Audio plugin host https://kx.studio/carla
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

crypt.c 22KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653
  1. /*
  2. Copyright (c) 1990-2007 Info-ZIP. All rights reserved.
  3. See the accompanying file LICENSE, version 2005-Feb-10 or later
  4. (the contents of which are also included in (un)zip.h) for terms of use.
  5. If, for some reason, all these files are missing, the Info-ZIP license
  6. also may be found at: ftp://ftp.info-zip.org/pub/infozip/license.html
  7. */
  8. /*
  9. crypt.c (full version) by Info-ZIP. Last revised: [see crypt.h]
  10. The main encryption/decryption source code for Info-Zip software was
  11. originally written in Europe. To the best of our knowledge, it can
  12. be freely distributed in both source and object forms from any country,
  13. including the USA under License Exception TSU of the U.S. Export
  14. Administration Regulations (section 740.13(e)) of 6 June 2002.
  15. NOTE on copyright history:
  16. Previous versions of this source package (up to version 2.8) were
  17. not copyrighted and put in the public domain. If you cannot comply
  18. with the Info-Zip LICENSE, you may want to look for one of those
  19. public domain versions.
  20. */
  21. /*
  22. This encryption code is a direct transcription of the algorithm from
  23. Roger Schlafly, described by Phil Katz in the file appnote.txt. This
  24. file (appnote.txt) is distributed with the PKZIP program (even in the
  25. version without encryption capabilities).
  26. */
  27. #define ZCRYPT_INTERNAL
  28. #include "zip.h"
  29. #include "crypt.h"
  30. #include "ttyio.h"
  31. #if CRYPT
  32. #ifndef FALSE
  33. # define FALSE 0
  34. #endif
  35. #ifdef ZIP
  36. /* For the encoding task used in Zip (and ZipCloak), we want to initialize
  37. the crypt algorithm with some reasonably unpredictable bytes, see
  38. the crypthead() function. The standard rand() library function is
  39. used to supply these `random' bytes, which in turn is initialized by
  40. a srand() call. The srand() function takes an "unsigned" (at least 16bit)
  41. seed value as argument to determine the starting point of the rand()
  42. pseudo-random number generator.
  43. This seed number is constructed as "Seed = Seed1 .XOR. Seed2" with
  44. Seed1 supplied by the current time (= "(unsigned)time()") and Seed2
  45. as some (hopefully) nondeterministic bitmask. On many (most) systems,
  46. we use some "process specific" number, as the PID or something similar,
  47. but when nothing unpredictable is available, a fixed number may be
  48. sufficient.
  49. NOTE:
  50. 1.) This implementation requires the availability of the following
  51. standard UNIX C runtime library functions: time(), rand(), srand().
  52. On systems where some of them are missing, the environment that
  53. incorporates the crypt routines must supply suitable replacement
  54. functions.
  55. 2.) It is a very bad idea to use a second call to time() to set the
  56. "Seed2" number! In this case, both "Seed1" and "Seed2" would be
  57. (almost) identical, resulting in a (mostly) "zero" constant seed
  58. number passed to srand().
  59. The implementation environment defined in the "zip.h" header should
  60. supply a reasonable definition for ZCR_SEED2 (an unsigned number; for
  61. most implementations of rand() and srand(), only the lower 16 bits are
  62. significant!). An example that works on many systems would be
  63. "#define ZCR_SEED2 (unsigned)getpid()".
  64. The default definition for ZCR_SEED2 supplied below should be regarded
  65. as a fallback to allow successful compilation in "beta state"
  66. environments.
