1 /*-
2 * Copyright (c) 2008 Anselm Strauss
3 * Copyright (c) 2009 Joerg Sonnenberger
4 * Copyright (c) 2011-2012,2014 Michihiro NAKAJIMA
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28 /*
29 * Development supported by Google Summer of Code 2008.
30 */
31
32 #include "archive_platform.h"
33 __FBSDID("$FreeBSD$");
34
35 #ifdef HAVE_ERRNO_H
36 #include <errno.h>
37 #endif
38 #ifdef HAVE_LANGINFO_H
39 #include <langinfo.h>
40 #endif
41 #ifdef HAVE_STDLIB_H
42 #include <stdlib.h>
43 #endif
44 #ifdef HAVE_STRING_H
45 #include <string.h>
46 #endif
47 #ifdef HAVE_ZLIB_H
48 #include <zlib.h>
49 #endif
50
51 #include "archive.h"
52 #include "archive_cryptor_private.h"
53 #include "archive_endian.h"
54 #include "archive_entry.h"
55 #include "archive_entry_locale.h"
56 #include "archive_hmac_private.h"
57 #include "archive_private.h"
58 #include "archive_random_private.h"
59 #include "archive_write_private.h"
60
61 #ifndef HAVE_ZLIB_H
62 #include "archive_crc32.h"
63 #endif
64
65 #define ZIP_ENTRY_FLAG_ENCRYPTED (1<<0)
66 #define ZIP_ENTRY_FLAG_LENGTH_AT_END (1<<3)
67 #define ZIP_ENTRY_FLAG_UTF8_NAME (1 << 11)
68
69 #define ZIP_4GB_MAX ARCHIVE_LITERAL_LL(0xffffffff)
70 #define ZIP_4GB_MAX_UNCOMPRESSED ARCHIVE_LITERAL_LL(0xff000000)
71
72 enum compression {
73 COMPRESSION_UNSPECIFIED = -1,
74 COMPRESSION_STORE = 0,
75 COMPRESSION_DEFLATE = 8
76 };
77
78 #ifdef HAVE_ZLIB_H
79 #define COMPRESSION_DEFAULT COMPRESSION_DEFLATE
80 #else
81 #define COMPRESSION_DEFAULT COMPRESSION_STORE
82 #endif
83
84 enum encryption {
85 ENCRYPTION_NONE = 0,
86 ENCRYPTION_TRADITIONAL, /* Traditional PKWARE encryption. */
87 ENCRYPTION_WINZIP_AES128, /* WinZIP AES-128 encryption. */
88 ENCRYPTION_WINZIP_AES256, /* WinZIP AES-256 encryption. */
89 };
90
91 #define TRAD_HEADER_SIZE 12
92 /*
93 * See "WinZip - AES Encryption Information"
94 * http://www.winzip.com/aes_info.htm
95 */
96 /* Value used in compression method. */
97 #define WINZIP_AES_ENCRYPTION 99
98 /* A WinZip AES header size which is stored at the beginning of
99 * file contents. */
100 #define WINZIP_AES128_HEADER_SIZE (8 + 2)
101 #define WINZIP_AES256_HEADER_SIZE (16 + 2)
102 /* AES vendor version. */
103 #define AES_VENDOR_AE_1 0x0001
104 #define AES_VENDOR_AE_2 0x0002
105 /* Authentication code size. */
106 #define AUTH_CODE_SIZE 10
107 /**/
108 #define MAX_DERIVED_KEY_BUF_SIZE (AES_MAX_KEY_SIZE * 2 + 2)
109
110 struct cd_segment {
111 struct cd_segment *next;
112 size_t buff_size;
113 unsigned char *buff;
114 unsigned char *p;
115 };
116
117 struct trad_enc_ctx {
118 uint32_t keys[3];
119 };
120
121 struct zip {
122
123 int64_t entry_offset;
124 int64_t entry_compressed_size;
125 int64_t entry_uncompressed_size;
126 int64_t entry_compressed_written;
127 int64_t entry_uncompressed_written;
128 int64_t entry_uncompressed_limit;
129 struct archive_entry *entry;
130 uint32_t entry_crc32;
131 enum compression entry_compression;
132 enum encryption entry_encryption;
133 int entry_flags;
134 int entry_uses_zip64;
135 int experiments;
136 struct trad_enc_ctx tctx;
137 char tctx_valid;
138 unsigned char trad_chkdat;
139 unsigned aes_vendor;
140 archive_crypto_ctx cctx;
141 char cctx_valid;
142 archive_hmac_sha1_ctx hctx;
143 char hctx_valid;
144
145 unsigned char *file_header;
146 size_t file_header_extra_offset;
147 unsigned long (*crc32func)(unsigned long crc, const void *buff, size_t len);
148
149 struct cd_segment *central_directory;
150 struct cd_segment *central_directory_last;
151 size_t central_directory_bytes;
152 size_t central_directory_entries;
153
154 int64_t written_bytes; /* Overall position in file. */
155
156 struct archive_string_conv *opt_sconv;
157 struct archive_string_conv *sconv_default;
158 enum compression requested_compression;
159 int deflate_compression_level;
160 int init_default_conversion;
161 enum encryption encryption_type;
162
163 #define ZIP_FLAG_AVOID_ZIP64 1
164 #define ZIP_FLAG_FORCE_ZIP64 2
165 #define ZIP_FLAG_EXPERIMENT_xl 4
166 int flags;
167
168 #ifdef HAVE_ZLIB_H
169 z_stream stream;
170 #endif
171 size_t len_buf;
172 unsigned char *buf;
173 };
174
175 /* Don't call this min or MIN, since those are already defined
176 on lots of platforms (but not all). */
177 #define zipmin(a, b) ((a) > (b) ? (b) : (a))
178
179 static ssize_t archive_write_zip_data(struct archive_write *,
180 const void *buff, size_t s);
181 static int archive_write_zip_close(struct archive_write *);
182 static int archive_write_zip_free(struct archive_write *);
183 static int archive_write_zip_finish_entry(struct archive_write *);
184 static int archive_write_zip_header(struct archive_write *,
185 struct archive_entry *);
186 static int archive_write_zip_options(struct archive_write *,
187 const char *, const char *);
188 static unsigned int dos_time(const time_t);
189 static size_t path_length(struct archive_entry *);
190 static int write_path(struct archive_entry *, struct archive_write *);
191 static void copy_path(struct archive_entry *, unsigned char *);
192 static struct archive_string_conv *get_sconv(struct archive_write *, struct zip *);
193 static int trad_enc_init(struct trad_enc_ctx *, const char *, size_t);
194 static unsigned trad_enc_encrypt_update(struct trad_enc_ctx *, const uint8_t *,
195 size_t, uint8_t *, size_t);
196 static int init_traditional_pkware_encryption(struct archive_write *);
197 static int is_traditional_pkware_encryption_supported(void);
198 static int init_winzip_aes_encryption(struct archive_write *);
199 static int is_winzip_aes_encryption_supported(int encryption);
200
201 static unsigned char *
cd_alloc(struct zip * zip,size_t length)202 cd_alloc(struct zip *zip, size_t length)
203 {
204 unsigned char *p;
205
206 if (zip->central_directory == NULL
207 || (zip->central_directory_last->p + length
208 > zip->central_directory_last->buff + zip->central_directory_last->buff_size)) {
209 struct cd_segment *segment = calloc(1, sizeof(*segment));
210 if (segment == NULL)
211 return NULL;
212 segment->buff_size = 64 * 1024;
213 segment->buff = malloc(segment->buff_size);
214 if (segment->buff == NULL) {
215 free(segment);
216 return NULL;
217 }
218 segment->p = segment->buff;
219
220 if (zip->central_directory == NULL) {
221 zip->central_directory
222 = zip->central_directory_last
223 = segment;
224 } else {
225 zip->central_directory_last->next = segment;
226 zip->central_directory_last = segment;
227 }
228 }
229
230 p = zip->central_directory_last->p;
231 zip->central_directory_last->p += length;
232 zip->central_directory_bytes += length;
233 return (p);
234 }
235
236 static unsigned long
real_crc32(unsigned long crc,const void * buff,size_t len)237 real_crc32(unsigned long crc, const void *buff, size_t len)
238 {
239 return crc32(crc, buff, (unsigned int)len);
240 }
241
242 static unsigned long
fake_crc32(unsigned long crc,const void * buff,size_t len)243 fake_crc32(unsigned long crc, const void *buff, size_t len)
244 {
245 (void)crc; /* UNUSED */
246 (void)buff; /* UNUSED */
247 (void)len; /* UNUSED */
248 return 0;
249 }
250
251 static int
archive_write_zip_options(struct archive_write * a,const char * key,const char * val)252 archive_write_zip_options(struct archive_write *a, const char *key,
253 const char *val)
254 {
255 struct zip *zip = a->format_data;
256 int ret = ARCHIVE_FAILED;
257
258 if (strcmp(key, "compression") == 0) {
259 /*
260 * Set compression to use on all future entries.
