attribute information. If the external file attributes - are compatible with MS-DOS and can be read by PKZIP for - DOS version 2.04g then this value will be zero. If these - attributes are not compatible, then this value will - identify the host system on which the attributes are + attribute information. If the external file attributes + are compatible with MS-DOS and can be read by PKZIP for + DOS version 2.04g then this value will be zero. If these + attributes are not compatible, then this value will + identify the host system on which the attributes are compatible. Software can use this information to determine - the line record format for text files etc. + the line record format for text files etc. 4.4.2.2 The current mappings are: @@ -642,22 +642,22 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 17 - Tandem 18 - OS/400 19 - OS X (Darwin) 20 thru 255 - unused - 4.4.2.3 The lower byte indicates the ZIP specification version - (the version of this document) supported by the software - used to encode the file. The value/10 indicates the major - version number, and the value mod 10 is the minor version - number. + 4.4.2.3 The lower byte indicates the ZIP specification version + (the version of this document) supported by the software + used to encode the file. The value/10 indicates the major + version number, and the value mod 10 is the minor version + number. 4.4.3 version needed to extract (2 bytes) - 4.4.3.1 The minimum supported ZIP specification version needed - to extract the file, mapped as above. This value is based on - the specific format features a ZIP program MUST support to + 4.4.3.1 The minimum supported ZIP specification version needed + to extract the file, mapped as above. This value is based on + the specific format features a ZIP program MUST support to be able to extract the file. If multiple features are - applied to a file, the minimum version MUST be set to the - feature having the highest value. New features or feature - changes affecting the published format specification will be - implemented using higher version numbers than the last + applied to a file, the minimum version MUST be set to the + feature having the highest value. New features or feature + changes affecting the published format specification will be + implemented using higher version numbers than the last published value to avoid conflict. 4.4.3.2 Current minimum feature versions are as defined below: @@ -668,8 +668,8 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 2.0 - File is compressed using Deflate compression 2.0 - File is encrypted using traditional PKWARE encryption 2.1 - File is compressed using Deflate64(tm) - 2.5 - File is compressed using PKWARE DCL Implode - 2.7 - File is a patch data set + 2.5 - File is compressed using PKWARE DCL Implode + 2.7 - File is a patch data set 4.5 - File uses ZIP64 format extensions 4.6 - File is compressed using BZIP2 compression* 5.0 - File is encrypted using DES @@ -686,7 +686,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 6.3 - File is encrypted using Blowfish 6.3 - File is encrypted using Twofish - 4.4.3.3 Notes on version needed to extract + 4.4.3.3 Notes on version needed to extract * Early 7.x (pre-7.2) versions of PKZIP incorrectly set the version needed to extract for BZIP2 compression to be 50 @@ -702,14 +702,14 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. versions of PKZIP older than 6.1 (5.0 or 6.0). + Files compressed using PPMd MUST set the version - needed to extract field to 6.3, however, not all ZIP - programs enforce this and may be unable to decompress + needed to extract field to 6.3, however, not all ZIP + programs enforce this and may be unable to decompress data files compressed using PPMd if this value is set. When using ZIP64 extensions, the corresponding value in the - zip64 end of central directory record MUST also be set. - This field should be set appropriately to indicate whether - Version 1 or Version 2 format is in use. + zip64 end of central directory record MUST also be set. + This field should be set appropriately to indicate whether + Version 1 or Version 2 format is in use. 4.4.4 general purpose bit flag: (2 bytes) @@ -747,30 +747,30 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Note: Bits 1 and 2 are undefined if the compression method is any other. - Bit 3: If this bit is set, the fields crc-32, compressed - size and uncompressed size are set to zero in the - local header. The correct values are put in the + Bit 3: If this bit is set, the fields crc-32, compressed + size and uncompressed size are set to zero in the + local header. The correct values are put in the data descriptor immediately following the compressed - data. (Note: PKZIP version 2.04g for DOS only - recognizes this bit for method 8 compression, newer - versions of PKZIP recognize this bit for any + data. (Note: PKZIP version 2.04g for DOS only + recognizes this bit for method 8 compression, newer + versions of PKZIP recognize this bit for any compression method.) Bit 4: Reserved for use with method 8, for enhanced - deflating. + deflating. - Bit 5: If this bit is set, this indicates that the file is - compressed patched data. (Note: Requires PKZIP + Bit 5: If this bit is set, this indicates that the file is + compressed patched data. (Note: Requires PKZIP version 2.70 or greater) Bit 6: Strong encryption. If this bit is set, you MUST set the version needed to extract value to at least 50 and you MUST also set bit 0. If AES encryption - is used, the version needed to extract value MUST + is used, the version needed to extract value MUST be at least 51. See the section describing the Strong - Encryption Specification for details. Refer to the - section in this document entitled "Incorporating PKWARE - Proprietary Technology into Your Product" for more + Encryption Specification for details. Refer to the + section in this document entitled "Incorporating PKWARE + Proprietary Technology into Your Product" for more information. Bit 7: Currently unused. @@ -787,12 +787,12 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Bit 12: Reserved by PKWARE for enhanced compression. - Bit 13: Set when encrypting the Central Directory to indicate + Bit 13: Set when encrypting the Central Directory to indicate selected data values in the Local Header are masked to - hide their actual values. See the section describing + hide their actual values. See the section describing the Strong Encryption Specification for details. Refer - to the section in this document entitled "Incorporating - PKWARE Proprietary Technology into Your Product" for + to the section in this document entitled "Incorporating + PKWARE Proprietary Technology into Your Product" for more information. Bit 14: Reserved by PKWARE. @@ -829,10 +829,10 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. The date and time are encoded in standard MS-DOS format. If input came from standard input, the date and time are - those at which compression was started for this data. - If encrypting the central directory and general purpose bit - flag 13 is set indicating masking, the value stored in the - Local Header will be zero. + those at which compression was started for this data. + If encrypting the central directory and general purpose bit + flag 13 is set indicating masking, the value stored in the + Local Header will be zero. 4.4.7 CRC-32: (4 bytes) @@ -849,27 +849,27 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. field is set to zero in the local header and the correct value is put in the data descriptor and in the central directory. When encrypting the central directory, if the - local header is not in ZIP64 format and general purpose - bit flag 13 is set indicating masking, the value stored - in the Local Header will be zero. + local header is not in ZIP64 format and general purpose + bit flag 13 is set indicating masking, the value stored + in the Local Header will be zero. 4.4.8 compressed size: (4 bytes) 4.4.9 uncompressed size: (4 bytes) The size of the file compressed (4.4.8) and uncompressed, - (4.4.9) respectively. When a decryption header is present it + (4.4.9) respectively. When a decryption header is present it will be placed in front of the file data and the value of the compressed file size will include the bytes of the decryption - header. If bit 3 of the general purpose bit flag is set, - these fields are set to zero in the local header and the + header. If bit 3 of the general purpose bit flag is set, + these fields are set to zero in the local header and the correct values are put in the data descriptor and in the central directory. If an archive is in ZIP64 format and the value in this field is 0xFFFFFFFF, the size will be - in the corresponding 8 byte ZIP64 extended information + in the corresponding 8 byte ZIP64 extended information extra field. When encrypting the central directory, if the - local header is not in ZIP64 format and general purpose bit - flag 13 is set indicating masking, the value stored for the - uncompressed size in the Local Header will be zero. + local header is not in ZIP64 format and general purpose bit + flag 13 is set indicating masking, the value stored for the + uncompressed size in the Local Header will be zero. 4.4.10 file name length: (2 bytes) 4.4.11 extra field length: (2 bytes) @@ -879,32 +879,32 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. fields respectively. The combined length of any directory record and these three fields should not generally exceed 65,535 bytes. If input came from standard - input, the file name length is set to zero. + input, the file name length is set to zero. 4.4.13 disk number start: (2 bytes) - The number of the disk on which this file begins. If an - archive is in ZIP64 format and the value in this field is - 0xFFFF, the size will be in the corresponding 4 byte zip64 + The number of the disk on which this file begins. If an + archive is in ZIP64 format and the value in this field is + 0xFFFF, the size will be in the corresponding 4 byte zip64 extended information extra field. 4.4.14 internal file attributes: (2 bytes) Bits 1 and 2 are reserved for use by PKWARE. - 4.4.14.1 The lowest bit of this field indicates, if set, + 4.4.14.1 The lowest bit of this field indicates, if set, that the file is apparently an ASCII or text file. If not set, that the file apparently contains binary data. The remaining bits are unused in version 1.0. - 4.4.14.2 The 0x0002 bit of this field indicates, if set, that - a 4 byte variable record length control field precedes each - logical record indicating the length of the record. The + 4.4.14.2 The 0x0002 bit of this field indicates, if set, that + a 4 byte variable record length control field precedes each + logical record indicating the length of the record. The record length control field is stored in little-endian byte - order. This flag is independent of text control characters, - and if used in conjunction with text data, includes any - control characters in the total length of the record. This + order. This flag is independent of text control characters, + and if used in conjunction with text data, includes any + control characters in the total length of the record. This value is provided for mainframe data transfer support. 4.4.15 external file attributes: (4 bytes) @@ -920,7 +920,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. This is the offset from the start of the first disk on which this file appears, to where the local header should be found. If an archive is in ZIP64 format and the value - in this field is 0xFFFFFFFF, the size will be in the + in this field is 0xFFFFFFFF, the size will be in the corresponding 8 byte zip64 extended information extra field. 4.4.17 file name: (Variable) @@ -931,16 +931,16 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. MUST be forward slashes '/' as opposed to backwards slashes '\' for compatibility with Amiga and UNIX file systems etc. If input came from standard - input, there is no file name field. + input, there is no file name field. - 4.4.17.2 If using the Central Directory Encryption Feature and - general purpose bit flag 13 is set indicating masking, the file - name stored in the Local Header will not be the actual file name. - A masking value consisting of a unique hexadecimal value will - be stored. This value will be sequentially incremented for each - file in the archive. See the section on the Strong Encryption - Specification for details on retrieving the encrypted file name. - Refer to the section in this document entitled "Incorporating PKWARE + 4.4.17.2 If using the Central Directory Encryption Feature and + general purpose bit flag 13 is set indicating masking, the file + name stored in the Local Header will not be the actual file name. + A masking value consisting of a unique hexadecimal value will + be stored. This value will be sequentially incremented for each + file in the archive. See the section on the Strong Encryption + Specification for details on retrieving the encrypted file name. + Refer to the section in this document entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information. @@ -952,8 +952,8 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. The number of this disk, which contains central directory end record. If an archive is in ZIP64 format - and the value in this field is 0xFFFF, the size will - be in the corresponding 4 byte zip64 end of central + and the value in this field is 0xFFFF, the size will + be in the corresponding 4 byte zip64 end of central directory field. @@ -962,42 +962,42 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. The number of the disk on which the central directory starts. If an archive is in ZIP64 format - and the value in this field is 0xFFFF, the size will - be in the corresponding 4 byte zip64 end of central + and the value in this field is 0xFFFF, the size will + be in the corresponding 4 byte zip64 end of central directory field. - 4.4.21 total number of entries in the central dir on + 4.4.21 total number of entries in the central dir on this disk: (2 bytes) The number of central directory entries on this disk. - If an archive is in ZIP64 format and the value in - this field is 0xFFFF, the size will be in the - corresponding 8 byte zip64 end of central + If an archive is in ZIP64 format and the value in + this field is 0xFFFF, the size will be in the + corresponding 8 byte zip64 end of central directory field. 4.4.22 total number of entries in the central dir: (2 bytes) - The total number of files in the .ZIP file. If an + The total number of files in the .ZIP file. If an archive is in ZIP64 format and the value in this field - is 0xFFFF, the size will be in the corresponding 8 byte + is 0xFFFF, the size will be in the corresponding 8 byte zip64 end of central directory field. 4.4.23 size of the central directory: (4 bytes) The size (in bytes) of the entire central directory. - If an archive is in ZIP64 format and the value in - this field is 0xFFFFFFFF, the size will be in the - corresponding 8 byte zip64 end of central + If an archive is in ZIP64 format and the value in + this field is 0xFFFFFFFF, the size will be in the + corresponding 8 byte zip64 end of central directory field. 4.4.24 offset of start of central directory with respect to the starting disk number: (4 bytes) Offset of the start of the central directory on the - disk on which the central directory starts. If an - archive is in ZIP64 format and the value in this - field is 0xFFFFFFFF, the size will be in the - corresponding 8 byte zip64 end of central + disk on which the central directory starts. If an + archive is in ZIP64 format and the value in this + field is 0xFFFFFFFF, the size will be in the + corresponding 8 byte zip64 end of central directory field. 