  67. */
  68. # include <time.h> /* time() function supplies first part of crypt seed */
  69. /* "last resort" source for second part of crypt seed pattern */
  70. # ifndef ZCR_SEED2
  71. # define ZCR_SEED2 (unsigned)3141592654L /* use PI as default pattern */
  72. # endif
  73. # ifdef GLOBAL /* used in Amiga system headers, maybe others too */
  74. # undef GLOBAL
  75. # endif
  76. # define GLOBAL(g) g
  77. #else /* !ZIP */
  78. # define GLOBAL(g) G.g
  79. #endif /* ?ZIP */
  80. #ifdef UNZIP
  81. /* char *key = (char *)NULL; moved to globals.h */
  82. # ifndef FUNZIP
  83. local int testp OF((__GPRO__ ZCONST uch *h));
  84. local int testkey OF((__GPRO__ ZCONST uch *h, ZCONST char *key));
  85. # endif
  86. #endif /* UNZIP */
  87. #ifndef UNZIP /* moved to globals.h for UnZip */
  88. # ifndef Z_UINT4_DEFINED
  89. # if !defined(NO_LIMITS_H)
  90. # if (defined(UINT_MAX) && (UINT_MAX == 0xffffffffUL))
  91. typedef unsigned int z_uint4;
  92. # define Z_UINT4_DEFINED
  93. # else
  94. # if (defined(ULONG_MAX) && (ULONG_MAX == 0xffffffffUL))
  95. typedef unsigned long z_uint4;
  96. # define Z_UINT4_DEFINED
  97. # else
  98. # if (defined(USHRT_MAX) && (USHRT_MAX == 0xffffffffUL))
  99. typedef unsigned short z_uint4;
  100. # define Z_UINT4_DEFINED
  101. # endif
  102. # endif
  103. # endif
  104. # endif /* !NO_LIMITS_H */
  105. # endif /* !Z_UINT4_DEFINED */
  106. # ifndef Z_UINT4_DEFINED
  107. typedef ulg z_uint4;
  108. # define Z_UINT4_DEFINED
  109. # endif
  110. local z_uint4 keys[3]; /* keys defining the pseudo-random sequence */
  111. #endif /* !UNZIP */
  112. #ifndef Trace
  113. # ifdef CRYPT_DEBUG
  114. # define Trace(x) fprintf x
  115. # else
  116. # define Trace(x)
  117. # endif
  118. #endif
  119. #include "crc32.h"
  120. #ifdef IZ_CRC_BE_OPTIMIZ
  121. local z_uint4 near crycrctab[256];
  122. local z_uint4 near *cry_crctb_p = NULL;
  123. local z_uint4 near *crytab_init OF((__GPRO));
  124. # define CRY_CRC_TAB cry_crctb_p
  125. # undef CRC32
  126. # define CRC32(c, b, crctab) (crctab[((int)(c) ^ (b)) & 0xff] ^ ((c) >> 8))
  127. #else
  128. # define CRY_CRC_TAB CRC_32_TAB
  129. #endif /* ?IZ_CRC_BE_OPTIMIZ */
  130. /***********************************************************************
  131. * Return the next byte in the pseudo-random sequence
  132. */
  133. int decrypt_byte(__G)
  134. __GDEF
  135. {
  136. unsigned temp; /* POTENTIAL BUG: temp*(temp^1) may overflow in an
  137. * unpredictable manner on 16-bit systems; not a problem
  138. * with any known compiler so far, though */
  139. temp = ((unsigned)GLOBAL(keys[2]) & 0xffff) | 2;
  140. return (int)(((temp * (temp ^ 1)) >> 8) & 0xff);
  141. }
  142. /***********************************************************************
  143. * Update the encryption keys with the next byte of plain text
  144. */
  145. int update_keys(__G__ c)
  146. __GDEF
  147. int c; /* byte of plain text */
  148. {
  149. GLOBAL(keys[0]) = CRC32(GLOBAL(keys[0]), c, CRY_CRC_TAB);
  150. GLOBAL(keys[1]) = (GLOBAL(keys[1])
  151. + (GLOBAL(keys[0]) & 0xff))
  152. * 134775813L + 1;
  153. {
  154. register int keyshift = (int)(GLOBAL(keys[1]) >> 24);
  155. GLOBAL(keys[2]) = CRC32(GLOBAL(keys[2]), keyshift, CRY_CRC_TAB);
  156. }
  157. return c;
  158. }
  159. /***********************************************************************
  160. * Initialize the encryption keys and the random header according to
  161. * the given password.