261 * This only affects regular files.
262 */
263 if (val == NULL || val[0] == 0) {
264 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
265 "%s: compression option needs a compression name",
266 a->format_name);
267 } else if (strcmp(val, "deflate") == 0) {
268 #ifdef HAVE_ZLIB_H
269 zip->requested_compression = COMPRESSION_DEFLATE;
270 ret = ARCHIVE_OK;
271 #else
272 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
273 "deflate compression not supported");
274 #endif
275 } else if (strcmp(val, "store") == 0) {
276 zip->requested_compression = COMPRESSION_STORE;
277 ret = ARCHIVE_OK;
278 }
279 return (ret);
280 } else if (strcmp(key, "compression-level") == 0) {
281 if (val == NULL || !(val[0] >= '0' && val[0] <= '9') || val[1] != '\0') {
282 return ARCHIVE_WARN;
283 }
284
285 if (val[0] == '0') {
286 zip->requested_compression = COMPRESSION_STORE;
287 return ARCHIVE_OK;
288 } else {
289 #ifdef HAVE_ZLIB_H
290 zip->requested_compression = COMPRESSION_DEFLATE;
291 zip->deflate_compression_level = val[0] - '0';
292 return ARCHIVE_OK;
293 #else
294 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
295 "deflate compression not supported");
296 #endif
297 }
298 } else if (strcmp(key, "encryption") == 0) {
299 if (val == NULL) {
300 zip->encryption_type = ENCRYPTION_NONE;
301 ret = ARCHIVE_OK;
302 } else if (val[0] == '1' || strcmp(val, "traditional") == 0
303 || strcmp(val, "zipcrypt") == 0
304 || strcmp(val, "ZipCrypt") == 0) {
305 if (is_traditional_pkware_encryption_supported()) {
306 zip->encryption_type = ENCRYPTION_TRADITIONAL;
307 ret = ARCHIVE_OK;
308 } else {
309 archive_set_error(&a->archive,
310 ARCHIVE_ERRNO_MISC,
311 "encryption not supported");
312 }
313 } else if (strcmp(val, "aes128") == 0) {
314 if (is_winzip_aes_encryption_supported(
315 ENCRYPTION_WINZIP_AES128)) {
316 zip->encryption_type = ENCRYPTION_WINZIP_AES128;
317 ret = ARCHIVE_OK;
318 } else {
319 archive_set_error(&a->archive,
320 ARCHIVE_ERRNO_MISC,
321 "encryption not supported");
322 }
323 } else if (strcmp(val, "aes256") == 0) {
324 if (is_winzip_aes_encryption_supported(
325 ENCRYPTION_WINZIP_AES256)) {
326 zip->encryption_type = ENCRYPTION_WINZIP_AES256;
327 ret = ARCHIVE_OK;
328 } else {
329 archive_set_error(&a->archive,
330 ARCHIVE_ERRNO_MISC,
331 "encryption not supported");
332 }
333 } else {
334 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
335 "%s: unknown encryption '%s'",
336 a->format_name, val);
337 }
338 return (ret);
339 } else if (strcmp(key, "experimental") == 0) {
340 if (val == NULL || val[0] == 0) {
341 zip->flags &= ~ ZIP_FLAG_EXPERIMENT_xl;
342 } else {
343 zip->flags |= ZIP_FLAG_EXPERIMENT_xl;
344 }
345 return (ARCHIVE_OK);
346 } else if (strcmp(key, "fakecrc32") == 0) {
347 /*
348 * FOR TESTING ONLY: disable CRC calculation to speed up
349 * certain complex tests.
350 */
351 if (val == NULL || val[0] == 0) {
352 zip->crc32func = real_crc32;
353 } else {
354 zip->crc32func = fake_crc32;
355 }
356 return (ARCHIVE_OK);
357 } else if (strcmp(key, "hdrcharset") == 0) {
358 /*
359 * Set the character set used in translating filenames.
360 */
361 if (val == NULL || val[0] == 0) {
362 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
363 "%s: hdrcharset option needs a character-set name",
364 a->format_name);
365 } else {
366 zip->opt_sconv = archive_string_conversion_to_charset(
367 &a->archive, val, 0);
368 if (zip->opt_sconv != NULL)
369 ret = ARCHIVE_OK;
370 else
371 ret = ARCHIVE_FATAL;
372 }
373 return (ret);
374 } else if (strcmp(key, "zip64") == 0) {
375 /*
376 * Bias decisions about Zip64: force them to be
377 * generated in certain cases where they are not
378 * forbidden or avoid them in certain cases where they
379 * are not strictly required.
380 */
381 if (val != NULL && *val != '\0') {
382 zip->flags |= ZIP_FLAG_FORCE_ZIP64;
383 zip->flags &= ~ZIP_FLAG_AVOID_ZIP64;
384 } else {
385 zip->flags &= ~ZIP_FLAG_FORCE_ZIP64;
386 zip->flags |= ZIP_FLAG_AVOID_ZIP64;
387 }
388 return (ARCHIVE_OK);
389 }
390
391 /* Note: The "warn" return is just to inform the options
392 * supervisor that we didn't handle it. It will generate
393 * a suitable error if no one used this option. */
394 return (ARCHIVE_WARN);
395 }
396
397 int
archive_write_zip_set_compression_deflate(struct archive * _a)398 archive_write_zip_set_compression_deflate(struct archive *_a)
399 {
400 struct archive_write *a = (struct archive_write *)_a;
401 int ret = ARCHIVE_FAILED;
402
403 archive_check_magic(_a, ARCHIVE_WRITE_MAGIC,
404 ARCHIVE_STATE_NEW | ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA,
405 "archive_write_zip_set_compression_deflate");
406 if (a->archive.archive_format != ARCHIVE_FORMAT_ZIP) {
407 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
408 "Can only use archive_write_zip_set_compression_deflate"
409 " with zip format");
410 ret = ARCHIVE_FATAL;
411 } else {
412 #ifdef HAVE_ZLIB_H
413 struct zip *zip = a->format_data;
414 zip->requested_compression = COMPRESSION_DEFLATE;
415 ret = ARCHIVE_OK;
416 #else
417 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
418 "deflate compression not supported");
419 ret = ARCHIVE_FAILED;
420 #endif
421 }
422 return (ret);
423 }
424
425 int
archive_write_zip_set_compression_store(struct archive * _a)426 archive_write_zip_set_compression_store(struct archive *_a)
427 {
428 struct archive_write *a = (struct archive_write *)_a;
429 struct zip *zip = a->format_data;
430 int ret = ARCHIVE_FAILED;
431
432 archive_check_magic(_a, ARCHIVE_WRITE_MAGIC,
433 ARCHIVE_STATE_NEW | ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA,
434 "archive_write_zip_set_compression_deflate");
435 if (a->archive.archive_format != ARCHIVE_FORMAT_ZIP) {
436 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
437 "Can only use archive_write_zip_set_compression_store"
438 " with zip format");
439 ret = ARCHIVE_FATAL;
440 } else {
441 zip->requested_compression = COMPRESSION_STORE;