4.4.25 .ZIP file comment length: (2 bytes) @@ -1018,12 +1018,12 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.4.28 extra field: (Variable) - This SHOULD be used for storage expansion. If additional - information needs to be stored within a ZIP file for special - application or platform needs, it SHOULD be stored here. - Programs supporting earlier versions of this specification can - then safely skip the file, and find the next file or header. - This field will be 0 length in version 1.0. + This SHOULD be used for storage expansion. If additional + information needs to be stored within a ZIP file for special + application or platform needs, it SHOULD be stored here. + Programs supporting earlier versions of this specification can + then safely skip the file, and find the next file or header. + This field will be 0 length in version 1.0. Existing extra fields are defined in the section Extensible data fields that follows. @@ -1059,33 +1059,33 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 0x0008 Reserved for extended language encoding data (PFS) (see APPENDIX D) 0x0009 OS/2 - 0x000a NTFS + 0x000a NTFS 0x000c OpenVMS 0x000d UNIX 0x000e Reserved for file stream and fork descriptors 0x000f Patch Descriptor 0x0014 PKCS#7 Store for X.509 Certificates - 0x0015 X.509 Certificate ID and Signature for + 0x0015 X.509 Certificate ID and Signature for individual file 0x0016 X.509 Certificate ID for Central Directory 0x0017 Strong Encryption Header 0x0018 Record Management Controls 0x0019 PKCS#7 Encryption Recipient Certificate List - 0x0065 IBM S/390 (Z390), AS/400 (I400) attributes + 0x0065 IBM S/390 (Z390), AS/400 (I400) attributes - uncompressed - 0x0066 Reserved for IBM S/390 (Z390), AS/400 (I400) + 0x0066 Reserved for IBM S/390 (Z390), AS/400 (I400) attributes - compressed - 0x4690 POSZIP 4690 (reserved) + 0x4690 POSZIP 4690 (reserved) 4.5.3 -Zip64 Extended Information Extra Field (0x0001): - The following is the layout of the zip64 extended + The following is the layout of the zip64 extended information "extra" block. If one of the size or offset fields in the Local or Central directory record is too small to hold the required data, a Zip64 extended information record is created. - The order of the fields in the zip64 extended + The order of the fields in the zip64 extended information record is fixed, but the fields MUST only appear if the corresponding Local or Central directory record field is set to 0xFFFF or 0xFFFFFFFF. @@ -1096,7 +1096,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. ----- ---- ----------- (ZIP64) 0x0001 2 bytes Tag for this "extra" block type Size 2 bytes Size of this "extra" block - Original + Original Size 8 bytes Original uncompressed file size Compressed Size 8 bytes Size of compressed data @@ -1104,10 +1104,10 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Offset 8 bytes Offset of local header record Disk Start Number 4 bytes Number of the disk on which - this file starts + this file starts This entry in the Local header MUST include BOTH original - and compressed file size fields. If encrypting the + and compressed file size fields. If encrypting the central directory and bit 13 of the general purpose bit flag is set indicating masking, the value stored in the Local Header for the original file size will be zero. @@ -1115,7 +1115,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.5.4 -OS/2 Extra Field (0x0009): - The following is the layout of the OS/2 attributes "extra" + The following is the layout of the OS/2 attributes "extra" block. (Last Revision 09/05/95) Note: all fields stored in Intel low-byte/high-byte order. @@ -1129,16 +1129,16 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. EACRC 4 bytes CRC value for uncompress block (var) variable Compressed block - The OS/2 extended attribute structure (FEA2LIST) is - compressed and then stored in its entirety within this - structure. There will only ever be one "block" of data in + The OS/2 extended attribute structure (FEA2LIST) is + compressed and then stored in its entirety within this + structure. There will only ever be one "block" of data in VarFields[]. 4.5.5 -NTFS Extra Field (0x000a): - The following is the layout of the NTFS attributes + The following is the layout of the NTFS attributes "extra" block. (Note: At this time the Mtime, Atime - and Ctime values MAY be used on any WIN32 system.) + and Ctime values MAY be used on any WIN32 system.) Note: all fields stored in Intel low-byte/high-byte order. @@ -1162,7 +1162,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Tag Size Description ----- ---- ----------- - 0x0001 2 bytes Tag for attribute #1 + 0x0001 2 bytes Tag for attribute #1 Size1 2 bytes Size of attribute #1, in bytes Mtime 8 bytes File last modification time Atime 8 bytes File last access time @@ -1170,7 +1170,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.5.6 -OpenVMS Extra Field (0x000c): - The following is the layout of the OpenVMS attributes + The following is the layout of the OpenVMS attributes "extra" block. Note: all fields stored in Intel low-byte/high-byte order. @@ -1192,23 +1192,23 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. OpenVMS Extra Field Rules: - 4.5.6.1. There will be one or more attributes present, which - will each be preceded by the above TagX & SizeX values. - These values are identical to the ATR$C_XXXX and ATR$S_XXXX - constants which are defined in ATR.H under OpenVMS C. Neither + 4.5.6.1. There will be one or more attributes present, which + will each be preceded by the above TagX & SizeX values. + These values are identical to the ATR$C_XXXX and ATR$S_XXXX + constants which are defined in ATR.H under OpenVMS C. Neither of these values will ever be zero. 4.5.6.2. No word alignment or padding is performed. 4.5.6.3. A well-behaved PKZIP/OpenVMS program should never produce - more than one sub-block with the same TagX value. Also, there will - never be more than one "extra" block of type 0x000c in a particular + more than one sub-block with the same TagX value. Also, there will + never be more than one "extra" block of type 0x000c in a particular directory record. 4.5.7 -UNIX Extra Field (0x000d): The following is the layout of the UNIX "extra" block. - Note: all fields are stored in Intel low-byte/high-byte + Note: all fields are stored in Intel low-byte/high-byte order. Value Size Description @@ -1221,9 +1221,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Gid 2 bytes File group ID (var) variable Variable length data field - The variable length data field will contain file type + The variable length data field will contain file type specific data. Currently the only values allowed are - the original "linked to" file names for hard or symbolic + the original "linked to" file names for hard or symbolic links, and the major and minor device node numbers for character and block device nodes. Since device nodes cannot be either symbolic or hard links, only one set of @@ -1234,10 +1234,10 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. byte entries (in little endian format). The first entry will be the major device number, and the second the minor device number. - + 4.5.8 -PATCH Descriptor Extra Field (0x000f): - 4.5.8.1 The following is the layout of the Patch Descriptor + 4.5.8.1 The following is the layout of the Patch Descriptor "extra" block. Note: all fields stored in Intel low-byte/high-byte order. @@ -1247,11 +1247,11 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. (Patch) 0x000f 2 bytes Tag for this "extra" block type TSize 2 bytes Size of the total "extra" block Version 2 bytes Version of the descriptor - Flags 4 bytes Actions and reactions (see below) - OldSize 4 bytes Size of the file about to be patched - OldCRC 4 bytes 32-bit CRC of the file to be patched - NewSize 4 bytes Size of the resulting file - NewCRC 4 bytes 32-bit CRC of the resulting file + Flags 4 bytes Actions and reactions (see below) + OldSize 4 bytes Size of the file about to be patched + OldCRC 4 bytes 32-bit CRC of the file to be patched + NewSize 4 bytes Size of the resulting file + NewCRC 4 bytes 32-bit CRC of the resulting file 4.5.8.2 Actions and reactions @@ -1262,7 +1262,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 2-3 RESERVED 4-5 Action (see below) 6-7 RESERVED - 8-9 Reaction (see below) to absent file + 8-9 Reaction (see below) to absent file 10-11 Reaction (see below) to newer file 12-13 Reaction (see below) to unknown file 14-15 RESERVED @@ -1271,14 +1271,14 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.5.8.2.1 Actions Action Value - ------ ----- + ------ ----- none 0 add 1 delete 2 patch 3 4.5.8.2.2 Reactions - + Reaction Value -------- ----- ask 0 @@ -1286,25 +1286,25 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. ignore 2 fail 3 - 4.5.8.3 Patch support is provided by PKPatchMaker(tm) technology - and is covered under U.S. Patents and Patents Pending. The use or + 4.5.8.3 Patch support is provided by PKPatchMaker(tm) technology + and is covered under U.S. Patents and Patents Pending. The use or implementation in a product of certain technological aspects set - forth in the current APPNOTE, including those with regard to - strong encryption or patching requires a license from PKWARE. - Refer to the section in this document entitled "Incorporating - PKWARE Proprietary Technology into Your Product" for more - information. + forth in the current APPNOTE, including those with regard to + strong encryption or patching requires a license from PKWARE. + Refer to the section in this document entitled "Incorporating + PKWARE Proprietary Technology into Your Product" for more + information. 4.5.9 -PKCS#7 Store for X.509 Certificates (0x0014): - This field MUST contain information about each of the certificates - files may be signed with. When the Central Directory Encryption - feature is enabled for a ZIP file, this record will appear in - the Archive Extra Data Record, otherwise it will appear in the - first central directory record and will be ignored in any - other record. + This field MUST contain information about each of the certificates + files may be signed with. When the Central Directory Encryption + feature is enabled for a ZIP file, this record will appear in + the Archive Extra Data Record, otherwise it will appear in the + first central directory record and will be ignored in any + other record. + - Note: all fields stored in Intel low-byte/high-byte order. Value Size Description @@ -1316,9 +1316,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.5.10 -X.509 Certificate ID and Signature for individual file (0x0015): - This field contains the information about which certificate in - the PKCS#7 store was used to sign a particular file. It also - contains the signature data. This field can appear multiple + This field contains the information about which certificate in + the PKCS#7 store was used to sign a particular file. It also + contains the signature data. This field can appear multiple times, but can only appear once per certificate. Note: all fields stored in Intel low-byte/high-byte order. @@ -1331,10 +1331,10 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.5.11 -X.509 Certificate ID and Signature for central directory (0x0016): - This field contains the information about which certificate in + This field contains the information about which certificate in the PKCS#7 store was used to sign the central directory structure. - When the Central Directory Encryption feature is enabled for a - ZIP file, this record will appear in the Archive Extra Data Record, + When the Central Directory Encryption feature is enabled for a + ZIP file, this record will appear in the Archive Extra Data Record, otherwise it will appear in the first central directory record. Note: all fields stored in Intel low-byte/high-byte order. @@ -1357,13 +1357,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Flags 2 bytes Processing flags CertData TSize-8 Certificate decryption extra field data (refer to the explanation for CertData - in the section describing the - Certificate Processing Method under + in the section describing the + Certificate Processing Method under the Strong Encryption Specification) - See the section describing the Strong Encryption Specification - for details. Refer to the section in this document entitled - "Incorporating PKWARE Proprietary Technology into Your Product" + See the section describing the Strong Encryption Specification + for details. Refer to the section in this document entitled + "Incorporating PKWARE Proprietary Technology into Your Product" for more information. 4.5.13 -Record Management Controls (0x0018): @@ -1383,14 +1383,14 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. DataN SizeN Attribute N data - 4.5.14 -PKCS#7 Encryption Recipient Certificate List (0x0019): + 4.5.14 -PKCS#7 Encryption Recipient Certificate List (0x0019): This field MAY contain information about each of the certificates used in encryption processing and it can be used to identify who is - allowed to decrypt encrypted files. This field should only appear - in the archive extra data record. This field is not required and - serves only to aid archive modifications by preserving public - encryption key data. Individual security requirements may dictate + allowed to decrypt encrypted files. This field should only appear + in the archive extra data record. This field is not required and + serves only to aid archive modifications by preserving public + encryption key data. Individual security requirements may dictate that this data be omitted to deter information exposure. Note: all fields stored in Intel low-byte/high-byte order. @@ -1408,9 +1408,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Version 2 bytes Format version number - must 0x0001 at this time CStore (var) PKCS#7 data blob - See the section describing the Strong Encryption Specification - for details. Refer to the section in this document entitled - "Incorporating PKWARE Proprietary Technology into Your Product" + See the section describing the Strong Encryption Specification + for details. Refer to the section in this document entitled + "Incorporating PKWARE Proprietary Technology into Your Product" for more information. 