  162. */
  163. void init_keys(__G__ passwd)
  164. __GDEF
  165. ZCONST char *passwd; /* password string with which to modify keys */
  166. {
  167. #ifdef IZ_CRC_BE_OPTIMIZ
  168. if (cry_crctb_p == NULL) {
  169. cry_crctb_p = crytab_init(__G);
  170. }
  171. #endif
  172. GLOBAL(keys[0]) = 305419896L;
  173. GLOBAL(keys[1]) = 591751049L;
  174. GLOBAL(keys[2]) = 878082192L;
  175. while (*passwd != '\0') {
  176. update_keys(__G__ (int)*passwd);
  177. passwd++;
  178. }
  179. }
  180. /***********************************************************************
  181. * Initialize the local copy of the table of precomputed crc32 values.
  182. * Whereas the public crc32-table is optimized for crc32 calculations
  183. * on arrays of bytes, the crypt code needs the crc32 values in an
  184. * byte-order-independent form as 32-bit unsigned numbers. On systems
  185. * with Big-Endian byte order using the optimized crc32 code, this
  186. * requires inverting the byte-order of the values in the
  187. * crypt-crc32-table.
  188. */
  189. #ifdef IZ_CRC_BE_OPTIMIZ
  190. local z_uint4 near *crytab_init(__G)
  191. __GDEF
  192. {
  193. int i;
  194. for (i = 0; i < 256; i++) {
  195. crycrctab[i] = REV_BE(CRC_32_TAB[i]);
  196. }
  197. return crycrctab;
  198. }
  199. #endif
  200. #ifdef ZIP
  201. /***********************************************************************
  202. * Write encryption header to file zfile using the password passwd
  203. * and the cyclic redundancy check crc.
  204. */
  205. void crypthead(passwd, crc, zfile)
  206. ZCONST char *passwd; /* password string */
  207. ulg crc; /* crc of file being encrypted */
  208. FILE *zfile; /* where to write header */
  209. {
  210. int n; /* index in random header */
  211. int t; /* temporary */
  212. int c; /* random byte */
  213. uch header[RAND_HEAD_LEN]; /* random header */
  214. static unsigned calls = 0; /* ensure different random header each time */
  215. /* First generate RAND_HEAD_LEN-2 random bytes. We encrypt the
  216. * output of rand() to get less predictability, since rand() is
  217. * often poorly implemented.
  218. */
  219. if (++calls == 1) {
  220. srand((unsigned)time(NULL) ^ ZCR_SEED2);
  221. }
  222. init_keys(passwd);
  223. for (n = 0; n < RAND_HEAD_LEN-2; n++) {
  224. c = (rand() >> 7) & 0xff;
  225. header[n] = (uch)zencode(c, t);
  226. }
  227. /* Encrypt random header (last two bytes is high word of crc) */
  228. init_keys(passwd);
  229. for (n = 0; n < RAND_HEAD_LEN-2; n++) {
  230. header[n] = (uch)zencode(header[n], t);
  231. }
  232. header[RAND_HEAD_LEN-2] = (uch)zencode((int)(crc >> 16) & 0xff, t);
  233. header[RAND_HEAD_LEN-1] = (uch)zencode((int)(crc >> 24) & 0xff, t);
  234. fwrite(header, 1, RAND_HEAD_LEN, f);
  235. }
  236. #ifdef UTIL
  237. /***********************************************************************
  238. * Encrypt the zip entry described by z from file source to file dest
  239. * using the password passwd. Return an error code in the ZE_ class.