442 ret = ARCHIVE_OK;
443 }
444 return (ret);
445 }
446
447 int
archive_write_set_format_zip(struct archive * _a)448 archive_write_set_format_zip(struct archive *_a)
449 {
450 struct archive_write *a = (struct archive_write *)_a;
451 struct zip *zip;
452
453 archive_check_magic(_a, ARCHIVE_WRITE_MAGIC,
454 ARCHIVE_STATE_NEW, "archive_write_set_format_zip");
455
456 /* If another format was already registered, unregister it. */
457 if (a->format_free != NULL)
458 (a->format_free)(a);
459
460 zip = (struct zip *) calloc(1, sizeof(*zip));
461 if (zip == NULL) {
462 archive_set_error(&a->archive, ENOMEM,
463 "Can't allocate zip data");
464 return (ARCHIVE_FATAL);
465 }
466
467 /* "Unspecified" lets us choose the appropriate compression. */
468 zip->requested_compression = COMPRESSION_UNSPECIFIED;
469 #ifdef HAVE_ZLIB_H
470 zip->deflate_compression_level = Z_DEFAULT_COMPRESSION;
471 #endif
472 zip->crc32func = real_crc32;
473
474 /* A buffer used for both compression and encryption. */
475 zip->len_buf = 65536;
476 zip->buf = malloc(zip->len_buf);
477 if (zip->buf == NULL) {
478 free(zip);
479 archive_set_error(&a->archive, ENOMEM,
480 "Can't allocate compression buffer");
481 return (ARCHIVE_FATAL);
482 }
483
484 a->format_data = zip;
485 a->format_name = "zip";
486 a->format_options = archive_write_zip_options;
487 a->format_write_header = archive_write_zip_header;
488 a->format_write_data = archive_write_zip_data;
489 a->format_finish_entry = archive_write_zip_finish_entry;
490 a->format_close = archive_write_zip_close;
491 a->format_free = archive_write_zip_free;
492 a->archive.archive_format = ARCHIVE_FORMAT_ZIP;
493 a->archive.archive_format_name = "ZIP";
494
495 return (ARCHIVE_OK);
496 }
497
498 static int
is_all_ascii(const char * p)499 is_all_ascii(const char *p)
500 {
501 const unsigned char *pp = (const unsigned char *)p;
502
503 while (*pp) {
504 if (*pp++ > 127)
505 return (0);
506 }
507 return (1);
508 }
509
510 static int
archive_write_zip_header(struct archive_write * a,struct archive_entry * entry)511 archive_write_zip_header(struct archive_write *a, struct archive_entry *entry)
512 {
513 unsigned char local_header[32];
514 unsigned char local_extra[144];
515 struct zip *zip = a->format_data;
516 unsigned char *e;
517 unsigned char *cd_extra;
518 size_t filename_length;
519 const char *slink = NULL;
520 size_t slink_size = 0;
521 struct archive_string_conv *sconv = get_sconv(a, zip);
522 int ret, ret2 = ARCHIVE_OK;
523 mode_t type;
524 int version_needed = 10;
525
526 /* Ignore types of entries that we don't support. */
527 type = archive_entry_filetype(entry);
528 if (type != AE_IFREG && type != AE_IFDIR && type != AE_IFLNK) {
529 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
530 "Filetype not supported");
531 return ARCHIVE_FAILED;
532 };
533
534 /* If we're not using Zip64, reject large files. */
535 if (zip->flags & ZIP_FLAG_AVOID_ZIP64) {
536 /* Reject entries over 4GB. */
537 if (archive_entry_size_is_set(entry)
538 && (archive_entry_size(entry) > ZIP_4GB_MAX)) {
539 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
540 "Files > 4GB require Zip64 extensions");
541 return ARCHIVE_FAILED;
542 }
543 /* Reject entries if archive is > 4GB. */
544 if (zip->written_bytes > ZIP_4GB_MAX) {
545 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
546 "Archives > 4GB require Zip64 extensions");
547 return ARCHIVE_FAILED;
548 }
549 }
550
551 /* Only regular files can have size > 0. */
552 if (type != AE_IFREG)
553 archive_entry_set_size(entry, 0);
554
555
556 /* Reset information from last entry. */
557 zip->entry_offset = zip->written_bytes;
558 zip->entry_uncompressed_limit = INT64_MAX;
559 zip->entry_compressed_size = 0;
560 zip->entry_uncompressed_size = 0;
561 zip->entry_compressed_written = 0;
562 zip->entry_uncompressed_written = 0;
563 zip->entry_flags = 0;
564 zip->entry_uses_zip64 = 0;
565 zip->entry_crc32 = zip->crc32func(0, NULL, 0);
566 zip->entry_encryption = 0;
567 archive_entry_free(zip->entry);
568 zip->entry = NULL;
569
570 if (zip->cctx_valid)
571 archive_encrypto_aes_ctr_release(&zip->cctx);
572 if (zip->hctx_valid)
573 archive_hmac_sha1_cleanup(&zip->hctx);
574 zip->tctx_valid = zip->cctx_valid = zip->hctx_valid = 0;
575
576 if (type == AE_IFREG
577 &&(!archive_entry_size_is_set(entry)
578 || archive_entry_size(entry) > 0)) {
579 switch (zip->encryption_type) {
580 case ENCRYPTION_TRADITIONAL:
581 case ENCRYPTION_WINZIP_AES128:
582 case ENCRYPTION_WINZIP_AES256:
583 zip->entry_flags |= ZIP_ENTRY_FLAG_ENCRYPTED;
584 zip->entry_encryption = zip->encryption_type;
585 break;
586 default:
587 break;
588 }
589 }
590
591
592 #if defined(_WIN32) && !defined(__CYGWIN__)
593 /* Make sure the path separators in pathname, hardlink and symlink
594 * are all slash '/', not the Windows path separator '\'. */
595 zip->entry = __la_win_entry_in_posix_pathseparator(entry);
596 if (zip->entry == entry)
597 zip->entry = archive_entry_clone(entry);
598 #else
599 zip->entry = archive_entry_clone(entry);
600 #endif
601 if (zip->entry == NULL) {
602 archive_set_error(&a->archive, ENOMEM,
603 "Can't allocate zip header data");
604 return (ARCHIVE_FATAL);
605 }
606
607 if (sconv != NULL) {
608 const char *p;
609 size_t len;
610
611 if (archive_entry_pathname_l(entry, &p, &len, sconv) != 0) {
612 if (errno == ENOMEM) {
613 archive_set_error(&a->archive, ENOMEM,
614 "Can't allocate memory for Pathname");
615 return (ARCHIVE_FATAL);
616 }
617 archive_set_error(&a->archive,
618 ARCHIVE_ERRNO_FILE_FORMAT,
619 "Can't translate Pathname '%s' to %s",
620 archive_entry_pathname(entry),
621 archive_string_conversion_charset_name(sconv));
622 ret2 = ARCHIVE_WARN;
623 }
624 if (len > 0)
625 archive_entry_set_pathname(zip->entry, p);
626
627 /*
628 * There is no standard for symlink handling; we convert
629 * it using the same character-set translation that we use
630 * for filename.