4.5.15 -MVS Extra Field (0x0065): @@ -1444,7 +1444,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.6 Third Party Mappings ------------------------ - + 4.6.1 Third party mappings commonly used are: 0x07c8 Macintosh @@ -1452,7 +1452,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 0x2705 ZipIt Macintosh 1.3.5+ 0x2805 ZipIt Macintosh 1.3.5+ 0x334d Info-ZIP Macintosh - 0x4341 Acorn/SparkFS + 0x4341 Acorn/SparkFS 0x4453 Windows NT security descriptor (binary ACL) 0x4704 VM/CMS 0x470f MVS @@ -1472,14 +1472,14 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 0xa220 Microsoft Open Packaging Growth Hint 0xfd4a SMS/QDOS - Detailed descriptions of Extra Fields defined by third + Detailed descriptions of Extra Fields defined by third party mappings will be documented as information on - these data structures is made available to PKWARE. + these data structures is made available to PKWARE. PKWARE does not guarantee the accuracy of any published third party data. 4.6.2 Third-party Extra Fields must include a Header ID using - the format defined in the section of this document + the format defined in the section of this document titled Extensible Data Fields (section 4.5). The Data Size field indicates the size of the following @@ -1499,15 +1499,15 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. unique signature is present, in addition to the Header ID value being correct, before assuming that it is a block of known type. - + Third-party Mappings: - + 4.6.4 -ZipIt Macintosh Extra Field (long) (0x2605): - The following is the layout of the ZipIt extra block - for Macintosh. The local-header and central-header versions - are identical. This block must be present if the file is - stored MacBinary-encoded and it should not be used if the file + The following is the layout of the ZipIt extra block + for Macintosh. The local-header and central-header versions + are identical. This block must be present if the file is + stored MacBinary-encoded and it should not be used if the file is not stored MacBinary-encoded. Value Size Description @@ -1545,7 +1545,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. The following is the layout of a shortened variant of the ZipIt extra block for Macintosh used only for directory - entries. This variant is used by ZipIt 1.3.5 and newer to + entries. This variant is used by ZipIt 1.3.5 and newer to save some optional Mac-specific information about directories. The local-header and central-header versions are identical. @@ -1622,9 +1622,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. The ComCRC32 is the standard zip CRC32 checksum of the File Comment field in the central directory header. This is used to verify that the comment field has not changed since the Unicode Comment extra field - was created. This can happen if a utility changes the File Comment - field but does not update the UTF-8 Comment extra field. If the CRC - check fails, this Unicode Comment extra field should be ignored and + was created. This can happen if a utility changes the File Comment + field but does not update the UTF-8 Comment extra field. If the CRC + check fails, this Unicode Comment extra field should be ignored and the File Comment field in the header should be used instead. The UnicodeCom field is the UTF-8 version of the File Comment field @@ -1683,7 +1683,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. expected that the same file name storage method, either general purpose bit 11 or extra fields, be used in both the Local and Central Directory Header for a file. - + 4.6.10 -Microsoft Open Packaging Growth Hint (0xa220): @@ -1698,20 +1698,20 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 4.7 Manifest Files ------------------ - 4.7.1 Applications using ZIP files may have a need for additional + 4.7.1 Applications using ZIP files may have a need for additional information that must be included with the files placed into a ZIP file. Application specific information that cannot be - stored using the defined ZIP storage records SHOULD be stored - using the extensible Extra Field convention defined in this + stored using the defined ZIP storage records SHOULD be stored + using the extensible Extra Field convention defined in this document. However, some applications may use a manifest file as a means for storing additional information. One example is the META-INF/MANIFEST.MF file used in ZIP formatted - files having the .JAR extension (JAR files). + files having the .JAR extension (JAR files). 4.7.2 A manifest file is a file created for the application process - that requires this information. A manifest file MAY be of any - file type required by the defining application process. It is - placed within the same ZIP file as files to which this information + that requires this information. A manifest file MAY be of any + file type required by the defining application process. It is + placed within the same ZIP file as files to which this information applies. By convention, this file is typically the first file placed into the ZIP file and it may include a defined directory path. @@ -1729,11 +1729,11 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. -------------------------- 5.1.1 Shrinking is a Dynamic Ziv-Lempel-Welch compression algorithm - with partial clearing. The initial code size is 9 bits, and the - maximum code size is 13 bits. Shrinking differs from conventional + with partial clearing. The initial code size is 9 bits, and the + maximum code size is 13 bits. Shrinking differs from conventional Dynamic Ziv-Lempel-Welch implementations in several respects: - 5.1.2 The code size is controlled by the compressor, and is + 5.1.2 The code size is controlled by the compressor, and is not automatically increased when codes larger than the current code size are created (but not necessarily used). When the decompressor encounters the code sequence 256 @@ -1864,7 +1864,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 5.3 Imploding - Method 6 ------------------------ - 5.3.1 The Imploding algorithm is actually a combination of two + 5.3.1 The Imploding algorithm is actually a combination of two distinct algorithms. The first algorithm compresses repeated byte sequences using a sliding dictionary. The second algorithm is used to compress the encoding of the sliding dictionary output, @@ -1875,9 +1875,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. general purpose flag word; a 0 bit indicates a 4K dictionary while a 1 bit indicates an 8K dictionary. - 5.3.3 The Shannon-Fano trees are stored at the start of the - compressed file. The number of trees stored is defined by bit 2 in - the general purpose flag word; a 0 bit indicates two trees stored, + 5.3.3 The Shannon-Fano trees are stored at the start of the + compressed file. The number of trees stored is defined by bit 2 in + the general purpose flag word; a 0 bit indicates two trees stored, a 1 bit indicates three trees are stored. If 3 trees are stored, the first Shannon-Fano tree represents the encoding of the Literal characters, the second tree represents the encoding of @@ -1892,7 +1892,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Match Length for the sliding dictionary is 3. If this tree is not present, the Minimum Match Length is 2. - 5.3.5 The Length Shannon-Fano tree is used to compress the Length + 5.3.5 The Length Shannon-Fano tree is used to compress the Length part of the (length,distance) pairs from the sliding dictionary output. The Length tree contains 64 values, ranging from the Minimum Match Length, to 63 plus the Minimum Match Length. @@ -1960,7 +1960,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. This would generate the original bit length array of: (3, 3, 3, 3, 3, 2, 4, 4) - There are 8 codes in this table for the values 0 thru 7. Using + There are 8 codes in this table for the values 0 thru 7. Using the algorithm to obtain the Shannon-Fano codes produces: Reversed Order Original @@ -2042,9 +2042,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. compressed block in the data. Bits 1-2: Block type 00 (0) - Block is stored - All stored data is byte aligned. - Skip bits until next byte, then next word = block + Skip bits until next byte, then next word = block length, followed by the ones compliment of the block - length word. Remaining data in block is the stored + length word. Remaining data in block is the stored data. 01 (1) - Use fixed Huffman codes for literal and distance codes. @@ -2055,7 +2055,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 256 - 279 7 280 - 287 8 - Literal codes 286-287 and distance codes 30-31 are + Literal codes 286-287 and distance codes 30-31 are never used but participate in the huffman construction. 10 (2) - Dynamic Huffman codes. (See expanding Huffman codes) @@ -2063,7 +2063,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 11 (3) - Reserved - Flag a "Error in compressed data" if seen. 5.5.3 Expanding Huffman Codes - + If the data block is stored with dynamic Huffman codes, the Huffman codes are sent in the following compressed format: @@ -2093,7 +2093,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. except codes are assigned starting at the shortest bit length, i.e. the shortest code should be all 0's rather than all 1's. Also, codes with a bit length of zero do not participate in the tree construction. The - codes are then used to decode the bit lengths for the literal and + codes are then used to decode the bit lengths for the literal and distance tables. The bit lengths for the literal tables are sent first with the number @@ -2168,41 +2168,41 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 5.6 Enhanced Deflating - Method 9 --------------------------------- - 5.6.1 The Enhanced Deflating algorithm is similar to Deflate but uses + 5.6.1 The Enhanced Deflating algorithm is similar to Deflate but uses a sliding dictionary of up to 64K. Deflate64(tm) is supported - by the Deflate extractor. + by the Deflate extractor. 5.7 BZIP2 - Method 12 --------------------- - 5.7.1 BZIP2 is an open-source data compression algorithm developed by + 5.7.1 BZIP2 is an open-source data compression algorithm developed by Julian Seward. Information and source code for this algorithm can be found on the internet. -5.8 LZMA - Method 14 +5.8 LZMA - Method 14 --------------------- - 5.8.1 LZMA is a block-oriented, general purpose data compression - algorithm developed and maintained by Igor Pavlov. It is a derivative - of LZ77 that utilizes Markov chains and a range coder. Information and - source code for this algorithm can be found on the internet. Consult - with the author of this algorithm for information on terms or + 5.8.1 LZMA is a block-oriented, general purpose data compression + algorithm developed and maintained by Igor Pavlov. It is a derivative + of LZ77 that utilizes Markov chains and a range coder. Information and + source code for this algorithm can be found on the internet. Consult + with the author of this algorithm for information on terms or restrictions on use. - Support for LZMA within the ZIP format is defined as follows: + Support for LZMA within the ZIP format is defined as follows: - 5.8.2 The Compression method field within the ZIP Local and Central + 5.8.2 The Compression method field within the ZIP Local and Central Header records will be set to the value 14 to indicate data was - compressed using LZMA. + compressed using LZMA. - 5.8.3 The Version needed to extract field within the ZIP Local and - Central Header records will be set to 6.3 to indicate the minimum + 5.8.3 The Version needed to extract field within the ZIP Local and + Central Header records will be set to 6.3 to indicate the minimum ZIP format version supporting this feature. - 5.8.4 File data compressed using the LZMA algorithm must be placed - immediately following the Local Header for the file. If a standard - ZIP encryption header is required, it will follow the Local Header - and will precede the LZMA compressed file data segment. The location + 5.8.4 File data compressed using the LZMA algorithm must be placed + immediately following the Local Header for the file. If a standard + ZIP encryption header is required, it will follow the Local Header + and will precede the LZMA compressed file data segment. The location of LZMA compressed data segment within the ZIP format will be as shown: [local header file 1] @@ -2212,60 +2212,60 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. [local header file 2] 5.8.5 The encryption header and data descriptor records may - be conditionally present. The LZMA Compressed Data Segment - will consist of an LZMA Properties Header followed by the + be conditionally present. The LZMA Compressed Data Segment + will consist of an LZMA Properties Header followed by the LZMA Compressed Data as shown: [LZMA properties header for file 1] [LZMA compressed data for file 1] - 5.8.6 The LZMA Compressed Data will be stored as provided by the - LZMA compression library. Compressed size, uncompressed size and - other file characteristics about the file being compressed must be + 5.8.6 The LZMA Compressed Data will be stored as provided by the + LZMA compression library. Compressed size, uncompressed size and + other file characteristics about the file being compressed must be stored in standard ZIP storage format. - 5.8.7 The LZMA Properties Header will store specific data required - to decompress the LZMA compressed Data. This data is set by the - LZMA compression engine using the function WriteCoderProperties() - as documented within the LZMA SDK. - - 5.8.8 Storage fields for the property information within the LZMA + 5.8.7 The LZMA Properties Header will store specific data required + to decompress the LZMA compressed Data. This data is set by the + LZMA compression engine using the function WriteCoderProperties() + as documented within the LZMA SDK. + + 5.8.8 Storage fields for the property information within the LZMA Properties Header are as follows: LZMA Version Information 2 bytes LZMA Properties Size 2 bytes LZMA Properties Data variable, defined by "LZMA Properties Size" - 5.8.8.1 LZMA Version Information - this field identifies which version - of the LZMA SDK was used to compress a file. The first byte will - store the major version number of the LZMA SDK and the second - byte will store the minor number. + 5.8.8.1 LZMA Version Information - this field identifies which version + of the LZMA SDK was used to compress a file. The first byte will + store the major version number of the LZMA SDK and the second + byte will store the minor number. - 5.8.8.2 LZMA Properties Size - this field defines the size of the - remaining property data. Typically this size should be determined by + 5.8.8.2 LZMA Properties Size - this field defines the size of the + remaining property data. Typically this size should be determined by the version of the SDK. This size field is included as a convenience and to help avoid any ambiguity should it arise in the future due - to changes in this compression algorithm. + to changes in this compression algorithm. - 5.8.8.3 LZMA Property Data - this variable sized field records the - required values for the decompressor as defined by the LZMA SDK. - The data stored in this field should be obtained using the - WriteCoderProperties() in the version of the SDK defined by - the "LZMA Version Information" field. + 5.8.8.3 LZMA Property Data - this variable sized field records the + required values for the decompressor as defined by the LZMA SDK. + The data stored in this field should be obtained using the + WriteCoderProperties() in the version of the SDK defined by + the "LZMA Version Information" field. - 5.8.8.4 The layout of the "LZMA Properties Data" field is a function of + 5.8.8.4 The layout of the "LZMA Properties Data" field is a function of the LZMA compression algorithm. It is possible that this layout may be - changed by the author over time. The data layout in version 4.3 of the - LZMA SDK defines a 5 byte array that uses 4 bytes to store the dictionary - size in little-endian order. This is preceded by a single packed byte as + changed by the author over time. The data layout in version 4.3 of the + LZMA SDK defines a 5 byte array that uses 4 bytes to store the dictionary + size in little-endian order. This is preceded by a single packed byte as the first element of the array that contains the following fields: PosStateBits LiteralPosStateBits LiteralContextBits - Refer to the LZMA documentation for a more detailed explanation of - these fields. + Refer to the LZMA documentation for a more detailed explanation of + these fields. 