  240. */
  241. int zipcloak(z, source, dest, passwd)
  242. struct zlist far *z; /* zip entry to encrypt */
  243. FILE *source, *dest; /* source and destination files */
  244. ZCONST char *passwd; /* password string */
  245. {
  246. int c; /* input byte */
  247. int res; /* result code */
  248. ulg n; /* holds offset and counts size */
  249. ush flag; /* previous flags */
  250. int t; /* temporary */
  251. int ztemp; /* temporary storage for zencode value */
  252. /* Set encrypted bit, clear extended local header bit and write local
  253. header to output file */
  254. if ((n = (ulg)ftell(dest)) == (ulg)-1L) return ZE_TEMP;
  255. z->off = n;
  256. flag = z->flg;
  257. z->flg |= 1, z->flg &= ~8;
  258. z->lflg |= 1, z->lflg &= ~8;
  259. z->siz += RAND_HEAD_LEN;
  260. if ((res = putlocal(z, dest)) != ZE_OK) return res;
  261. /* Initialize keys with password and write random header */
  262. crypthead(passwd, z->crc, dest);
  263. /* Skip local header in input file */
  264. if (fseek(source, (long)((4 + LOCHEAD) + (ulg)z->nam + (ulg)z->ext),
  265. SEEK_CUR)) {
  266. return ferror(source) ? ZE_READ : ZE_EOF;
  267. }
  268. /* Encrypt data */
  269. for (n = z->siz - RAND_HEAD_LEN; n; n--) {
  270. if ((c = getc(source)) == EOF) {
  271. return ferror(source) ? ZE_READ : ZE_EOF;
  272. }
  273. ztemp = zencode(c, t);
  274. putc(ztemp, dest);
  275. }
  276. /* Skip extended local header in input file if there is one */
  277. if ((flag & 8) != 0 && fseek(source, 16L, SEEK_CUR)) {
  278. return ferror(source) ? ZE_READ : ZE_EOF;
  279. }
  280. if (fflush(dest) == EOF) return ZE_TEMP;
  281. /* Update number of bytes written to output file */
  282. tempzn += (4 + LOCHEAD) + z->nam + z->ext + z->siz;
  283. return ZE_OK;
  284. }
  285. /***********************************************************************
  286. * Decrypt the zip entry described by z from file source to file dest
  287. * using the password passwd. Return an error code in the ZE_ class.
  288. */
  289. int zipbare(z, source, dest, passwd)
  290. struct zlist far *z; /* zip entry to encrypt */
  291. FILE *source, *dest; /* source and destination files */
  292. ZCONST char *passwd; /* password string */
  293. {
  294. #ifdef ZIP10
  295. int c0 /* byte preceding the last input byte */
  296. #endif
  297. int c1; /* last input byte */
  298. ulg offset; /* used for file offsets */
  299. ulg size; /* size of input data */
  300. int r; /* size of encryption header */
  301. int res; /* return code */
  302. ush flag; /* previous flags */
  303. /* Save position and skip local header in input file */
  304. if ((offset = (ulg)ftell(source)) == (ulg)-1L ||
  305. fseek(source, (long)((4 + LOCHEAD) + (ulg)z->nam + (ulg)z->ext),
  306. SEEK_CUR)) {
  307. return ferror(source) ? ZE_READ : ZE_EOF;
  308. }
  309. /* Initialize keys with password */
  310. init_keys(passwd);
  311. /* Decrypt encryption header, save last two bytes */
  312. c1 = 0;
  313. for (r = RAND_HEAD_LEN; r; r--) {
  314. #ifdef ZIP10
  315. c0 = c1;
  316. #endif
  317. if ((c1 = getc(source)) == EOF) {
  318. return ferror(source) ? ZE_READ : ZE_EOF;
  319. }
  320. Trace((stdout, " (%02x)", c1));
  321. zdecode(c1);
  322. Trace((stdout, " %02x", c1));
  323. }
  324. Trace((stdout, "\n"));
  325. /* If last two bytes of header don't match crc (or file time in the
  326. * case of an extended local header), back up and just copy. For
  327. * pkzip 2.0, the check has been reduced to one byte only.