631 */
632 if (type == AE_IFLNK) {
633 if (archive_entry_symlink_l(entry, &p, &len, sconv)) {
634 if (errno == ENOMEM) {
635 archive_set_error(&a->archive, ENOMEM,
636 "Can't allocate memory "
637 " for Symlink");
638 return (ARCHIVE_FATAL);
639 }
640 /* No error if we can't convert. */
641 } else if (len > 0)
642 archive_entry_set_symlink(zip->entry, p);
643 }
644 }
645
646 /* If filename isn't ASCII and we can use UTF-8, set the UTF-8 flag. */
647 if (!is_all_ascii(archive_entry_pathname(zip->entry))) {
648 if (zip->opt_sconv != NULL) {
649 if (strcmp(archive_string_conversion_charset_name(
650 zip->opt_sconv), "UTF-8") == 0)
651 zip->entry_flags |= ZIP_ENTRY_FLAG_UTF8_NAME;
652 #if HAVE_NL_LANGINFO
653 } else if (strcmp(nl_langinfo(CODESET), "UTF-8") == 0) {
654 zip->entry_flags |= ZIP_ENTRY_FLAG_UTF8_NAME;
655 #endif
656 }
657 }
658 filename_length = path_length(zip->entry);
659
660 /* Determine appropriate compression and size for this entry. */
661 if (type == AE_IFLNK) {
662 slink = archive_entry_symlink(zip->entry);
663 if (slink != NULL)
664 slink_size = strlen(slink);
665 else
666 slink_size = 0;
667 zip->entry_uncompressed_limit = slink_size;
668 zip->entry_compressed_size = slink_size;
669 zip->entry_uncompressed_size = slink_size;
670 zip->entry_crc32 = zip->crc32func(zip->entry_crc32,
671 (const unsigned char *)slink, slink_size);
672 zip->entry_compression = COMPRESSION_STORE;
673 version_needed = 20;
674 } else if (type != AE_IFREG) {
675 zip->entry_compression = COMPRESSION_STORE;
676 zip->entry_uncompressed_limit = 0;
677 version_needed = 20;
678 } else if (archive_entry_size_is_set(zip->entry)) {
679 int64_t size = archive_entry_size(zip->entry);
680 int64_t additional_size = 0;
681
682 zip->entry_uncompressed_limit = size;
683 zip->entry_compression = zip->requested_compression;
684 if (zip->entry_compression == COMPRESSION_UNSPECIFIED) {
685 zip->entry_compression = COMPRESSION_DEFAULT;
686 }
687 if (zip->entry_compression == COMPRESSION_STORE) {
688 zip->entry_compressed_size = size;
689 zip->entry_uncompressed_size = size;
690 version_needed = 10;
691 } else {
692 zip->entry_uncompressed_size = size;
693 version_needed = 20;
694 }
695
696 if (zip->entry_flags & ZIP_ENTRY_FLAG_ENCRYPTED) {
697 switch (zip->entry_encryption) {
698 case ENCRYPTION_TRADITIONAL:
699 additional_size = TRAD_HEADER_SIZE;
700 version_needed = 20;
701 break;
702 case ENCRYPTION_WINZIP_AES128:
703 additional_size = WINZIP_AES128_HEADER_SIZE
704 + AUTH_CODE_SIZE;
705 version_needed = 20;
706 break;
707 case ENCRYPTION_WINZIP_AES256:
708 additional_size = WINZIP_AES256_HEADER_SIZE
709 + AUTH_CODE_SIZE;
710 version_needed = 20;
711 break;
712 default:
713 break;
714 }
715 if (zip->entry_compression == COMPRESSION_STORE)
716 zip->entry_compressed_size += additional_size;
717 }
718
719 /*
720 * Set Zip64 extension in any of the following cases
721 * (this was suggested by discussion on info-zip-dev
722 * mailing list):
723 * = Zip64 is being forced by user
724 * = File is over 4GiB uncompressed
725 * (including encryption header, if any)
726 * = File is close to 4GiB and is being compressed
727 * (compression might make file larger)
728 */
729 if ((zip->flags & ZIP_FLAG_FORCE_ZIP64)
730 || (zip->entry_uncompressed_size + additional_size > ZIP_4GB_MAX)
731 || (zip->entry_uncompressed_size > ZIP_4GB_MAX_UNCOMPRESSED
732 && zip->entry_compression != COMPRESSION_STORE)) {
733 zip->entry_uses_zip64 = 1;
734 version_needed = 45;
735 }
736
737 /* We may know the size, but never the CRC. */
738 zip->entry_flags |= ZIP_ENTRY_FLAG_LENGTH_AT_END;
739 } else {
740 /* We don't know the size. In this case, we prefer
741 * deflate (it has a clear end-of-data marker which
742 * makes length-at-end more reliable) and will
743 * enable Zip64 extensions unless we're told not to.
744 */
745 zip->entry_compression = COMPRESSION_DEFAULT;
746 zip->entry_flags |= ZIP_ENTRY_FLAG_LENGTH_AT_END;
747 if ((zip->flags & ZIP_FLAG_AVOID_ZIP64) == 0) {
748 zip->entry_uses_zip64 = 1;
749 version_needed = 45;
750 } else if (zip->entry_compression == COMPRESSION_STORE) {
751 version_needed = 10;
752 } else {
753 version_needed = 20;
754 }
755
756 if (zip->entry_flags & ZIP_ENTRY_FLAG_ENCRYPTED) {
757 switch (zip->entry_encryption) {
758 case ENCRYPTION_TRADITIONAL:
759 case ENCRYPTION_WINZIP_AES128:
760 case ENCRYPTION_WINZIP_AES256:
761 if (version_needed < 20)
762 version_needed = 20;
763 break;
764 default:
765 break;
766 }
767 }
768 }
769
770 /* Format the local header. */
771 memset(local_header, 0, sizeof(local_header));
772 memcpy(local_header, "PK\003\004", 4);
773 archive_le16enc(local_header + 4, version_needed);
774 archive_le16enc(local_header + 6, zip->entry_flags);
775 if (zip->entry_encryption == ENCRYPTION_WINZIP_AES128
776 || zip->entry_encryption == ENCRYPTION_WINZIP_AES256)
777 archive_le16enc(local_header + 8, WINZIP_AES_ENCRYPTION);
778 else
779 archive_le16enc(local_header + 8, zip->entry_compression);
780 archive_le32enc(local_header + 10,
781 dos_time(archive_entry_mtime(zip->entry)));
782 archive_le32enc(local_header + 14, zip->entry_crc32);
783 if (zip->entry_uses_zip64) {
784 /* Zip64 data in the local header "must" include both
785 * compressed and uncompressed sizes AND those fields
786 * are included only if these are 0xffffffff;
787 * THEREFORE these must be set this way, even if we
788 * know one of them is smaller. */
789 archive_le32enc(local_header + 18, ZIP_4GB_MAX);
790 archive_le32enc(local_header + 22, ZIP_4GB_MAX);
791 } else {
792 archive_le32enc(local_header + 18, (uint32_t)zip->entry_compressed_size);
793 archive_le32enc(local_header + 22, (uint32_t)zip->entry_uncompressed_size);
794 }
795 archive_le16enc(local_header + 26, (uint16_t)filename_length);
796
797 if (zip->entry_encryption == ENCRYPTION_TRADITIONAL) {
798 if (zip->entry_flags & ZIP_ENTRY_FLAG_LENGTH_AT_END)
799 zip->trad_chkdat = local_header[11];
800 else
801 zip->trad_chkdat = local_header[17];
802 }
803
804 /* Format as much of central directory file header as we can: */
805 zip->file_header = cd_alloc(zip, 46);
806 /* If (zip->file_header == NULL) XXXX */
807 ++zip->central_directory_entries;
808 memset(zip->file_header, 0, 46);
809 memcpy(zip->file_header, "PK\001\002", 4);
810 /* "Made by PKZip 2.0 on Unix." */
811 archive_le16enc(zip->file_header + 4, 3 * 256 + version_needed);
812 archive_le16enc(zip->file_header + 6, version_needed);
813 archive_le16enc(zip->file_header + 8, zip->entry_flags);
814 if (zip->entry_encryption == ENCRYPTION_WINZIP_AES128
815 || zip->entry_encryption == ENCRYPTION_WINZIP_AES256)
816 archive_le16enc(zip->file_header + 10, WINZIP_AES_ENCRYPTION);
817 else
818 archive_le16enc(zip->file_header + 10, zip->entry_compression);
819 archive_le32enc(zip->file_header + 12,
820 dos_time(archive_entry_mtime(zip->entry)));
821 archive_le16enc(zip->file_header + 28, (uint16_t)filename_length);
822 /* Following Info-Zip, store mode in the "external attributes" field. */
823 archive_le32enc(zip->file_header + 38,
824 ((uint32_t)archive_entry_mode(zip->entry)) << 16);
825 e = cd_alloc(zip, filename_length);
826 /* If (e == NULL) XXXX */
827 copy_path(zip->entry, e);
828
829 /* Format extra data. */
830 memset(local_extra, 0, sizeof(local_extra));
831 e = local_extra;
832
833 /* First, extra blocks that are the same between
834 * the local file header and the central directory.
835 * We format them once and then duplicate them. */
836
837 /* UT timestamp, length depends on what timestamps are set. */
838 memcpy(e, "UT", 2);
839 archive_le16enc(e + 2,
840 1
841 + (archive_entry_mtime_is_set(entry) ? 4 : 0)
842 + (archive_entry_atime_is_set(entry) ? 4 : 0)
843 + (archive_entry_ctime_is_set(entry) ? 4 : 0));
844 e += 4;
845 *e++ =
846 (archive_entry_mtime_is_set(entry) ? 1 : 0)
847 | (archive_entry_atime_is_set(entry) ? 2 : 0)
848 | (archive_entry_ctime_is_set(entry) ? 4 : 0);
849 if (archive_entry_mtime_is_set(entry)) {
850 archive_le32enc(e, (uint32_t)archive_entry_mtime(entry));
851 e += 4;
852 }
853 if (archive_entry_atime_is_set(entry)) {
854 archive_le32enc(e, (uint32_t)archive_entry_atime(entry));
855 e += 4;
856 }
857 if (archive_entry_ctime_is_set(entry)) {
858 archive_le32enc(e, (uint32_t)archive_entry_ctime(entry));
859 e += 4;
860 }
861
862 /* ux Unix extra data, length 11, version 1 */
863 /* TODO: If uid < 64k, use 2 bytes, ditto for gid. */
864 memcpy(e, "ux\013\000\001", 5);
865 e += 5;
866 *e++ = 4; /* Length of following UID */
867 archive_le32enc(e, (uint32_t)archive_entry_uid(entry));
868 e += 4;
869 *e++ = 4; /* Length of following GID */
870 archive_le32enc(e, (uint32_t)archive_entry_gid(entry));
871 e += 4;
872
873 /* AES extra data field: WinZIP AES information, ID=0x9901 */
874 if ((zip->entry_flags & ZIP_ENTRY_FLAG_ENCRYPTED)
875 && (zip->entry_encryption == ENCRYPTION_WINZIP_AES128
876 || zip->entry_encryption == ENCRYPTION_WINZIP_AES256)) {
877
878 memcpy(e, "\001\231\007\000\001\000AE", 8);
879 /* AES vendor version AE-2 does not store a CRC.