5.8.9 Data compressed with method 14, LZMA, may include an end-of-stream (EOS) marker ending the compressed data stream. This marker is not @@ -2277,30 +2277,30 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 5.9 WavPack - Method 97 ----------------------- - 5.9.1 Information describing the use of compression method 97 is + 5.9.1 Information describing the use of compression method 97 is provided by WinZIP International, LLC. This method relies on the - open source WavPack audio compression utility developed by David Bryant. - Information on WavPack is available at www.wavpack.com. Please consult - with the author of this algorithm for information on terms and + open source WavPack audio compression utility developed by David Bryant. + Information on WavPack is available at www.wavpack.com. Please consult + with the author of this algorithm for information on terms and restrictions on use. 5.9.2 WavPack data for a file begins immediately after the end of the local header data. This data is the output from WavPack compression routines. Within the ZIP file, the use of WavPack compression is - indicated by setting the compression method field to a value of 97 - in both the local header and the central directory header. The Version - needed to extract and version made by fields use the same values as are + indicated by setting the compression method field to a value of 97 + in both the local header and the central directory header. The Version + needed to extract and version made by fields use the same values as are used for data compressed using the Deflate algorithm. - 5.9.3 An implementation note for storing digital sample data when using + 5.9.3 An implementation note for storing digital sample data when using WavPack compression within ZIP files is that all of the bytes of the sample data should be compressed. This includes any unused bits up to the byte boundary. An example is a 2 byte sample that uses only 12 bits for the sample data with 4 unused bits. If only - 12 bits are passed as the sample size to the WavPack routines, the 4 - unused bits will be set to 0 on extraction regardless of their original + 12 bits are passed as the sample size to the WavPack routines, the 4 + unused bits will be set to 0 on extraction regardless of their original state. To avoid this, the full 16 bits of the sample data size - should be provided. + should be provided. 5.10 PPMd - Method 98 --------------------- @@ -2312,7 +2312,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. can be found on the internet. Consult with the author of this algorithm for information on terms or restrictions on use. - 5.10.2 Support for PPMd within the ZIP format currently is provided only + 5.10.2 Support for PPMd within the ZIP format currently is provided only for version I, revision 1 of the algorithm. Storage requirements for using this algorithm are as follows: @@ -2337,8 +2337,8 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. illustrated below. These values are stored in Intel low-byte/high-byte order. - wPPMd = (Model order - 1) + - ((Sub-allocator size - 1) << 4) + + wPPMd = (Model order - 1) + + ((Sub-allocator size - 1) << 4) + (Model restoration method << 12) @@ -2349,21 +2349,21 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. required to support traditional PKWARE encryption. This form of encryption is considered weak by today's standards and its use is recommended only for situations with - low security needs or for compatibility with older .ZIP + low security needs or for compatibility with older .ZIP applications. 6.1 Traditional PKWARE Decryption --------------------------------- - 6.1.1 PKWARE is grateful to Mr. Roger Schlafly for his expert - contribution towards the development of PKWARE's traditional + 6.1.1 PKWARE is grateful to Mr. Roger Schlafly for his expert + contribution towards the development of PKWARE's traditional encryption. - 6.1.2 PKZIP encrypts the compressed data stream. Encrypted files + 6.1.2 PKZIP encrypts the compressed data stream. Encrypted files must be decrypted before they can be extracted to their original form. - 6.1.3 Each encrypted file has an extra 12 bytes stored at the start + 6.1.3 Each encrypted file has an extra 12 bytes stored at the start of the data area defining the encryption header for that file. The encryption header is originally set to random values, and then itself encrypted, using three, 32-bit keys. The key values are @@ -2381,7 +2381,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. encryption keys. 6.1.5 Initializing the encryption keys - + Key(0) <- 305419896 Key(1) <- 591751049 Key(2) <- 878082192 @@ -2404,7 +2404,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. algorithm described elsewhere in this document. 6.1.6 Decrypting the encryption header - + The purpose of this step is to further initialize the encryption keys, based on random data, to render a plaintext attack on the data ineffective. @@ -2434,7 +2434,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. supplied is correct or not. 6.1.7 Decrypting the compressed data stream - + The compressed data stream can be decrypted as follows: loop until done @@ -2448,131 +2448,131 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.0 Strong Encryption Specification ----------------------------------- - 7.0.1 Portions of the Strong Encryption technology defined in this + 7.0.1 Portions of the Strong Encryption technology defined in this specification are covered under patents and pending patent applications. - Refer to the section in this document entitled "Incorporating + Refer to the section in this document entitled "Incorporating PKWARE Proprietary Technology into Your Product" for more information. 7.1 Strong Encryption Overview ------------------------------ - 7.1.1 Version 5.x of this specification introduced support for strong - encryption algorithms. These algorithms can be used with either - a password or an X.509v3 digital certificate to encrypt each file. - This format specification supports either password or certificate - based encryption to meet the security needs of today, to enable - interoperability between users within both PKI and non-PKI - environments, and to ensure interoperability between different - computing platforms that are running a ZIP program. + 7.1.1 Version 5.x of this specification introduced support for strong + encryption algorithms. These algorithms can be used with either + a password or an X.509v3 digital certificate to encrypt each file. + This format specification supports either password or certificate + based encryption to meet the security needs of today, to enable + interoperability between users within both PKI and non-PKI + environments, and to ensure interoperability between different + computing platforms that are running a ZIP program. - 7.1.2 Password based encryption is the most common form of encryption - people are familiar with. However, inherent weaknesses with - passwords (e.g. susceptibility to dictionary/brute force attack) - as well as password management and support issues make certificate - based encryption a more secure and scalable option. Industry - efforts and support are defining and moving towards more advanced - security solutions built around X.509v3 digital certificates and - Public Key Infrastructures(PKI) because of the greater scalability, - administrative options, and more robust security over traditional - password based encryption. + 7.1.2 Password based encryption is the most common form of encryption + people are familiar with. However, inherent weaknesses with + passwords (e.g. susceptibility to dictionary/brute force attack) + as well as password management and support issues make certificate + based encryption a more secure and scalable option. Industry + efforts and support are defining and moving towards more advanced + security solutions built around X.509v3 digital certificates and + Public Key Infrastructures(PKI) because of the greater scalability, + administrative options, and more robust security over traditional + password based encryption. 7.1.3 Most standard encryption algorithms are supported with this - specification. Reference implementations for many of these - algorithms are available from either commercial or open source + specification. Reference implementations for many of these + algorithms are available from either commercial or open source distributors. Readily available cryptographic toolkits make - implementation of the encryption features straight-forward. - This document is not intended to provide a treatise on data - encryption principles or theory. Its purpose is to document the - data structures required for implementing interoperable data - encryption within the .ZIP format. It is strongly recommended that - you have a good understanding of data encryption before reading + implementation of the encryption features straight-forward. + This document is not intended to provide a treatise on data + encryption principles or theory. Its purpose is to document the + data structures required for implementing interoperable data + encryption within the .ZIP format. It is strongly recommended that + you have a good understanding of data encryption before reading further. - 7.1.4 The algorithms introduced in Version 5.0 of this specification + 7.1.4 The algorithms introduced in Version 5.0 of this specification include: RC2 40 bit, 64 bit, and 128 bit RC4 40 bit, 64 bit, and 128 bit DES 3DES 112 bit and 168 bit - + Version 5.1 adds support for the following: AES 128 bit, 192 bit, and 256 bit - 7.1.5 Version 6.1 introduces encryption data changes to support - interoperability with Smartcard and USB Token certificate storage + 7.1.5 Version 6.1 introduces encryption data changes to support + interoperability with Smartcard and USB Token certificate storage methods which do not support the OAEP strengthening standard. - 7.1.6 Version 6.2 introduces support for encrypting metadata by compressing - and encrypting the central directory data structure to reduce information - leakage. Information leakage can occur in legacy ZIP applications - through exposure of information about a file even though that file is - stored encrypted. The information exposed consists of file - characteristics stored within the records and fields defined by this - specification. This includes data such as a file's name, its original - size, timestamp and CRC32 value. + 7.1.6 Version 6.2 introduces support for encrypting metadata by compressing + and encrypting the central directory data structure to reduce information + leakage. Information leakage can occur in legacy ZIP applications + through exposure of information about a file even though that file is + stored encrypted. The information exposed consists of file + characteristics stored within the records and fields defined by this + specification. This includes data such as a file's name, its original + size, timestamp and CRC32 value. 7.1.7 Version 6.3 introduces support for encrypting data using the Blowfish - and Twofish algorithms. These are symmetric block ciphers developed - by Bruce Schneier. Blowfish supports using a variable length key from + and Twofish algorithms. These are symmetric block ciphers developed + by Bruce Schneier. Blowfish supports using a variable length key from 32 to 448 bits. Block size is 64 bits. Implementations should use 16 - rounds and the only mode supported within ZIP files is CBC. Twofish - supports key sizes 128, 192 and 256 bits. Block size is 128 bits. + rounds and the only mode supported within ZIP files is CBC. Twofish + supports key sizes 128, 192 and 256 bits. Block size is 128 bits. Implementations should use 16 rounds and the only mode supported within - ZIP files is CBC. Information and source code for both Blowfish and + ZIP files is CBC. Information and source code for both Blowfish and Twofish algorithms can be found on the internet. Consult with the author of these algorithms for information on terms or restrictions on use. - 7.1.8 Central Directory Encryption provides greater protection against - information leakage by encrypting the Central Directory structure and - by masking key values that are replicated in the unencrypted Local - Header. ZIP compatible programs that cannot interpret an encrypted - Central Directory structure cannot rely on the data in the corresponding - Local Header for decompression information. + 7.1.8 Central Directory Encryption provides greater protection against + information leakage by encrypting the Central Directory structure and + by masking key values that are replicated in the unencrypted Local + Header. ZIP compatible programs that cannot interpret an encrypted + Central Directory structure cannot rely on the data in the corresponding + Local Header for decompression information. - 7.1.9 Extra Field records that may contain information about a file that should - not be exposed should not be stored in the Local Header and should only - be written to the Central Directory where they can be encrypted. This - design currently does not support streaming. Information in the End of - Central Directory record, the Zip64 End of Central Directory Locator, - and the Zip64 End of Central Directory records are not encrypted. Access + 7.1.9 Extra Field records that may contain information about a file that should + not be exposed should not be stored in the Local Header and should only + be written to the Central Directory where they can be encrypted. This + design currently does not support streaming. Information in the End of + Central Directory record, the Zip64 End of Central Directory Locator, + and the Zip64 End of Central Directory records are not encrypted. Access to view data on files within a ZIP file with an encrypted Central Directory - requires the appropriate password or private key for decryption prior to - viewing any files, or any information about the files, in the archive. + requires the appropriate password or private key for decryption prior to + viewing any files, or any information about the files, in the archive. - 7.1.10 Older ZIP compatible programs not familiar with the Central Directory - Encryption feature will no longer be able to recognize the Central - Directory and may assume the ZIP file is corrupt. Programs that - attempt streaming access using Local Headers will see invalid - information for each file. Central Directory Encryption need not be - used for every ZIP file. Its use is recommended for greater security. - ZIP files not using Central Directory Encryption should operate as - in the past. + 7.1.10 Older ZIP compatible programs not familiar with the Central Directory + Encryption feature will no longer be able to recognize the Central + Directory and may assume the ZIP file is corrupt. Programs that + attempt streaming access using Local Headers will see invalid + information for each file. Central Directory Encryption need not be + used for every ZIP file. Its use is recommended for greater security. + ZIP files not using Central Directory Encryption should operate as + in the past. - 7.1.11 This strong encryption feature specification is intended to provide for + 7.1.11 This strong encryption feature specification is intended to provide for scalable, cross-platform encryption needs ranging from simple password - encryption to authenticated public/private key encryption. + encryption to authenticated public/private key encryption. - 7.1.12 Encryption provides data confidentiality and privacy. It is - recommended that you combine X.509 digital signing with encryption + 7.1.12 Encryption provides data confidentiality and privacy. It is + recommended that you combine X.509 digital signing with encryption to add authentication and non-repudiation. 