  328. */
  329. #ifdef ZIP10
  330. if ((ush)(c0 | (c1<<8)) !=
  331. (z->flg & 8 ? (ush) z->tim & 0xffff : (ush)(z->crc >> 16))) {
  332. #else
  333. if ((ush)c1 != (z->flg & 8 ? (ush) z->tim >> 8 : (ush)(z->crc >> 24))) {
  334. #endif
  335. if (fseek(source, offset, SEEK_SET)) {
  336. return ferror(source) ? ZE_READ : ZE_EOF;
  337. }
  338. if ((res = zipcopy(z, source, dest)) != ZE_OK) return res;
  339. return ZE_MISS;
  340. }
  341. /* Clear encrypted bit and local header bit, and write local header to
  342. output file */
  343. if ((offset = (ulg)ftell(dest)) == (ulg)-1L) return ZE_TEMP;
  344. z->off = offset;
  345. flag = z->flg;
  346. z->flg &= ~9;
  347. z->lflg &= ~9;
  348. z->siz -= RAND_HEAD_LEN;
  349. if ((res = putlocal(z, dest)) != ZE_OK) return res;
  350. /* Decrypt data */
  351. for (size = z->siz; size; size--) {
  352. if ((c1 = getc(source)) == EOF) {
  353. return ferror(source) ? ZE_READ : ZE_EOF;
  354. }
  355. zdecode(c1);
  356. putc(c1, dest);
  357. }
  358. /* Skip extended local header in input file if there is one */
  359. if ((flag & 8) != 0 && fseek(source, 16L, SEEK_CUR)) {
  360. return ferror(source) ? ZE_READ : ZE_EOF;
  361. }
  362. if (fflush(dest) == EOF) return ZE_TEMP;
  363. /* Update number of bytes written to output file */
  364. tempzn += (4 + LOCHEAD) + z->nam + z->ext + z->siz;
  365. return ZE_OK;
  366. }
  367. #else /* !UTIL */
  368. /***********************************************************************
  369. * If requested, encrypt the data in buf, and in any case call fwrite()
  370. * with the arguments to zfwrite(). Return what fwrite() returns.
  371. *
  372. * A bug has been found when encrypting large files. See trees.c
  373. * for details and the fix.
  374. */
  375. unsigned zfwrite(buf, item_size, nb, f)
  376. zvoid *buf; /* data buffer */
  377. extent item_size; /* size of each item in bytes */
  378. extent nb; /* number of items */
  379. FILE *f; /* file to write to */
  380. {
  381. int t; /* temporary */
  382. if (key != (char *)NULL) { /* key is the global password pointer */
  383. ulg size; /* buffer size */
  384. char *p = (char*)buf; /* steps through buffer */
  385. /* Encrypt data in buffer */
  386. for (size = item_size*(ulg)nb; size != 0; p++, size--) {
  387. *p = (char)zencode(*p, t);
  388. }
  389. }
  390. /* Write the buffer out */
  391. return fwrite(buf, item_size, nb, f);
  392. }
  393. #endif /* ?UTIL */
  394. #endif /* ZIP */
  395. #if (defined(UNZIP) && !defined(FUNZIP))
  396. /***********************************************************************
  397. * Get the password and set up keys for current zipfile member.
  398. * Return PK_ class error.