880 * WinZip 11 uses AE-1, which does store the CRC,
881 * but it does not store the CRC when the file size
882 * is less than 20 bytes. So we simulate what
883 * WinZip 11 does.
884 * NOTE: WinZip 9.0 and 10.0 uses AE-2 by default. */
885 if (archive_entry_size_is_set(zip->entry)
886 && archive_entry_size(zip->entry) < 20) {
887 archive_le16enc(e+4, AES_VENDOR_AE_2);
888 zip->aes_vendor = AES_VENDOR_AE_2;/* no CRC. */
889 } else
890 zip->aes_vendor = AES_VENDOR_AE_1;
891 e += 8;
892 /* AES encryption strength. */
893 *e++ = (zip->entry_encryption == ENCRYPTION_WINZIP_AES128)?1:3;
894 /* Actual compression method. */
895 archive_le16enc(e, zip->entry_compression);
896 e += 2;
897 }
898
899 /* Copy UT ,ux, and AES-extra into central directory as well. */
900 zip->file_header_extra_offset = zip->central_directory_bytes;
901 cd_extra = cd_alloc(zip, e - local_extra);
902 memcpy(cd_extra, local_extra, e - local_extra);
903
904 /*
905 * Following extra blocks vary between local header and
906 * central directory. These are the local header versions.
907 * Central directory versions get formatted in
908 * archive_write_zip_finish_entry() below.
909 */
910
911 /* "[Zip64 entry] in the local header MUST include BOTH
912 * original [uncompressed] and compressed size fields." */
913 if (zip->entry_uses_zip64) {
914 unsigned char *zip64_start = e;
915 memcpy(e, "\001\000\020\000", 4);
916 e += 4;
917 archive_le64enc(e, zip->entry_uncompressed_size);
918 e += 8;
919 archive_le64enc(e, zip->entry_compressed_size);
920 e += 8;
921 archive_le16enc(zip64_start + 2, (uint16_t)(e - (zip64_start + 4)));
922 }
923
924 if (zip->flags & ZIP_FLAG_EXPERIMENT_xl) {
925 /* Experimental 'xl' extension to improve streaming. */
926 unsigned char *external_info = e;
927 int included = 7;
928 memcpy(e, "xl\000\000", 4); // 0x6c65 + 2-byte length
929 e += 4;
930 e[0] = included; /* bitmap of included fields */
931 e += 1;
932 if (included & 1) {
933 archive_le16enc(e, /* "Version created by" */
934 3 * 256 + version_needed);
935 e += 2;
936 }
937 if (included & 2) {
938 archive_le16enc(e, 0); /* internal file attributes */
939 e += 2;
940 }
941 if (included & 4) {
942 archive_le32enc(e, /* external file attributes */
943 ((uint32_t)archive_entry_mode(zip->entry)) << 16);
944 e += 4;
945 }
946 if (included & 8) {
947 // Libarchive does not currently support file comments.
948 }
949 archive_le16enc(external_info + 2, (uint16_t)(e - (external_info + 4)));
950 }
951
952 /* Update local header with size of extra data and write it all out: */
953 archive_le16enc(local_header + 28, (uint16_t)(e - local_extra));
954
955 ret = __archive_write_output(a, local_header, 30);
956 if (ret != ARCHIVE_OK)
957 return (ARCHIVE_FATAL);
958 zip->written_bytes += 30;
959
960 ret = write_path(zip->entry, a);
961 if (ret <= ARCHIVE_OK)
962 return (ARCHIVE_FATAL);
963 zip->written_bytes += ret;
964
965 ret = __archive_write_output(a, local_extra, e - local_extra);
966 if (ret != ARCHIVE_OK)
967 return (ARCHIVE_FATAL);
968 zip->written_bytes += e - local_extra;
969
970 /* For symlinks, write the body now. */
971 if (slink != NULL) {
972 ret = __archive_write_output(a, slink, slink_size);
973 if (ret != ARCHIVE_OK)
974 return (ARCHIVE_FATAL);
975 zip->entry_compressed_written += slink_size;
976 zip->entry_uncompressed_written += slink_size;
977 zip->written_bytes += slink_size;
978 }
979
980 #ifdef HAVE_ZLIB_H
981 if (zip->entry_compression == COMPRESSION_DEFLATE) {
982 zip->stream.zalloc = Z_NULL;
983 zip->stream.zfree = Z_NULL;
984 zip->stream.opaque = Z_NULL;
985 zip->stream.next_out = zip->buf;
986 zip->stream.avail_out = (uInt)zip->len_buf;
987 if (deflateInit2(&zip->stream, zip->deflate_compression_level,
988 Z_DEFLATED, -15, 8, Z_DEFAULT_STRATEGY) != Z_OK) {
989 archive_set_error(&a->archive, ENOMEM,
990 "Can't init deflate compressor");
991 return (ARCHIVE_FATAL);
992 }
993 }
994 #endif
995
996 return (ret2);
997 }
998
999 static ssize_t
archive_write_zip_data(struct archive_write * a,const void * buff,size_t s)1000 archive_write_zip_data(struct archive_write *a, const void *buff, size_t s)
1001 {
1002 int ret;
1003 struct zip *zip = a->format_data;
1004
1005 if ((int64_t)s > zip->entry_uncompressed_limit)
1006 s = (size_t)zip->entry_uncompressed_limit;
1007 zip->entry_uncompressed_written += s;
1008
1009 if (s == 0) return 0;
1010
1011 if (zip->entry_flags & ZIP_ENTRY_FLAG_ENCRYPTED) {
1012 switch (zip->entry_encryption) {
1013 case ENCRYPTION_TRADITIONAL:
1014 /* Initialize traditional PKWARE encryption context. */
1015 if (!zip->tctx_valid) {
1016 ret = init_traditional_pkware_encryption(a);
1017 if (ret != ARCHIVE_OK)
1018 return (ret);
1019 zip->tctx_valid = 1;
1020 }
1021 break;
1022 case ENCRYPTION_WINZIP_AES128:
1023 case ENCRYPTION_WINZIP_AES256:
1024 if (!zip->cctx_valid) {
1025 ret = init_winzip_aes_encryption(a);
1026 if (ret != ARCHIVE_OK)
1027 return (ret);
1028 zip->cctx_valid = zip->hctx_valid = 1;
1029 }
1030 break;
1031 default:
1032 break;
1033 }
1034 }
1035
1036 switch (zip->entry_compression) {
1037 case COMPRESSION_STORE:
1038 if (zip->tctx_valid || zip->cctx_valid) {
1039 const uint8_t *rb = (const uint8_t *)buff;
1040 const uint8_t * const re = rb + s;
1041
1042 while (rb < re) {
1043 size_t l;
1044
1045 if (zip->tctx_valid) {
1046 l = trad_enc_encrypt_update(&zip->tctx,
1047 rb, re - rb,
1048 zip->buf, zip->len_buf);
1049 } else {
1050 l = zip->len_buf;
1051 ret = archive_encrypto_aes_ctr_update(
1052 &zip->cctx,
1053 rb, re - rb, zip->buf, &l);
1054 if (ret < 0) {
1055 archive_set_error(&a->archive,
1056 ARCHIVE_ERRNO_MISC,
1057 "Failed to encrypt file");
1058 return (ARCHIVE_FAILED);
1059 }
1060 archive_hmac_sha1_update(&zip->hctx,
1061 zip->buf, l);
1062 }
1063 ret = __archive_write_output(a, zip->buf, l);
1064 if (ret != ARCHIVE_OK)
1065 return (ret);
1066 zip->entry_compressed_written += l;
1067 zip->written_bytes += l;
1068 rb += l;
1069 }
1070 } else {
1071 ret = __archive_write_output(a, buff, s);
1072 if (ret != ARCHIVE_OK)
1073 return (ret);
1074 zip->written_bytes += s;
1075 zip->entry_compressed_written += s;
1076 }
1077 break;
1078 #if HAVE_ZLIB_H
1079 case COMPRESSION_DEFLATE:
1080 zip->stream.next_in = (unsigned char*)(uintptr_t)buff;
1081 zip->stream.avail_in = (uInt)s;
1082 do {
1083 ret = deflate(&zip->stream, Z_NO_FLUSH);