7.2 Single Password Symmetric Encryption Method ----------------------------------------------- - 7.2.1 The Single Password Symmetric Encryption Method using strong - encryption algorithms operates similarly to the traditional - PKWARE encryption defined in this format. Additional data - structures are added to support the processing needs of the + 7.2.1 The Single Password Symmetric Encryption Method using strong + encryption algorithms operates similarly to the traditional + PKWARE encryption defined in this format. Additional data + structures are added to support the processing needs of the strong algorithms. The Strong Encryption data structures are: - 7.2.2 General Purpose Bits - Bits 0 and 6 of the General Purpose bit - flag in both local and central header records. Both bits set + 7.2.2 General Purpose Bits - Bits 0 and 6 of the General Purpose bit + flag in both local and central header records. Both bits set indicates strong encryption. Bit 13, when set indicates the Central Directory is encrypted and that selected fields in the Local Header are masked to hide their actual value. @@ -2592,9 +2592,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 0x6602 - RC2 (version needed to extract < 5.2) 0x6603 - 3DES 168 0x6609 - 3DES 112 - 0x660E - AES 128 - 0x660F - AES 192 - 0x6610 - AES 256 + 0x660E - AES 128 + 0x660F - AES 192 + 0x6610 - AES 256 0x6702 - RC2 (version needed to extract >= 5.2) 0x6720 - Blowfish 0x6721 - Twofish @@ -2604,7 +2604,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.2.3.3 Bitlen - Explicit bit length of key 32 - 448 bits - + 7.2.3.4 Flags - Processing flags needed for decryption 0x0001 - Password is required to decrypt @@ -2652,9 +2652,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 0x6602 - RC2 (version needed to extract < 5.2) 0x6603 - 3DES 168 0x6609 - 3DES 112 - 0x660E - AES 128 - 0x660F - AES 192 - 0x6610 - AES 256 + 0x660E - AES 128 + 0x660F - AES 192 + 0x6610 - AES 256 0x6702 - RC2 (version needed to extract >= 5.2) 0x6720 - Blowfish 0x6721 - Twofish @@ -2664,7 +2664,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.2.4.4 Bitlen - Explicit bit length of key 32 - 448 bits - + 7.2.4.5 Flags - Processing flags needed for decryption 0x0001 - Password is required to decrypt @@ -2674,12 +2674,12 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Values > 0x0003 reserved for certificate processing 7.2.4.6 ErdData - Encrypted random data is used to store random data that - is used to generate a file session key for encrypting - each file. SHA1 is used to calculate hash data used to - derive keys. File session keys are derived from a master + is used to generate a file session key for encrypting + each file. SHA1 is used to calculate hash data used to + derive keys. File session keys are derived from a master session key generated from the user-supplied password. - If the Flags field in the decryption header contains - the value 0x4000, then the ErdData field must be + If the Flags field in the decryption header contains + the value 0x4000, then the ErdData field must be decrypted using 3DES. If the value 0x4000 is not set, then the ErdData field must be decrypted using AlgId. @@ -2689,8 +2689,8 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. under the Certificate Processing Method for details on this data structure. - 7.2.4.8 Reserved2 - If present, the size of the Reserved2 data structure - is located by skipping the first 4 bytes of this field + 7.2.4.8 Reserved2 - If present, the size of the Reserved2 data structure + is located by skipping the first 4 bytes of this field and using the next 2 bytes as the remaining size. See the explanation under the Certificate Processing Method for details on this data structure. @@ -2700,7 +2700,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.2.4.10 VData - Random data for password validation. This data is VSize in length and VSize must be a multiple of the encryption - block size. VCRC32 is a checksum value of VData. + block size. VCRC32 is a checksum value of VData. VData and VCRC32 are stored encrypted and start the stream of encrypted data for a file. @@ -2708,11 +2708,11 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.2.5 Useful Tips 7.2.5.1 Strong Encryption is always applied to a file after compression. The - block oriented algorithms all operate in Cypher Block Chaining (CBC) + block oriented algorithms all operate in Cypher Block Chaining (CBC) mode. The block size used for AES encryption is 16. All other block - algorithms use a block size of 8. Two IDs are defined for RC2 to + algorithms use a block size of 8. Two IDs are defined for RC2 to account for a discrepancy found in the implementation of the RC2 - algorithm in the cryptographic library on Windows XP SP1 and all + algorithm in the cryptographic library on Windows XP SP1 and all earlier versions of Windows. It is recommended that zero length files not be encrypted, however programs should be prepared to extract them if they are found within a ZIP file. @@ -2720,14 +2720,14 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.2.5.2 A pseudo-code representation of the encryption process is as follows: Password = GetUserPassword() - MasterSessionKey = DeriveKey(SHA1(Password)) - RD = CryptographicStrengthRandomData() + MasterSessionKey = DeriveKey(SHA1(Password)) + RD = CryptographicStrengthRandomData() For Each File - IV = CryptographicStrengthRandomData() + IV = CryptographicStrengthRandomData() VData = CryptographicStrengthRandomData() VCRC32 = CRC32(VData) - FileSessionKey = DeriveKey(SHA1(IV + RD) - ErdData = Encrypt(RD,MasterSessionKey,IV) + FileSessionKey = DeriveKey(SHA1(IV + RD) + ErdData = Encrypt(RD,MasterSessionKey,IV) Encrypt(VData + VCRC32 + FileData, FileSessionKey,IV) Done @@ -2735,30 +2735,30 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. the choice of the cryptographic toolkit selected. Almost any toolkit supporting the reference implementations for each algorithm can be used. The RSA BSAFE(r), OpenSSL, and Microsoft - CryptoAPI libraries are all known to work well. + CryptoAPI libraries are all known to work well. 7.3 Single Password - Central Directory Encryption -------------------------------------------------- - - 7.3.1 Central Directory Encryption is achieved within the .ZIP format by - encrypting the Central Directory structure. This encapsulates the metadata - most often used for processing .ZIP files. Additional metadata is stored for - redundancy in the Local Header for each file. The process of concealing - metadata by encrypting the Central Directory does not protect the data within - the Local Header. To avoid information leakage from the exposed metadata - in the Local Header, the fields containing information about a file are masked. + + 7.3.1 Central Directory Encryption is achieved within the .ZIP format by + encrypting the Central Directory structure. This encapsulates the metadata + most often used for processing .ZIP files. Additional metadata is stored for + redundancy in the Local Header for each file. The process of concealing + metadata by encrypting the Central Directory does not protect the data within + the Local Header. To avoid information leakage from the exposed metadata + in the Local Header, the fields containing information about a file are masked. 7.3.2 Local Header - Masking replaces the true content of the fields for a file in the Local - Header with false information. When masked, the Local Header is not + Masking replaces the true content of the fields for a file in the Local + Header with false information. When masked, the Local Header is not suitable for streaming access and the options for data recovery of damaged archives is reduced. Extra Data fields that may contain confidential data should not be stored within the Local Header. The value set into the Version needed to extract field should be the correct value needed to - extract the file without regard to Central Directory Encryption. The fields - within the Local Header targeted for masking when the Central Directory is + extract the file without regard to Central Directory Encryption. The fields + within the Local Header targeted for masking when the Central Directory is encrypted are: Field Name Mask Value @@ -2776,17 +2776,17 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. file name length field The Base 16 value assigned as a masked file name is simply a sequentially - incremented value for each file starting with 1 for the first file. - Modifications to a ZIP file may cause different values to be stored for - each file. For compatibility, the file name field in the Local Header - should never be left blank. As of Version 6.2 of this specification, + incremented value for each file starting with 1 for the first file. + Modifications to a ZIP file may cause different values to be stored for + each file. For compatibility, the file name field in the Local Header + should never be left blank. As of Version 6.2 of this specification, the Compression Method and Compressed Size fields are not yet masked. Fields having a value of 0xFFFF or 0xFFFFFFFF for the ZIP64 format - should not be masked. + should not be masked. 7.3.3 Encrypting the Central Directory - Encryption of the Central Directory does not include encryption of the + Encryption of the Central Directory does not include encryption of the Central Directory Signature data, the Zip64 End of Central Directory record, the Zip64 End of Central Directory Locator, or the End of Central Directory record. The ZIP file comment data is never @@ -2794,14 +2794,14 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Before encrypting the Central Directory, it may optionally be compressed. Compression is not required, but for storage efficiency it is assumed - this structure will be compressed before encrypting. Similarly, this + this structure will be compressed before encrypting. Similarly, this specification supports compressing the Central Directory without requiring that it also be encrypted. Early implementations of this - feature will assume the encryption method applied to files matches the + feature will assume the encryption method applied to files matches the encryption applied to the Central Directory. Encryption of the Central Directory is done in a manner similar to - that of file encryption. The encrypted data is preceded by a + that of file encryption. The encrypted data is preceded by a decryption header. The decryption header is known as the Archive Decryption Header. The fields of this record are identical to the decryption header preceding each encrypted file. The location @@ -2815,11 +2815,11 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Version 2 format. The Version 2 format is as follows: The leading fixed size fields within the Version 1 format for this - record remain unchanged. The record signature for both Version 1 + record remain unchanged. The record signature for both Version 1 and Version 2 will be 0x06064b50. Immediately following the last - byte of the field known as the Offset of Start of Central - Directory With Respect to the Starting Disk Number will begin the - new fields defining Version 2 of this record. + byte of the field known as the Offset of Start of Central + Directory With Respect to the Starting Disk Number will begin the + new fields defining Version 2 of this record. 7.3.4 New fields for Version 2 @@ -2838,7 +2838,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Hash Length 2 bytes Length of hash data Hash Data (variable) Hash data - The Compression Method accepts the same range of values as the + The Compression Method accepts the same range of values as the corresponding field in the Central Header. The Compressed Size and Original Size values will not include the @@ -2846,11 +2846,11 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. encrypted. The AlgId, BitLen, and Flags fields accept the same range of values - the corresponding fields within the 0x0017 record. + the corresponding fields within the 0x0017 record. - Hash ID identifies the algorithm used to hash the Central Directory + Hash ID identifies the algorithm used to hash the Central Directory data. This data does not have to be hashed, in which case the - values for both the HashID and Hash Length will be 0. Possible + values for both the HashID and Hash Length will be 0. Possible values for HashID are: Value Algorithm @@ -2866,8 +2866,8 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.3.5 When the Central Directory data is signed, the same hash algorithm used to hash the Central Directory for signing should be used. - This is recommended for processing efficiency, however, it is - permissible for any of the above algorithms to be used independent + This is recommended for processing efficiency, however, it is + permissible for any of the above algorithms to be used independent of the signing process. The Hash Data will contain the hash data for the Central Directory. @@ -2893,13 +2893,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.4 Certificate Processing Method --------------------------------- - The Certificate Processing Method for ZIP file encryption + The Certificate Processing Method for ZIP file encryption defines the following additional data fields: 7.4.1 Certificate Flag Values - Additional processing flags that can be present in the Flags field of both - the 0x0017 field of the central directory Extra Field and the Decryption + Additional processing flags that can be present in the Flags field of both + the 0x0017 field of the central directory Extra Field and the Decryption header record preceding compressed file data are: 0x0007 - reserved for future use @@ -2922,13 +2922,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Value Size Description ----- ---- ----------- - RCount 4 bytes Number of recipients. + RCount 4 bytes Number of recipients. HashAlg 2 bytes Hash algorithm identifier HSize 2 bytes Hash size SRList (var) Simple list of recipients hashed public keys - - RCount This defines the number intended recipients whose + + RCount This defines the number intended recipients whose public keys were used for encryption. This identifies the number of elements in the SRList. @@ -2941,9 +2941,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. HSize This defines the size of a hashed public key. - SRList This is a variable length list of the hashed - public keys for each intended recipient. Each - element in this list is HSize. The total size of + SRList This is a variable length list of the hashed + public keys for each intended recipient. Each + element in this list is HSize. The total size of SRList is determined using RCount * HSize. @@ -2951,9 +2951,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. Value Size Description ----- ---- ----------- - RCount 4 bytes Number of recipients. - - RCount This defines the number intended recipients whose + RCount 4 bytes Number of recipients. + + RCount This defines the number intended recipients whose public keys were used for encryption. This defines the number of elements in the REList field defined below. @@ -2978,7 +2978,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. HSize This defines the size of a hashed public key defined in REHData. - REList This is a variable length of list of recipient data. + REList This is a variable length of list of recipient data. Each element in this list consists of a Recipient Element data structure as follows: @@ -2992,7 +2992,7 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. REKData (var) Simple key blob - RESize This defines the size of an individual REList + RESize This defines the size of an individual REList element. This value is the combined size of the REHData field + REKData field. REHData is defined by HSize. REKData is variable and can be calculated @@ -3009,17 +3009,17 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.5 Certificate Processing - Central Directory Encryption --------------------------------------------------------- - - 7.5.1 Central Directory Encryption using Digital Certificates will + + 7.5.1 Central Directory Encryption using Digital Certificates will operate in a manner similar to that of Single Password Central - Directory Encryption. This record will only be present when there + Directory Encryption. This record will only be present when there is data to place into it. Currently, data is placed into this - record when digital certificates are used for either encrypting - or signing the files within a ZIP file. When only password - encryption is used with no certificate encryption or digital - signing, this record is not currently needed. When present, this - record will appear before the start of the actual Central Directory - data structure and will be located immediately after the Archive + record when digital certificates are used for either encrypting + or signing the files within a ZIP file. When only password + encryption is used with no certificate encryption or digital + signing, this record is not currently needed. When present, this + record will appear before the start of the actual Central Directory + data structure and will be located immediately after the Archive Decryption Header if the Central Directory is encrypted. 