  399. */
  400. int decrypt(__G__ passwrd)
  401. __GDEF
  402. ZCONST char *passwrd;
  403. {
  404. ush b;
  405. int n, r;
  406. uch h[RAND_HEAD_LEN];
  407. Trace((stdout, "\n[incnt = %d]: ", GLOBAL(incnt)));
  408. /* get header once (turn off "encrypted" flag temporarily so we don't
  409. * try to decrypt the same data twice) */
  410. GLOBAL(pInfo->encrypted) = FALSE;
  411. defer_leftover_input(__G);
  412. for (n = 0; n < RAND_HEAD_LEN; n++) {
  413. b = NEXTBYTE;
  414. h[n] = (uch)b;
  415. Trace((stdout, " (%02x)", h[n]));
  416. }
  417. undefer_input(__G);
  418. GLOBAL(pInfo->encrypted) = TRUE;
  419. if (GLOBAL(newzip)) { /* this is first encrypted member in this zipfile */
  420. GLOBAL(newzip) = FALSE;
  421. if (passwrd != (char *)NULL) { /* user gave password on command line */
  422. if (!GLOBAL(key)) {
  423. if ((GLOBAL(key) = (char *)malloc(strlen(passwrd)+1)) ==
  424. (char *)NULL)
  425. return PK_MEM2;
  426. strcpy(GLOBAL(key), passwrd);
  427. GLOBAL(nopwd) = TRUE; /* inhibit password prompting! */
  428. }
  429. } else if (GLOBAL(key)) { /* get rid of previous zipfile's key */
  430. free(GLOBAL(key));
  431. GLOBAL(key) = (char *)NULL;
  432. }
  433. }
  434. /* if have key already, test it; else allocate memory for it */
  435. if (GLOBAL(key)) {
  436. if (!testp(__G__ h))
  437. return PK_COOL; /* existing password OK (else prompt for new) */
  438. else if (GLOBAL(nopwd))
  439. return PK_WARN; /* user indicated no more prompting */
  440. } else if ((GLOBAL(key) = (char *)malloc(IZ_PWLEN+1)) == (char *)NULL)
  441. return PK_MEM2;
  442. /* try a few keys */
  443. n = 0;
  444. do {
  445. r = (*G.decr_passwd)((zvoid *)&G, &n, GLOBAL(key), IZ_PWLEN+1,
  446. GLOBAL(zipfn), GLOBAL(filename));
  447. if (r == IZ_PW_ERROR) { /* internal error in fetch of PW */
  448. free (GLOBAL(key));
  449. GLOBAL(key) = NULL;
  450. return PK_MEM2;
  451. }
  452. if (r != IZ_PW_ENTERED) { /* user replied "skip" or "skip all" */
  453. *GLOBAL(key) = '\0'; /* We try the NIL password, ... */
  454. n = 0; /* and cancel fetch for this item. */
  455. }
  456. if (!testp(__G__ h))
  457. return PK_COOL;
  458. if (r == IZ_PW_CANCELALL) /* User replied "Skip all" */
  459. GLOBAL(nopwd) = TRUE; /* inhibit any further PW prompt! */
  460. } while (n > 0);
  461. return PK_WARN;
  462. } /* end function decrypt() */
  463. /***********************************************************************
  464. * Test the password. Return -1 if bad, 0 if OK.
  465. */
  466. local int testp(__G__ h)
  467. __GDEF
  468. ZCONST uch *h;
  469. {
  470. int r;
  471. char *key_translated;
  472. /* On systems with "obscure" native character coding (e.g., EBCDIC),
  473. * the first test translates the password to the "main standard"
  474. * character coding. */
  475. #ifdef STR_TO_CP1
  476. /* allocate buffer for translated password */
  477. if ((key_translated = malloc(strlen(GLOBAL(key)) + 1)) == (char *)NULL)
  478. return -1;
  479. /* first try, test password translated "standard" charset */
  480. r = testkey(__G__ h, STR_TO_CP1(key_translated, GLOBAL(key)));
  481. #else /* !STR_TO_CP1 */
  482. /* first try, test password as supplied on the extractor's host */
  483. r = testkey(__G__ h, GLOBAL(key));
  484. #endif /* ?STR_TO_CP1 */
  485. #ifdef STR_TO_CP2