1084 if (ret == Z_STREAM_ERROR)
1085 return (ARCHIVE_FATAL);
1086 if (zip->stream.avail_out == 0) {
1087 if (zip->tctx_valid) {
1088 trad_enc_encrypt_update(&zip->tctx,
1089 zip->buf, zip->len_buf,
1090 zip->buf, zip->len_buf);
1091 } else if (zip->cctx_valid) {
1092 size_t outl = zip->len_buf;
1093 ret = archive_encrypto_aes_ctr_update(
1094 &zip->cctx,
1095 zip->buf, zip->len_buf,
1096 zip->buf, &outl);
1097 if (ret < 0) {
1098 archive_set_error(&a->archive,
1099 ARCHIVE_ERRNO_MISC,
1100 "Failed to encrypt file");
1101 return (ARCHIVE_FAILED);
1102 }
1103 archive_hmac_sha1_update(&zip->hctx,
1104 zip->buf, zip->len_buf);
1105 }
1106 ret = __archive_write_output(a, zip->buf,
1107 zip->len_buf);
1108 if (ret != ARCHIVE_OK)
1109 return (ret);
1110 zip->entry_compressed_written += zip->len_buf;
1111 zip->written_bytes += zip->len_buf;
1112 zip->stream.next_out = zip->buf;
1113 zip->stream.avail_out = (uInt)zip->len_buf;
1114 }
1115 } while (zip->stream.avail_in != 0);
1116 break;
1117 #endif
1118
1119 default:
1120 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1121 "Invalid ZIP compression type");
1122 return ARCHIVE_FATAL;
1123 }
1124
1125 zip->entry_uncompressed_limit -= s;
1126 if (!zip->cctx_valid || zip->aes_vendor != AES_VENDOR_AE_2)
1127 zip->entry_crc32 =
1128 zip->crc32func(zip->entry_crc32, buff, (unsigned)s);
1129 return (s);
1130
1131 }
1132
1133 static int
archive_write_zip_finish_entry(struct archive_write * a)1134 archive_write_zip_finish_entry(struct archive_write *a)
1135 {
1136 struct zip *zip = a->format_data;
1137 int ret;
1138
1139 #if HAVE_ZLIB_H
1140 if (zip->entry_compression == COMPRESSION_DEFLATE) {
1141 for (;;) {
1142 size_t remainder;
1143
1144 ret = deflate(&zip->stream, Z_FINISH);
1145 if (ret == Z_STREAM_ERROR)
1146 return (ARCHIVE_FATAL);
1147 remainder = zip->len_buf - zip->stream.avail_out;
1148 if (zip->tctx_valid) {
1149 trad_enc_encrypt_update(&zip->tctx,
1150 zip->buf, remainder, zip->buf, remainder);
1151 } else if (zip->cctx_valid) {
1152 size_t outl = remainder;
1153 ret = archive_encrypto_aes_ctr_update(
1154 &zip->cctx, zip->buf, remainder,
1155 zip->buf, &outl);
1156 if (ret < 0) {
1157 archive_set_error(&a->archive,
1158 ARCHIVE_ERRNO_MISC,
1159 "Failed to encrypt file");
1160 return (ARCHIVE_FAILED);
1161 }
1162 archive_hmac_sha1_update(&zip->hctx,
1163 zip->buf, remainder);
1164 }
1165 ret = __archive_write_output(a, zip->buf, remainder);
1166 if (ret != ARCHIVE_OK)
1167 return (ret);
1168 zip->entry_compressed_written += remainder;
1169 zip->written_bytes += remainder;
1170 zip->stream.next_out = zip->buf;
1171 if (zip->stream.avail_out != 0)
1172 break;
1173 zip->stream.avail_out = (uInt)zip->len_buf;
1174 }
1175 deflateEnd(&zip->stream);
1176 }
1177 #endif
1178 if (zip->hctx_valid) {
1179 uint8_t hmac[20];
1180 size_t hmac_len = 20;
1181
1182 archive_hmac_sha1_final(&zip->hctx, hmac, &hmac_len);
1183 ret = __archive_write_output(a, hmac, AUTH_CODE_SIZE);
1184 if (ret != ARCHIVE_OK)
1185 return (ret);
1186 zip->entry_compressed_written += AUTH_CODE_SIZE;
1187 zip->written_bytes += AUTH_CODE_SIZE;
1188 }
1189
1190 /* Write trailing data descriptor. */
1191 if ((zip->entry_flags & ZIP_ENTRY_FLAG_LENGTH_AT_END) != 0) {
1192 char d[24];
1193 memcpy(d, "PK\007\010", 4);
1194 if (zip->cctx_valid && zip->aes_vendor == AES_VENDOR_AE_2)
1195 archive_le32enc(d + 4, 0);/* no CRC.*/
1196 else
1197 archive_le32enc(d + 4, zip->entry_crc32);
1198 if (zip->entry_uses_zip64) {
1199 archive_le64enc(d + 8,
1200 (uint64_t)zip->entry_compressed_written);
1201 archive_le64enc(d + 16,
1202 (uint64_t)zip->entry_uncompressed_written);
1203 ret = __archive_write_output(a, d, 24);
1204 zip->written_bytes += 24;
1205 } else {
1206 archive_le32enc(d + 8,
1207 (uint32_t)zip->entry_compressed_written);
1208 archive_le32enc(d + 12,
1209 (uint32_t)zip->entry_uncompressed_written);
1210 ret = __archive_write_output(a, d, 16);
1211 zip->written_bytes += 16;
1212 }
1213 if (ret != ARCHIVE_OK)
1214 return (ARCHIVE_FATAL);
1215 }
1216
1217 /* Append Zip64 extra data to central directory information. */
1218 if (zip->entry_compressed_written > ZIP_4GB_MAX
1219 || zip->entry_uncompressed_written > ZIP_4GB_MAX
1220 || zip->entry_offset > ZIP_4GB_MAX) {
1221 unsigned char zip64[32];
1222 unsigned char *z = zip64, *zd;
1223 memcpy(z, "\001\000\000\000", 4);
1224 z += 4;
1225 if (zip->entry_uncompressed_written >= ZIP_4GB_MAX) {
1226 archive_le64enc(z, zip->entry_uncompressed_written);
1227 z += 8;
1228 }
1229 if (zip->entry_compressed_written >= ZIP_4GB_MAX) {
1230 archive_le64enc(z, zip->entry_compressed_written);
1231 z += 8;
1232 }
1233 if (zip->entry_offset >= ZIP_4GB_MAX) {
1234 archive_le64enc(z, zip->entry_offset);
1235 z += 8;
1236 }
1237 archive_le16enc(zip64 + 2, (uint16_t)(z - (zip64 + 4)));
1238 zd = cd_alloc(zip, z - zip64);
1239 if (zd == NULL) {
1240 archive_set_error(&a->archive, ENOMEM,
1241 "Can't allocate zip data");
1242 return (ARCHIVE_FATAL);
1243 }
1244 memcpy(zd, zip64, z - zip64);
1245 /* Zip64 means version needs to be set to at least 4.5 */
1246 if (archive_le16dec(zip->file_header + 6) < 45)
1247 archive_le16enc(zip->file_header + 6, 45);
1248 }
1249
1250 /* Fix up central directory file header. */
1251 if (zip->cctx_valid && zip->aes_vendor == AES_VENDOR_AE_2)
1252 archive_le32enc(zip->file_header + 16, 0);/* no CRC.*/
1253 else
1254 archive_le32enc(zip->file_header + 16, zip->entry_crc32);
1255 archive_le32enc(zip->file_header + 20,
1256 (uint32_t)zipmin(zip->entry_compressed_written,
1257 ZIP_4GB_MAX));
1258 archive_le32enc(zip->file_header + 24,
1259 (uint32_t)zipmin(zip->entry_uncompressed_written,
1260 ZIP_4GB_MAX));
1261 archive_le16enc(zip->file_header + 30,
1262 (uint16_t)(zip->central_directory_bytes - zip->file_header_extra_offset));
1263 archive_le32enc(zip->file_header + 42,
1264 (uint32_t)zipmin(zip->entry_offset,
1265 ZIP_4GB_MAX));
1266
1267 return (ARCHIVE_OK);
1268 }
1269
1270 static int
archive_write_zip_close(struct archive_write * a)1271 archive_write_zip_close(struct archive_write *a)
1272 {
1273 uint8_t buff[64];
1274 int64_t offset_start, offset_end;
1275 struct zip *zip = a->format_data;
1276 struct cd_segment *segment;
1277 int ret;
1278
1279 offset_start = zip->written_bytes;
1280 segment = zip->central_directory;