7.5.2 The Archive Extra Data record will be used to store the following @@ -3031,13 +3031,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 0x0016 - X.509 Certificate ID and Signature for central directory 0x0019 - PKCS#7 Encryption Recipient Certificate List - The 0x0014 and 0x0016 Extra Data records that otherwise would be - located in the first record of the Central Directory for digital - certificate processing. When encrypting or compressing the Central - Directory, the 0x0014 and 0x0016 records must be located in the - Archive Extra Data record and they should not remain in the first - Central Directory record. The Archive Extra Data record will also - be used to store the 0x0019 data. + The 0x0014 and 0x0016 Extra Data records that otherwise would be + located in the first record of the Central Directory for digital + certificate processing. When encrypting or compressing the Central + Directory, the 0x0014 and 0x0016 records must be located in the + Archive Extra Data record and they should not remain in the first + Central Directory record. The Archive Extra Data record will also + be used to store the 0x0019 data. 7.5.3 When present, the size of the Archive Extra Data record will be included in the size of the Central Directory. The data of the @@ -3067,22 +3067,22 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 7.7.1 OAEP stands for Optimal Asymmetric Encryption Padding. It is a strengthening technique used for small encoded items such as decryption keys. This is commonly applied in cryptographic key-wrapping techniques - and is supported by PKCS #1. Versions 5.0 and 6.0 of this specification - were designed to support OAEP key-wrapping for certificate-based - decryption keys for additional security. + and is supported by PKCS #1. Versions 5.0 and 6.0 of this specification + were designed to support OAEP key-wrapping for certificate-based + decryption keys for additional security. 7.7.2 Support for private keys stored on Smartcards or Tokens introduced - a conflict with this OAEP logic. Most card and token products do - not support the additional strengthening applied to OAEP key-wrapped - data. In order to resolve this conflict, versions 6.1 and above of this - specification will no longer support OAEP when encrypting using - digital certificates. + a conflict with this OAEP logic. Most card and token products do + not support the additional strengthening applied to OAEP key-wrapped + data. In order to resolve this conflict, versions 6.1 and above of this + specification will no longer support OAEP when encrypting using + digital certificates. - 7.7.3 Versions of PKZIP available during initial development of the - certificate processing method set a value of 61 into the - version needed to extract field for a file. This indicates that - non-OAEP key wrapping is used. This affects certificate encryption - only, and password encryption functions should not be affected by + 7.7.3 Versions of PKZIP available during initial development of the + certificate processing method set a value of 61 into the + version needed to extract field for a file. This indicates that + non-OAEP key wrapping is used. This affects certificate encryption + only, and password encryption functions should not be affected by this value. This means values of 61 may be found on files encrypted with certificates only, or on files encrypted with both password encryption and certificate encryption. Files encrypted with both @@ -3093,13 +3093,13 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 8.1 Spanned ZIP files - 8.1.1 Spanning is the process of segmenting a ZIP file across - multiple removable media. This support has typically only - been provided for DOS formatted floppy diskettes. + 8.1.1 Spanning is the process of segmenting a ZIP file across + multiple removable media. This support has typically only + been provided for DOS formatted floppy diskettes. 8.2 Split ZIP files - 8.2.1 File splitting is a newer derivation of spanning. + 8.2.1 File splitting is a newer derivation of spanning. Splitting follows the same segmentation process as spanning, however, it does not require writing each segment to a unique removable medium and instead supports @@ -3109,21 +3109,21 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 8.3 File Naming Differences 8.3.1 A key difference between spanned and split ZIP files is - that all pieces of a spanned ZIP file have the same name. - Since each piece is written to a separate volume, no name - collisions occur and each segment can reuse the original + that all pieces of a spanned ZIP file have the same name. + Since each piece is written to a separate volume, no name + collisions occur and each segment can reuse the original .ZIP file name given to the archive. - 8.3.2 Sequence ordering for DOS spanned archives uses the DOS + 8.3.2 Sequence ordering for DOS spanned archives uses the DOS volume label to determine segment numbers. Volume labels - for each segment are written using the form PKBACK#xxx, - where xxx is the segment number written as a decimal + for each segment are written using the form PKBACK#xxx, + where xxx is the segment number written as a decimal value from 001 - nnn. 8.3.3 Split ZIP files are typically written to the same location and are subject to name collisions if the spanned name - format is used since each segment will reside on the same - drive. To avoid name collisions, split archives are named + format is used since each segment will reside on the same + drive. To avoid name collisions, split archives are named as follows. Segment 1 = filename.z01 @@ -3133,9 +3133,9 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 8.3.4 The .ZIP extension is used on the last segment to support quickly reading the central directory. The segment number n should be a decimal value. - + 8.4 Spanned Self-extracting ZIP Files - + 8.4.1 Spanned ZIP files may be PKSFX Self-extracting ZIP files. PKSFX files may also be split, however, in this case the first segment must be named filename.exe. The first @@ -3143,19 +3143,19 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. include the entire executable program. 8.5 Capacities and Markers - + 8.5.1 Capacities for split archives are as follows: Maximum number of segments = 4,294,967,295 - 1 Maximum .ZIP segment size = 4,294,967,295 bytes Minimum segment size = 64K Maximum PKSFX segment size = 2,147,483,647 bytes - - 8.5.2 Segment sizes may be different however by convention, all - segment sizes should be the same with the exception of the - last, which may be smaller. Local and central directory - header records must never be split across a segment boundary. - When writing a header record, if the number of bytes remaining + + 8.5.2 Segment sizes may be different however by convention, all + segment sizes should be the same with the exception of the + last, which may be smaller. Local and central directory + header records must never be split across a segment boundary. + When writing a header record, if the number of bytes remaining within a segment is less than the size of the header record, end the current segment and write the header at the start of the next segment. The central directory may span segment @@ -3164,66 +3164,66 @@ Copyright (c) 1989 - 2014 PKWARE Inc., All Rights Reserved. 8.5.3 Spanned/Split archives created using PKZIP for Windows (V2.50 or greater), PKZIP Command Line (V2.50 or greater), - or PKZIP Explorer will include a special spanning + or PKZIP Explorer will include a special spanning signature as the first 4 bytes of the first segment of - the archive. This signature (0x08074b50) will be + the archive. This signature (0x08074b50) will be followed immediately by the local header signature for - the first file in the archive. + the first file in the archive. - 8.5.4 A special spanning marker may also appear in spanned/split - archives if the spanning or splitting process starts but - only requires one segment. In this case the 0x08074b50 - signature will be replaced with the temporary spanning + 8.5.4 A special spanning marker may also appear in spanned/split + archives if the spanning or splitting process starts but + only requires one segment. In this case the 0x08074b50 + signature will be replaced with the temporary spanning marker signature of 0x30304b50. Split archives can only be uncompressed by other versions of PKZIP that know how to create a split archive. 8.5.5 The signature value 0x08074b50 is also used by some - ZIP implementations as a marker for the Data Descriptor + ZIP implementations as a marker for the Data Descriptor record. Conflict in this alternate assignment can be avoided by ensuring the position of the signature within the ZIP file to determine the use for which it - is intended. + is intended. 9.0 Change Process ------------------ 9.1 In order for the .ZIP file format to remain a viable technology, this specification should be considered as open for periodic review and - revision. Although this format was originally designed with a + revision. Although this format was originally designed with a certain level of extensibility, not all changes in technology (present or future) were or will be necessarily considered in its - design. + design. 9.2 If your application requires new definitions to the - extensible sections in this format, or if you would like to - submit new data structures or new capabilities, please forward - your request to zipformat@pkware.com. All submissions will be - reviewed by the ZIP File Specification Committee for possible - inclusion into future versions of this specification. + extensible sections in this format, or if you would like to + submit new data structures or new capabilities, please forward + your request to zipformat@pkware.com. All submissions will be + reviewed by the ZIP File Specification Committee for possible + inclusion into future versions of this specification. 9.3 Periodic revisions to this specification will be published as - DRAFT or as FINAL status to ensure interoperability. We encourage + DRAFT or as FINAL status to ensure interoperability. We encourage comments and feedback that may help improve clarity or content. 10.0 Incorporating PKWARE Proprietary Technology into Your Product ------------------------------------------------------------------ - 10.1 The Use or Implementation in a product of APPNOTE technological - components pertaining to either strong encryption or patching requires - a separate, executed license agreement from PKWARE. Please contact - PKWARE at zipformat@pkware.com or +1-414-289-9788 with regard to + 10.1 The Use or Implementation in a product of APPNOTE technological + components pertaining to either strong encryption or patching requires + a separate, executed license agreement from PKWARE. Please contact + PKWARE at zipformat@pkware.com or +1-414-289-9788 with regard to acquiring such a license. - 10.2 Additional information regarding PKWARE proprietray technology is + 10.2 Additional information regarding PKWARE proprietray technology is available at https://www.pkware.com/appnote. 11.0 Acknowledgements --------------------- In addition to the above mentioned contributors to PKZIP and PKUNZIP, - PKWARE would like to extend special thanks to Robert Mahoney for + PKWARE would like to extend special thanks to Robert Mahoney for suggesting the extension .ZIP for this software. 