  486. if (r != 0) {
  487. #ifndef STR_TO_CP1
  488. /* now prepare for second (and maybe third) test with translated pwd */
  489. if ((key_translated = malloc(strlen(GLOBAL(key)) + 1)) == (char *)NULL)
  490. return -1;
  491. #endif
  492. /* second try, password translated to alternate ("standard") charset */
  493. r = testkey(__G__ h, STR_TO_CP2(key_translated, GLOBAL(key)));
  494. #ifdef STR_TO_CP3
  495. if (r != 0)
  496. /* third try, password translated to another "standard" charset */
  497. r = testkey(__G__ h, STR_TO_CP3(key_translated, GLOBAL(key)));
  498. #endif
  499. #ifndef STR_TO_CP1
  500. free(key_translated);
  501. #endif
  502. }
  503. #endif /* STR_TO_CP2 */
  504. #ifdef STR_TO_CP1
  505. free(key_translated);
  506. if (r != 0) {
  507. /* last resort, test password as supplied on the extractor's host */
  508. r = testkey(__G__ h, GLOBAL(key));
  509. }
  510. #endif /* STR_TO_CP1 */
  511. return r;
  512. } /* end function testp() */
  513. local int testkey(__G__ h, key)
  514. __GDEF
  515. ZCONST uch *h; /* decrypted header */
  516. ZCONST char *key; /* decryption password to test */
  517. {
  518. ush b;
  519. #ifdef ZIP10
  520. ush c;
  521. #endif
  522. int n;
  523. uch *p;
  524. uch hh[RAND_HEAD_LEN]; /* decrypted header */
  525. /* set keys and save the encrypted header */
  526. init_keys(__G__ key);
  527. memcpy(hh, h, RAND_HEAD_LEN);
  528. /* check password */
  529. for (n = 0; n < RAND_HEAD_LEN; n++) {
  530. zdecode(hh[n]);
  531. Trace((stdout, " %02x", hh[n]));
  532. }
  533. Trace((stdout,
  534. "\n lrec.crc= %08lx crec.crc= %08lx pInfo->ExtLocHdr= %s\n",
  535. GLOBAL(lrec.crc32), GLOBAL(pInfo->crc),
  536. GLOBAL(pInfo->ExtLocHdr) ? "true":"false"));
  537. Trace((stdout, " incnt = %d unzip offset into zipfile = %ld\n",
  538. GLOBAL(incnt),
  539. GLOBAL(cur_zipfile_bufstart)+(GLOBAL(inptr)-GLOBAL(inbuf))));
  540. /* same test as in zipbare(): */
  541. #ifdef ZIP10 /* check two bytes */
  542. c = hh[RAND_HEAD_LEN-2], b = hh[RAND_HEAD_LEN-1];
  543. Trace((stdout,
  544. " (c | (b<<8)) = %04x (crc >> 16) = %04x lrec.time = %04x\n",
  545. (ush)(c | (b<<8)), (ush)(GLOBAL(lrec.crc32) >> 16),
  546. ((ush)GLOBAL(lrec.last_mod_dos_datetime) & 0xffff))));
  547. if ((ush)(c | (b<<8)) != (GLOBAL(pInfo->ExtLocHdr) ?
  548. ((ush)GLOBAL(lrec.last_mod_dos_datetime) & 0xffff) :
  549. (ush)(GLOBAL(lrec.crc32) >> 16)))
  550. return -1; /* bad */
  551. #else
  552. b = hh[RAND_HEAD_LEN-1];
  553. Trace((stdout, " b = %02x (crc >> 24) = %02x (lrec.time >> 8) = %02x\n",
  554. b, (ush)(GLOBAL(lrec.crc32) >> 24),
  555. ((ush)GLOBAL(lrec.last_mod_dos_datetime) >> 8) & 0xff));
  556. if (b != (GLOBAL(pInfo->ExtLocHdr) ?
  557. ((ush)GLOBAL(lrec.last_mod_dos_datetime) >> 8) & 0xff :
  558. (ush)(GLOBAL(lrec.crc32) >> 24)))
  559. return -1; /* bad */
  560. #endif
  561. /* password OK: decrypt current buffer contents before leaving */
  562. for (n = (long)GLOBAL(incnt) > GLOBAL(csize) ?
  563. (int)GLOBAL(csize) : GLOBAL(incnt),
  564. p = GLOBAL(inptr); n--; p++)
  565. zdecode(*p);
  566. return 0; /* OK */
  567. } /* end function testkey() */
  568. #endif /* UNZIP && !FUNZIP */
  569. #else /* !CRYPT */
  570. /* something "externally visible" to shut up compiler/linker warnings */
  571. int zcr_dummy;
  572. #endif /* ?CRYPT */