1281 while (segment != NULL) {
1282 ret = __archive_write_output(a,
1283 segment->buff, segment->p - segment->buff);
1284 if (ret != ARCHIVE_OK)
1285 return (ARCHIVE_FATAL);
1286 zip->written_bytes += segment->p - segment->buff;
1287 segment = segment->next;
1288 }
1289 offset_end = zip->written_bytes;
1290
1291 /* If central dir info is too large, write Zip64 end-of-cd */
1292 if (offset_end - offset_start > ZIP_4GB_MAX
1293 || offset_start > ZIP_4GB_MAX
1294 || zip->central_directory_entries > 0xffffUL
1295 || (zip->flags & ZIP_FLAG_FORCE_ZIP64)) {
1296 /* Zip64 end-of-cd record */
1297 memset(buff, 0, 56);
1298 memcpy(buff, "PK\006\006", 4);
1299 archive_le64enc(buff + 4, 44);
1300 archive_le16enc(buff + 12, 45);
1301 archive_le16enc(buff + 14, 45);
1302 /* This is disk 0 of 0. */
1303 archive_le64enc(buff + 24, zip->central_directory_entries);
1304 archive_le64enc(buff + 32, zip->central_directory_entries);
1305 archive_le64enc(buff + 40, offset_end - offset_start);
1306 archive_le64enc(buff + 48, offset_start);
1307 ret = __archive_write_output(a, buff, 56);
1308 if (ret != ARCHIVE_OK)
1309 return (ARCHIVE_FATAL);
1310 zip->written_bytes += 56;
1311
1312 /* Zip64 end-of-cd locator record. */
1313 memset(buff, 0, 20);
1314 memcpy(buff, "PK\006\007", 4);
1315 archive_le32enc(buff + 4, 0);
1316 archive_le64enc(buff + 8, offset_end);
1317 archive_le32enc(buff + 16, 1);
1318 ret = __archive_write_output(a, buff, 20);
1319 if (ret != ARCHIVE_OK)
1320 return (ARCHIVE_FATAL);
1321 zip->written_bytes += 20;
1322
1323 }
1324
1325 /* Format and write end of central directory. */
1326 memset(buff, 0, sizeof(buff));
1327 memcpy(buff, "PK\005\006", 4);
1328 archive_le16enc(buff + 8, (uint16_t)zipmin(0xffffU,
1329 zip->central_directory_entries));
1330 archive_le16enc(buff + 10, (uint16_t)zipmin(0xffffU,
1331 zip->central_directory_entries));
1332 archive_le32enc(buff + 12,
1333 (uint32_t)zipmin(ZIP_4GB_MAX, (offset_end - offset_start)));
1334 archive_le32enc(buff + 16,
1335 (uint32_t)zipmin(ZIP_4GB_MAX, offset_start));
1336 ret = __archive_write_output(a, buff, 22);
1337 if (ret != ARCHIVE_OK)
1338 return (ARCHIVE_FATAL);
1339 zip->written_bytes += 22;
1340 return (ARCHIVE_OK);
1341 }
1342
1343 static int
archive_write_zip_free(struct archive_write * a)1344 archive_write_zip_free(struct archive_write *a)
1345 {
1346 struct zip *zip;
1347 struct cd_segment *segment;
1348
1349 zip = a->format_data;
1350 while (zip->central_directory != NULL) {
1351 segment = zip->central_directory;
1352 zip->central_directory = segment->next;
1353 free(segment->buff);
1354 free(segment);
1355 }
1356 free(zip->buf);
1357 archive_entry_free(zip->entry);
1358 if (zip->cctx_valid)
1359 archive_encrypto_aes_ctr_release(&zip->cctx);
1360 if (zip->hctx_valid)
1361 archive_hmac_sha1_cleanup(&zip->hctx);
1362 /* TODO: Free opt_sconv, sconv_default */
1363
1364 free(zip);
1365 a->format_data = NULL;
1366 return (ARCHIVE_OK);
1367 }
1368
1369 /* Convert into MSDOS-style date/time. */
1370 static unsigned int
dos_time(const time_t unix_time)1371 dos_time(const time_t unix_time)
1372 {
1373 struct tm *t;
1374 unsigned int dt;
1375
1376 /* This will not preserve time when creating/extracting the archive
1377 * on two systems with different time zones. */
1378 t = localtime(&unix_time);
1379
1380 /* MSDOS-style date/time is only between 1980-01-01 and 2107-12-31 */
1381 if (t->tm_year < 1980 - 1900)
1382 /* Set minimum date/time '1980-01-01 00:00:00'. */
1383 dt = 0x00210000U;
1384 else if (t->tm_year > 2107 - 1900)
1385 /* Set maximum date/time '2107-12-31 23:59:58'. */
1386 dt = 0xff9fbf7dU;
1387 else {
1388 dt = 0;
1389 dt += ((t->tm_year - 80) & 0x7f) << 9;
1390 dt += ((t->tm_mon + 1) & 0x0f) << 5;
1391 dt += (t->tm_mday & 0x1f);
1392 dt <<= 16;
1393 dt += (t->tm_hour & 0x1f) << 11;
1394 dt += (t->tm_min & 0x3f) << 5;
1395 dt += (t->tm_sec & 0x3e) >> 1; /* Only counting every 2 seconds. */
1396 }
1397 return dt;
1398 }
1399
1400 static size_t
path_length(struct archive_entry * entry)1401 path_length(struct archive_entry *entry)
1402 {
1403 mode_t type;
1404 const char *path;
1405
1406 type = archive_entry_filetype(entry);
1407 path = archive_entry_pathname(entry);
1408
1409 if (path == NULL)
1410 return (0);
1411 if (type == AE_IFDIR &&
1412 (path[0] == '\0' || path[strlen(path) - 1] != '/')) {
1413 return strlen(path) + 1;
1414 } else {
1415 return strlen(path);
1416 }
1417 }
1418
1419 static int
write_path(struct archive_entry * entry,struct archive_write * archive)1420 write_path(struct archive_entry *entry, struct archive_write *archive)
1421 {
1422 int ret;
1423 const char *path;
1424 mode_t type;
1425 size_t written_bytes;
1426
1427 path = archive_entry_pathname(entry);
1428 type = archive_entry_filetype(entry);
1429 written_bytes = 0;
1430
1431 if (path == NULL)
1432 return (ARCHIVE_FATAL);
1433
1434 ret = __archive_write_output(archive, path, strlen(path));
1435 if (ret != ARCHIVE_OK)
1436 return (ARCHIVE_FATAL);
1437 written_bytes += strlen(path);
1438
1439 /* Folders are recognized by a trailing slash. */
1440 if ((type == AE_IFDIR) & (path[strlen(path) - 1] != '/')) {
1441 ret = __archive_write_output(archive, "/", 1);
1442 if (ret != ARCHIVE_OK)
1443 return (ARCHIVE_FATAL);
1444 written_bytes += 1;
1445 }
1446
1447 return ((int)written_bytes);
1448 }
1449
1450 static void
copy_path(struct archive_entry * entry,unsigned char * p)1451 copy_path(struct archive_entry *entry, unsigned char *p)
1452 {
1453 const char *path;
1454 size_t pathlen;
1455 mode_t type;
1456
1457 path = archive_entry_pathname(entry);
1458 pathlen = strlen(path);
1459 type = archive_entry_filetype(entry);
1460
1461 memcpy(p, path, pathlen);
1462
1463 /* Folders are recognized by a trailing slash. */
1464 if ((type == AE_IFDIR) & (path[pathlen - 1] != '/')) {
1465 p[pathlen] = '/';
1466 p[pathlen + 1] = '\0';
1467 }
1468 }
1469
1470
1471 static struct archive_string_conv *
get_sconv(struct archive_write * a,struct zip * zip)1472 get_sconv(struct archive_write *a, struct zip *zip)
1473 {
1474 if (zip->opt_sconv != NULL)
1475 return (zip->opt_sconv);
1476
1477 if (!zip->init_default_conversion) {
1478 zip->sconv_default =
1479 archive_string_default_conversion_for_write(&(a->archive));
1480 zip->init_default_conversion = 1;
1481 }
1482 return (zip->sconv_default);