12.0 References @@ -3272,7 +3272,7 @@ A.1 Field Definition Structure: A.2 Field Code Description 4001 Source type i.e. CLP etc - 4002 The text description of the library + 4002 The text description of the library 4003 The text description of the file 4004 The text description of the member 4005 x'F0' or 0 is PF-DTA, x'F1' or 1 is PF_SRC @@ -3297,23 +3297,23 @@ B.1 Field Definition Structure: B.2 Field Code Description - 0001 File Type 2 bytes + 0001 File Type 2 bytes 0002 NonVSAM Record Format 1 byte - 0003 Reserved + 0003 Reserved 0004 NonVSAM Block Size 2 bytes Big Endian 0005 Primary Space Allocation 3 bytes Big Endian 0006 Secondary Space Allocation 3 bytes Big Endian - 0007 Space Allocation Type1 byte flag + 0007 Space Allocation Type1 byte flag 0008 Modification Date Retired with PKZIP 5.0 + 0009 Expiration Date Retired with PKZIP 5.0 + 000A PDS Directory Block Allocation 3 bytes Big Endian binary value - 000B NonVSAM Volume List variable + 000B NonVSAM Volume List variable 000C UNIT Reference Retired with PKZIP 5.0 + 000D DF/SMS Management Class 8 bytes EBCDIC Text Value 000E DF/SMS Storage Class 8 bytes EBCDIC Text Value 000F DF/SMS Data Class 8 bytes EBCDIC Text Value - 0010 PDS/PDSE Member Info. 30 bytes - 0011 VSAM sub-filetype 2 bytes + 0010 PDS/PDSE Member Info. 30 bytes + 0011 VSAM sub-filetype 2 bytes 0012 VSAM LRECL 13 bytes EBCDIC "(num_avg num_max)" 0013 VSAM Cluster Name Retired with PKZIP 5.0 + 0014 VSAM KSDS Key Information 13 bytes EBCDIC "(num_length num_position)" @@ -3330,25 +3330,25 @@ B.2 Field Code Description 001F VSAM Data Volume List variable EBCDIC text list of 6-character Volume IDs 0020 VSAM Data Buffer Space 8 bytes EBCDIC num_value left-justified 0021 VSAM Data CISIZE 5 bytes EBCDIC num_value left-justified - 0022 VSAM Erase Flag 1 byte flag + 0022 VSAM Erase Flag 1 byte flag 0023 VSAM Free CI % 3 bytes EBCDIC num_value left-justified 0024 VSAM Free CA % 3 bytes EBCDIC num_value left-justified 0025 VSAM Index Volume List variable EBCDIC text list of 6-character Volume IDs - 0026 VSAM Ordered Flag 1 byte flag - 0027 VSAM REUSE Flag 1 byte flag - 0028 VSAM SPANNED Flag 1 byte flag - 0029 VSAM Recovery Flag 1 byte flag - 002A VSAM WRITECHK Flag 1 byte flag - 002B VSAM Cluster/Data SHROPTS 3 bytes EBCDIC "n,y" - 002C VSAM Index SHROPTS 3 bytes EBCDIC "n,y" + 0026 VSAM Ordered Flag 1 byte flag + 0027 VSAM REUSE Flag 1 byte flag + 0028 VSAM SPANNED Flag 1 byte flag + 0029 VSAM Recovery Flag 1 byte flag + 002A VSAM WRITECHK Flag 1 byte flag + 002B VSAM Cluster/Data SHROPTS 3 bytes EBCDIC "n,y" + 002C VSAM Index SHROPTS 3 bytes EBCDIC "n,y" 002D VSAM Index Space Type 9 bytes EBCDIC text string 002E VSAM Index Space Primary 9 bytes EBCDIC num_value left-justified 002F VSAM Index Space Secondary 9 bytes EBCDIC num_value left-justified 0030 VSAM Index CISIZE 5 bytes EBCDIC num_value left-justified - 0031 VSAM Index IMBED 1 byte flag - 0032 VSAM Index Ordered Flag 1 byte flag - 0033 VSAM REPLICATE Flag 1 byte flag - 0034 VSAM Index REUSE Flag 1 byte flag + 0031 VSAM Index IMBED 1 byte flag + 0032 VSAM Index Ordered Flag 1 byte flag + 0033 VSAM REPLICATE Flag 1 byte flag + 0034 VSAM Index REUSE Flag 1 byte flag 0035 VSAM Index WRITECHK Flag 1 byte flag Retired with PKZIP 5.0 + 0036 VSAM Owner 8 bytes EBCDIC text string 0037 VSAM Index Owner 8 bytes EBCDIC text string @@ -3405,15 +3405,15 @@ B.2 Field Code Description 0073 Archive 1st Volume 6 bytes EBCDIC 0074 Archive 1st VOL File Seq# 2 bytes Binary -APPENDIX C - Zip64 Extensible Data Sector Mappings +APPENDIX C - Zip64 Extensible Data Sector Mappings --------------------------------------------------- -Z390 Extra Field: - The following is the general layout of the attributes for the - ZIP 64 "extra" block for extended tape operations. + The following is the general layout of the attributes for the + ZIP 64 "extra" block for extended tape operations. - Note: some fields stored in Big Endian format. All text is + Note: some fields stored in Big Endian format. All text is in EBCDIC format unless otherwise specified. Value Size Description @@ -3432,66 +3432,66 @@ APPENDIX C - Zip64 Extensible Data Sector Mappings FirstVol 1 byte Volume Length74 2 bytes Big Endian Subcode74 2 bytes FirstVol file sequence - FileSeq 2 bytes Sequence + FileSeq 2 bytes Sequence APPENDIX D - Language Encoding (EFS) ------------------------------------ -D.1 The ZIP format has historically supported only the original IBM PC character -encoding set, commonly referred to as IBM Code Page 437. This limits storing -file name characters to only those within the original MS-DOS range of values -and does not properly support file names in other character encodings, or -languages. To address this limitation, this specification will support the -following change. +D.1 The ZIP format has historically supported only the original IBM PC character +encoding set, commonly referred to as IBM Code Page 437. This limits storing +file name characters to only those within the original MS-DOS range of values +and does not properly support file names in other character encodings, or +languages. To address this limitation, this specification will support the +following change. -D.2 If general purpose bit 11 is unset, the file name and comment should conform -to the original ZIP character encoding. If general purpose bit 11 is set, the -filename and comment must support The Unicode Standard, Version 4.1.0 or -greater using the character encoding form defined by the UTF-8 storage +D.2 If general purpose bit 11 is unset, the file name and comment should conform +to the original ZIP character encoding. If general purpose bit 11 is set, the +filename and comment must support The Unicode Standard, Version 4.1.0 or +greater using the character encoding form defined by the UTF-8 storage specification. The Unicode Standard is published by the The Unicode -Consortium (www.unicode.org). UTF-8 encoded data stored within ZIP files -is expected to not include a byte order mark (BOM). +Consortium (www.unicode.org). UTF-8 encoded data stored within ZIP files +is expected to not include a byte order mark (BOM). -D.3 Applications may choose to supplement this file name storage through the use -of the 0x0008 Extra Field. Storage for this optional field is currently -undefined, however it will be used to allow storing extended information -on source or target encoding that may further assist applications with file +D.3 Applications may choose to supplement this file name storage through the use +of the 0x0008 Extra Field. Storage for this optional field is currently +undefined, however it will be used to allow storing extended information +on source or target encoding that may further assist applications with file name, or file content encoding tasks. Please contact PKWARE with any requirements on how this field should be used. -D.4 The 0x0008 Extra Field storage may be used with either setting for general -purpose bit 11. Examples of the intended usage for this field is to store -whether "modified-UTF-8" (JAVA) is used, or UTF-8-MAC. Similarly, other -commonly used character encoding (code page) designations can be indicated -through this field. Formalized values for use of the 0x0008 record remain +D.4 The 0x0008 Extra Field storage may be used with either setting for general +purpose bit 11. Examples of the intended usage for this field is to store +whether "modified-UTF-8" (JAVA) is used, or UTF-8-MAC. Similarly, other +commonly used character encoding (code page) designations can be indicated +through this field. Formalized values for use of the 0x0008 record remain undefined at this time. The definition for the layout of the 0x0008 field will be published when available. Use of the 0x0008 Extra Field provides for storing data within a ZIP file in an encoding other than IBM Code Page 437 or UTF-8. D.5 General purpose bit 11 will not imply any encoding of file content or -password. Values defining character encoding for file content or -password must be stored within the 0x0008 Extended Language Encoding +password. Values defining character encoding for file content or +password must be stored within the 0x0008 Extended Language Encoding Extra Field. -D.6 Ed Gordon of the Info-ZIP group has defined a pair of "extra field" records +D.6 Ed Gordon of the Info-ZIP group has defined a pair of "extra field" records that can be used to store UTF-8 file name and file comment fields. These records can be used for cases when the general purpose bit 11 method for storing UTF-8 data in the standard file name and comment fields is not desirable. A common case for this alternate method is if backward compatibility with older programs is required. -D.7 Definitions for the record structure of these fields are included above +D.7 Definitions for the record structure of these fields are included above in the section on 3rd party mappings for "extra field" records. These -records are identified by Header ID's 0x6375 (Info-ZIP Unicode Comment +records are identified by Header ID's 0x6375 (Info-ZIP Unicode Comment Extra Field) and 0x7075 (Info-ZIP Unicode Path Extra Field). D.8 The choice of which storage method to use when writing a ZIP file is left -to the implementation. Developers should expect that a ZIP file may -contain either method and should provide support for reading data in -either format. Use of general purpose bit 11 reduces storage requirements +to the implementation. Developers should expect that a ZIP file may +contain either method and should provide support for reading data in +either format. Use of general purpose bit 11 reduces storage requirements for file name data by not requiring additional "extra field" data for -each file, but can result in older ZIP programs not being able to extract -files. Use of the 0x6375 and 0x7075 records will result in a ZIP file -that should always be readable by older ZIP programs, but requires more +each file, but can result in older ZIP programs not being able to extract +files. Use of the 0x6375 and 0x7075 records will result in a ZIP file +that should always be readable by older ZIP programs, but requires more storage per file to write file name and/or file comment fields. diff --git a/doc/winzip_aes.md b/doc/winzip_aes.md index 9717969..e9afdb3 100644 --- a/doc/winzip_aes.md +++ b/doc/winzip_aes.md @@ -1,8 +1,8 @@ -# AES Encryption Information: +# AES Encryption Information: Encryption Specification AE-1 and AE-2 -**Document version: 1.04 +**Document version: 1.04 Last modified: January 30, 2009** **NOTE: WinZip® users do not need to read or understand the information contained on this page. It is intended for developers of Zip file utilities.** @@ -34,34 +34,34 @@ General information on the AES standard and the encryption algorithm (also known **II. Zip file format** 1. Base format reference - + AES-encrypted files are stored within the guidelines of the standard Zip file format using only a new "extra data" field, a new compression method code, and a value in the CRC field dependant on the encryption version, AE-1 or AE-2. The basic Zip file format is otherwise unchanged. - + WinZip sets the version needed to extract and version made by fields in the local and central headers to the same values it would use if the file were not encrypted. - + The basic Zip file format specification used by WinZip is available via FTP from the Info-ZIP group at [https://infozip.sourceforge.io/doc/appnote-iz-latest.zip](https://infozip.sourceforge.io/doc/appnote-iz-latest.zip). - + 2. Compression method and encryption flag - + As for any encrypted file, bit 0 of the "general purpose bit flags" field must be set to 1 in each AES-encrypted file's local header and central directory entry. - + Additionally, the presence of an AES-encrypted file in a Zip file is indicated by a new compression method code (decimal 99) in the file's local header and central directory entry, used along with the AES extra data field described below. There is no change in either the _version made by_ or _version needed to extract_ codes. - + The code for the actual compression method is stored in the AES extra data field (see below). - + 3. CRC value - + For files encrypted using the AE-2 method, the standard Zip CRC value is _not_ used, and a 0 must be stored in this field. Corruption of encrypted data within a Zip file is instead detected via the [authentication code](https://www.winzip.com/aes_info.htm#authentication-code) field. - + Files encrypted using the AE-1 method _do_ include the standard Zip CRC value. This, along with the fact that the vendor version stored in the AES extra data field is 0x0001 for AE-1 and 0x0002 for AE-2, is the only difference between the AE-1 and AE-2 formats. - + **NOTE:** Zip utilities that support the AE-2 format are required to be able to read files that were created in the AE-1 format, and during decryption/extraction of files in AE-1 format should verify that the file's CRC matches the value stored in the CRC field. - + 4. AES extra data field 1. A file encrypted with AES encryption will have a special "extra data" field associated with it. This extra data field is stored in both the local header and central directory entry for the file. - + Note: see the Zip file format document referenced above for general information on the format and use of extra data fields. - + 2. The extra data header ID for AES encryption is 0x9901. The fields are all stored in Intel low-byte/high-byte order. The extra data field currently has a length of 11: seven data bytes plus two bytes for the header ID and two bytes for the data size. Therefore, the extra data overhead for each file in the archive is 22 bytes (11 bytes in the central header plus 11 bytes in the local header). 3. The format of the data in the AES extra data field is as follows. See the notes below for additional information. @@ -78,76 +78,76 @@ General information on the AES standard and the encryption algorithm (also known - **Data size**: this value is currently 7, but because it is possible that this specification will be modified in the future to store additional data in this extra field, vendors should not assume that it will always remain 7. - **Vendor ID**: the vendor ID field should always be set to the two ASCII characters "AE". - **Vendor version**: the vendor version for AE-1 is 0x0001. The vendor version for AE-2 is 0x0002. - + Zip utilities that support AE-2 must also be able to process files that are encrypted in AE-1 format. The handling of the [CRC value](https://www.winzip.com/aes_info.htm#CRC) is the only difference between the AE-1 and AE-2 formats. - + - **Encryption strength**: the mode values (encryption strength) for AE-1 and AE-2 are: - + |**Value**|**Strength**| |-|-| |0x01|128-bit encryption key| |0x02|192-bit encryption key| |0x03|256-bit encryption key| - + The encryption specification supports _only_ 128-, 192-, and 256-bit encryption keys. No other key lengths are permitted. - + (Note: the current version of WinZip does not support encrypting files using 192-bit keys. This specification, however, does provide for the use of 192-bit keys, and WinZip is able to decrypt such files.) - + - **Compression method**: the compression method is the one that would otherwise have been stored in the local and central headers for the file. For example, if the file is imploded, this field will contain the compression code 6. This is needed because a compression method of 99 is used to indicate the presence of an AES-encrypted file (see [above](https://www.winzip.com/aes_info.htm#comp-method)). **III. Encrypted file storage format** 1. File format - + Additional overhead data required for decryption is stored with the encrypted file itself (i.e., not in the headers). The actual format of the stored file is as follows; additional information about these fields is below. All fields are byte-aligned. - + |**Size (bytes)**|**Content**| |:-|:-| |Variable|Salt value| |2|Password verification value| |Variable|Encrypted file data| |10|Authentication code| - + Note that the value in the "compressed size" fields of the local file header and the central directory entry is the total size of all the items listed above. In other words, it is the total size of the salt value, password verification value, encrypted data, and authentication code. - + 2. Salt value - + The "salt" or "salt value" is a random or pseudo-random sequence of bytes that is combined with the encryption password to create encryption and authentication keys. The salt is generated by the encrypting application and is stored unencrypted with the file data. The addition of salt values to passwords provides a number of security benefits and makes dictionary attacks based on precomputed keys much more difficult. - + Good cryptographic practice requires that a different salt value be used for each of multiple files encrypted with the same password. If two files are encrypted with the same password and salt, they can leak information about each other. For example, it is possible to determine whether two files encrypted with the same password and salt are identical, and an attacker who somehow already knows the contents of one of two files encrypted with the same password and salt can determine some or all of the contents of the other file. Therefore, you should make every effort to use a unique salt value for each file. - + The size of the salt value depends on the length of the encryption key, as follows: - + |**Key size**|**Salt size**| |:-|:-| |128 bits|8 bytes| |192 bits|12 bytes| |256 bits|16 bytes| - + 3. Password verification value - + This two-byte value is produced as part of the process that derives the encryption and decryption keys from the password. When encrypting, a verification value is derived from the encryption password and stored with the encrypted file. Before decrypting, a verification value can be derived from the decryption password and compared to the value stored with the file, serving as a quick check that will detect _most_, but not all, incorrect passwords. There is a 1 in 65,536 chance that an incorrect password will yield a matching verification value; therefore, a matching verification value cannot be absolutely relied on to indicate a correct password. - + Information on how to obtain the password verification value from Dr. Gladman's encryption library can be found on the [coding tips](https://www.winzip.com/aes_tips.html) page. - + This value is stored unencrypted. - + 4. Encrypted file data - + Encryption is applied only to the content of files. It is performed after compression, and not to any other associated data. The file data is encrypted byte-for-byte using the AES encryption algorithm operating in "CTR" mode, which means that the lengths of the compressed data and the compressed, encrypted data are the same. - + It is important for implementors to note that, although the data is encrypted byte-for-byte, it is presented to the encryption and decryption functions in blocks. The block size used for encryption and decryption must be the same. To be compatible with the encryption specification, this block size must be 16 bytes (although the last block may be smaller). - + 5. Authentication code - + Authentication provides a high quality check that the contents of an encrypted file have not been inadvertently changed or deliberately tampered with since they were first encrypted. In effect, this is a super-CRC check on the data in the file _after_ compression and encryption. (Additionally, authentication is essential when using CTR mode encryption because this mode is vulnerable to several trivial attacks in its absence.) - + The authentication code is derived from the output of the encryption process. [Dr. Gladman's AES code](https://www.winzip.com/aes_info.htm#encryption) provides this service, and information about how to obtain it is in the [coding tips](https://www.winzip.com/aes_tips.html). - + The authentication code is stored unencrypted. It is byte-aligned and immediately follows the last byte of encrypted data. - + For more discussion about authentication, see the [authentication code FAQ](https://www.winzip.com/aes_info.htm#auth-faq) below. - + **IV. Changes in WinZip 11** @@ -164,66 +164,66 @@ Note that the January 2004 version of the WinZip AE-2 specification, version 1.0 **V. Notes** 1. Non-files and zero-length files - + To reduce Zip file size, it is recommended that non-file entries such as folder/directory entries not be encrypted. This, however, is only a recommendation; it is permissible to encrypt or not encrypt these entries, as you prefer. - + On the other hand, it is recommended that you _do_ encrypt zero-length files. The presence of both encrypted and unencrypted files in a Zip file may trigger user warnings in some Zip file utilities, so the user experience may be improved if all files (including zero-length files) are encrypted. - + If zero-length files are encrypted, the encrypted data portion of the file storage (see [above](https://www.winzip.com/aes_info.htm#encrypted-data)) will be empty, but the remainder of the encryption overhead data must be present, both in the file storage area and in the local and central headers. - + 2. "Mixed" Zip files - + There is no requirement that all files in a Zip file be encrypted or that all files that _are_ encrypted use the same encryption method or the same password. - + A Zip file can contain any combination of unencrypted files and files encrypted with any of the four currently defined encryption methods (Zip 2.0, AES-128, AES-192, AES-256). Encrypted files may use the same password or different passwords. - + 3. Key Generation - + Key derivation, as used by AE-1 and AE-2 and as implemented in Dr. Gladman's library, is done according to the PBKDF2 algorithm, which is described in the [RFC2898](https://www.ietf.org/rfc/rfc2898.txt) guidelines. An iteration count of 1000 is used. An appropriate number of bits from the resulting hash value are used to compose three output values: an encryption key, an authentication key, and a password verification value. The first _n_ bits become the encryption key, the next _m_ bits become the authentication key, and the last 16 bits (two bytes) become the password verification value. - + As part of the process outlined in RFC 2898 a pseudo-random function must be called; AE-2 uses the HMAC-SHA1 function, since it is a well-respected algorithm that has been in wide use for this purpose for several years. - + Note that, when used in connection with 192- or 256-bit AES encryption, the fact that HMAC-SHA1 produces a 160-bit result means that, regardless of the password that you specify, the search space for the encryption key is unlikely to reach the theoretical 192- or 256-bit maximum, and cannot be guaranteed to exceed 160 bits. This is discussed in section B.1.1 of the [RFC2898 specification](https://www.ietf.org/rfc/rfc2898.txt). - + **VI. FAQs** - **Why is the compression method field used to indicate AES encryption?** - + As opposed to using new _version made by_ and _version needed to extract_ values to signal AES encryption for a file, the new compression method is more likely to be handled gracefully by older versions of existing Zip file utilities. Zip file utilities typically do not attempt to extract files compressed with unknown methods, presumably notifying the user with an appropriate message. - + - **How can I guarantee that the salt value is unique?** - + In principle, the value of the salt should be different whenever the same password is used more than once, for the reasons described [above](https://www.winzip.com/aes_info.htm#salt), but this is difficult to guarantee. - + In practice, the number of bytes in the salt (as specified by AE-1 and AE-2) is such that using a pseudo-random value will ensure that the probability of duplicated salt values is very low and can be safely ignored. - + There is one exception to this: With the 8-byte salt values used with WinZip's 128-bit encryption it is likely that, if approximately 4 billion files are encrypted with the same password, two of the files will have the same salt, so it is advisable to stay well below this limit. Because of this, when using the same password to encrypt very large numbers of files in WinZip's AES encryption format (that is, files totalling in the millions, for example 2000 Zip files, each containing 1000 encrypted files), we recommend the use of 192-bit or 256-bit AES keys, with their 12- and 16-byte salt values, rather than 128-bit AES keys, with their 8-byte salt values. - + Although salt values do not need to be truly random, it is important that they be generated in a way that the probability of duplicated salt values is not significantly higher than that which would be expected if truly random values were being used. - + One technique for generating salt values is presented in the [coding tips](https://www.winzip.com/aes_tips.html#prng) page. - + - **Why is there an authentication code?** - + The purpose of the authentication code is to insure that, once a file's data has been compressed and encrypted, any accidental corruption of the encrypted data, and any deliberate attempts to modify the encrypted data by an attacker who does not know the password, can be detected. - + The current consensus in the cryptographic community is that associating a message authentication code (or MAC) with encrypted data has strong security value because it makes a number of attacks more difficult to engineer. For AES CTR mode encryption in particular, a MAC is especially important because a number of trivial attacks are possible in its absence. The MAC used with WinZip's AES encryption is based on[HMAC-SHA1-80](https://www.ietf.org/rfc/rfc2104.txt), a mature and widely respected authentication algorithm. - + The MAC is calculated after the file data has been compressed and encrypted. This order of calculation is referred to as Encrypt-then-MAC, and is preferred by many cryptographers to the alternative order of MAC-then-Encrypt because Encrypt-then-MAC is immune to some known attacks on MAC-then-Encrypt. - + - **What is the role of the CRC in WinZip 11?** - + Within the Zip format, the primary use of the CRC value is to detect accidental corruption of data that has been stored in the Zip file. With files encrypted according to the Zip 2.0 encryption specification, it also functions to some extent as a method of detecting deliberate attempts to modify the encrypted data, but not one that can be considered cryptographically strong. The CRC is not needed for these purposes with the WinZip AES encryption specification, where the HMAC-SHA1-based authentication code instead serves these roles. - + The CRC has a drawback in that for very small files, such as files with four or fewer bytes, the CRC can be used, independent of the encryption algorithm, to determine the unencrypted contents of the file. And, in general, it is preferable to store as little information as possible about the encrypted file in the unencrypted Zip headers. - + The CRC does serve one purpose that the authentication code does not. The CRC is computed based on the original uncompressed, unencrypted contents of the file, and it is checked after the file has been decrypted and decompressed. In contrast, the authentication code used with WinZip AES encryption is computed after compression/encryption and it is checked before decryption/decompression. In the very rare event of a hardware or software error that corrupts data during compression and encryption, or during decryption and decompression, the CRC will catch the error, but the authentication code will not. - + WinZip 9.0 and WinZip 10.0 used AE-2 for all files that they created, and did not store the CRC. As of WinZip 11, WinZip instead uses AE-1 for most files, storing the CRC as an additional integrity check against hardware or software errors occurring during the actual compression/encryption or decryption/decompression processes. WinZip 11 will continue to use AE-2, with no CRC, for very small files of less than 20 bytes. It will also use AE-2 for files compressed in BZIP2 format, because this format has internal integrity checks equivalent to a CRC check built in. - + Note that the AES-encrypted files created by WinZip 11 are fully compatible with January 2004's version 1.0.2 of the WinZip AES encryption specification, in which both the AE-1 and AE-2 variants of the file format were already defined. - + **VII. Change history** @@ -232,30 +232,30 @@ Note that the January 2004 version of the WinZip AE-2 specification, version 1.0 **Changes made in document version 1.03, November, 2006:** Minor editorial and clarifying changes have been made throughout the document. The following substantive technical changes have been made: 1. WinZip 11 Usage of AE-1 and AE-2 - + WinZip's AES encryption specification defines two formats, known as AE-1 and AE-2, which differ in whether the CRC of the encrypted file is stored in the Zip headers. While the file formats themselves remain unchanged, WinZip's usage of them is changing. Beginning with [WinZip 11](https://www.winzip.com/aes_info.htm#winzip11), WinZip uses the AE-1 format, which includes the CRC of the encrypted file, for many encrypted files, in order to provide an additional integrity check against hardware or software errors occurring during the compression/encryption or decryption/decompression processes. Note that AES-encrypted files created by WinZip 11 are completely compatible with the previous version of the WinZip encryption specification, January 2004's version 1.0.2. - + 2. The discussion of [salt values](https://www.winzip.com/aes_info.htm#salt) mentions a limitation that applies to the uniqueness of salt values when very large numbers of files are encrypted with 128-bit encryption. 3. Older versions of this specification suggested that other vendors might want to use their own vendor IDs to create their own unique encryption formats. We no longer suggest that vendor-specific alternative encryption methods be created in this way. **Changes made in document version 1.02, January, 2004:** The introductory text at the start of the document has been rewritten, and minor editorial and clarifying changes have been made throughout the document. Two substantive technical changes have been made: 1. AE-2 Specification - + Standard Zip files store the CRC of each file's unencrypted data. This value is used to help detect damage or other alterations to Zip files. However, storing the CRC value has a drawback in that, for a very small file, such as a file of four or fewer bytes, the CRC value can be used, independent of the encryption algorithm, to help determine the unencrypted contents of the file. - + Because of this, files encrypted with the new AE-2 method store a 0 in the CRC field of the Zip header, and use the [authentication code](https://www.winzip.com/aes_info.htm#authentication-code) instead of the CRC value to verify that encrypted data within the Zip file has not been corrupted. - + The only differences between the AE-1 and AE-2 methods are the storage in AE-2 of 0 instead of the CRC in the Zip file header,and the use in the AES extra data field of 0x0002 for AE-2 instead of 0x0001 for AE-1 as the vendor version. - + Zip utilities that support the AE-2 format are required to be able to read files that were created in the AE-1 format, and during decryption/extraction of files in AE-1 format should verify that the file's CRC matches the value stored in the CRC field. - + 2. Key Generation and HMAC-SHA1 - + The description of the [key generation](https://www.winzip.com/aes_info.htm#key-generation) mechanism has been updated to point out a limitation arising from its use of HMAC-SHA1 as the pseudo-random function: When used in connection with 192- or 256-bit AES encryption, the fact that HMAC-SHA1 produces a 160-bit result means that, regardless of the password that you specify, the search space for the encryption key is unlikely to reach the theoretical 192- or 256-bit maximum, and cannot be guaranteed to exceed 160 bits. This is discussed in section B.1.1 of the [RFC2898 specification](https://www.ietf.org/rfc/rfc2898.txt). -Document version: 1.04 +Document version: 1.04 Last modified: January 30, 2009 -Copyright© 2003-2018 Corel Corporation. +Copyright© 2003-2018 Corel Corporation. All Rights Reserved diff --git a/test/fuzz/unzip_fuzzer.dict b/test/fuzz/unzip_fuzzer.dict index 2a8dd29..e3a923c 100644 --- a/test/fuzz/unzip_fuzzer.dict +++ b/test/fuzz/unzip_fuzzer.dict @@ -1,6 +1,6 @@ # A dictionary for more efficient fuzzing of DoStuff(). # If the inputs contain multi-byte tokens, list them here. -# See https://llvm.org/docs/LibFuzzer.html +# See https://llvm.org/docs/LibFuzzer.html#dictionaries "\x50\x4b\x03\x04" "\x50\x4b\x01\x02" "\x50\x4b\x05\x06" diff --git a/test/test.h b/test/test.h index 777b7bc..e424493 100644 --- a/test/test.h +++ b/test/test.h @@ -25,4 +25,4 @@ void test_crypt_hmac(void); } #endif -#endif \ No newline at end of file +#endif