1483 }
1484
1485 /*
1486 Traditional PKWARE Decryption functions.
1487 */
1488
1489 static void
trad_enc_update_keys(struct trad_enc_ctx * ctx,uint8_t c)1490 trad_enc_update_keys(struct trad_enc_ctx *ctx, uint8_t c)
1491 {
1492 uint8_t t;
1493 #define CRC32(c, b) (crc32(c ^ 0xffffffffUL, &b, 1) ^ 0xffffffffUL)
1494
1495 ctx->keys[0] = CRC32(ctx->keys[0], c);
1496 ctx->keys[1] = (ctx->keys[1] + (ctx->keys[0] & 0xff)) * 134775813L + 1;
1497 t = (ctx->keys[1] >> 24) & 0xff;
1498 ctx->keys[2] = CRC32(ctx->keys[2], t);
1499 #undef CRC32
1500 }
1501
1502 static uint8_t
trad_enc_decrypt_byte(struct trad_enc_ctx * ctx)1503 trad_enc_decrypt_byte(struct trad_enc_ctx *ctx)
1504 {
1505 unsigned temp = ctx->keys[2] | 2;
1506 return (uint8_t)((temp * (temp ^ 1)) >> 8) & 0xff;
1507 }
1508
1509 static unsigned
trad_enc_encrypt_update(struct trad_enc_ctx * ctx,const uint8_t * in,size_t in_len,uint8_t * out,size_t out_len)1510 trad_enc_encrypt_update(struct trad_enc_ctx *ctx, const uint8_t *in,
1511 size_t in_len, uint8_t *out, size_t out_len)
1512 {
1513 unsigned i, max;
1514
1515 max = (unsigned)((in_len < out_len)? in_len: out_len);
1516
1517 for (i = 0; i < max; i++) {
1518 uint8_t t = in[i];
1519 out[i] = t ^ trad_enc_decrypt_byte(ctx);
1520 trad_enc_update_keys(ctx, t);
1521 }
1522 return i;
1523 }
1524
1525 static int
trad_enc_init(struct trad_enc_ctx * ctx,const char * pw,size_t pw_len)1526 trad_enc_init(struct trad_enc_ctx *ctx, const char *pw, size_t pw_len)
1527 {
1528
1529 ctx->keys[0] = 305419896L;
1530 ctx->keys[1] = 591751049L;
1531 ctx->keys[2] = 878082192L;
1532
1533 for (;pw_len; --pw_len)
1534 trad_enc_update_keys(ctx, *pw++);
1535 return 0;
1536 }
1537
1538 static int
is_traditional_pkware_encryption_supported(void)1539 is_traditional_pkware_encryption_supported(void)
1540 {
1541 uint8_t key[TRAD_HEADER_SIZE];
1542
1543 if (archive_random(key, sizeof(key)-1) != ARCHIVE_OK)
1544 return (0);
1545 return (1);
1546 }
1547
1548 static int
init_traditional_pkware_encryption(struct archive_write * a)1549 init_traditional_pkware_encryption(struct archive_write *a)
1550 {
1551 struct zip *zip = a->format_data;
1552 const char *passphrase;
1553 uint8_t key[TRAD_HEADER_SIZE];
1554 uint8_t key_encrypted[TRAD_HEADER_SIZE];
1555 int ret;
1556
1557 passphrase = __archive_write_get_passphrase(a);
1558 if (passphrase == NULL) {
1559 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1560 "Encryption needs passphrase");
1561 return ARCHIVE_FAILED;
1562 }
1563 if (archive_random(key, sizeof(key)-1) != ARCHIVE_OK) {
1564 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1565 "Can't generate random number for encryption");
1566 return ARCHIVE_FATAL;
1567 }
1568 trad_enc_init(&zip->tctx, passphrase, strlen(passphrase));
1569 /* Set the last key code which will be used as a check code
1570 * for verifying passphrase in decryption. */
1571 key[TRAD_HEADER_SIZE-1] = zip->trad_chkdat;
1572 trad_enc_encrypt_update(&zip->tctx, key, TRAD_HEADER_SIZE,
1573 key_encrypted, TRAD_HEADER_SIZE);
1574 /* Write encrypted keys in the top of the file content. */
1575 ret = __archive_write_output(a, key_encrypted, TRAD_HEADER_SIZE);
1576 if (ret != ARCHIVE_OK)
1577 return (ret);
1578 zip->written_bytes += TRAD_HEADER_SIZE;
1579 zip->entry_compressed_written += TRAD_HEADER_SIZE;
1580 return (ret);
1581 }
1582
1583 static int
init_winzip_aes_encryption(struct archive_write * a)1584 init_winzip_aes_encryption(struct archive_write *a)
1585 {
1586 struct zip *zip = a->format_data;
1587 const char *passphrase;
1588 size_t key_len, salt_len;
1589 uint8_t salt[16 + 2];
1590 uint8_t derived_key[MAX_DERIVED_KEY_BUF_SIZE];
1591 int ret;
1592
1593 passphrase = __archive_write_get_passphrase(a);
1594 if (passphrase == NULL) {
1595 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1596 "Encryption needs passphrase");
1597 return (ARCHIVE_FAILED);
1598 }
1599 if (zip->entry_encryption == ENCRYPTION_WINZIP_AES128) {
1600 salt_len = 8;
1601 key_len = 16;
1602 } else {
1603 /* AES 256 */
1604 salt_len = 16;
1605 key_len = 32;
1606 }
1607 if (archive_random(salt, salt_len) != ARCHIVE_OK) {
1608 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1609 "Can't generate random number for encryption");
1610 return (ARCHIVE_FATAL);
1611 }
1612 archive_pbkdf2_sha1(passphrase, strlen(passphrase),
1613 salt, salt_len, 1000, derived_key, key_len * 2 + 2);
1614
1615 ret = archive_encrypto_aes_ctr_init(&zip->cctx, derived_key, key_len);
1616 if (ret != 0) {
1617 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1618 "Decryption is unsupported due to lack of crypto library");
1619 return (ARCHIVE_FAILED);
1620 }
1621 ret = archive_hmac_sha1_init(&zip->hctx, derived_key + key_len,
1622 key_len);
1623 if (ret != 0) {
1624 archive_encrypto_aes_ctr_release(&zip->cctx);
1625 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1626 "Failed to initialize HMAC-SHA1");
1627 return (ARCHIVE_FAILED);
1628 }
1629
1630 /* Set a password verification value after the 'salt'. */
1631 salt[salt_len] = derived_key[key_len * 2];
1632 salt[salt_len + 1] = derived_key[key_len * 2 + 1];
1633
1634 /* Write encrypted keys in the top of the file content. */
1635 ret = __archive_write_output(a, salt, salt_len + 2);
1636 if (ret != ARCHIVE_OK)
1637 return (ret);
1638 zip->written_bytes += salt_len + 2;
1639 zip->entry_compressed_written += salt_len + 2;
1640
1641 return (ARCHIVE_OK);
1642 }
1643
1644 static int
is_winzip_aes_encryption_supported(int encryption)1645 is_winzip_aes_encryption_supported(int encryption)
1646 {
1647 size_t key_len, salt_len;
1648 uint8_t salt[16 + 2];
1649 uint8_t derived_key[MAX_DERIVED_KEY_BUF_SIZE];
1650 archive_crypto_ctx cctx;
1651 archive_hmac_sha1_ctx hctx;
1652 int ret;
1653
1654 if (encryption == ENCRYPTION_WINZIP_AES128) {
1655 salt_len = 8;
1656 key_len = 16;
1657 } else {
1658 /* AES 256 */
1659 salt_len = 16;
1660 key_len = 32;
1661 }
1662 if (archive_random(salt, salt_len) != ARCHIVE_OK)
1663 return (0);
1664 ret = archive_pbkdf2_sha1("p", 1, salt, salt_len, 1000,
1665 derived_key, key_len * 2 + 2);
1666 if (ret != 0)
1667 return (0);
1668
1669 ret = archive_encrypto_aes_ctr_init(&cctx, derived_key, key_len);
1670 if (ret != 0)
1671 return (0);
1672 ret = archive_hmac_sha1_init(&hctx, derived_key + key_len,
1673 key_len);
1674 archive_encrypto_aes_ctr_release(&cctx);
1675 if (ret != 0)
1676 return (0);
1677 archive_hmac_sha1_cleanup(&hctx);
1678 return (1);
1679 }
1680