I'm trying my hand at implementing file decryption in Unzipit. I already have some commits on my local system, including a ZIP compatibility check function which only adds ~450 bytes to the minified JavaScript file.
In the test data directory, there are two zip files with encrypted file records. If I can be provided the keys to these files, I can work on this feature within tests without modifying existing files. Otherwise, I would be happy to make new encrypted zip files for testing.
My use case for this prefers AES encryption, so that's what I'm going to focus on for the time being. I have an idea for how this would be fit with existing data structures, and it would look something like this:
import { unzip } from "@greggman/unzipit";
const {entries} = await unzip(url);
for (const [name, entry] of Object.entries(entries)) {
const content = await entry.setKey("my-password").arrayBuffer();
// ...
}
The setKey method would set a private property and return the ZipEntry itself, which would then make it simple to chain a reading method afterwards. For security purposes, I get the impression it would be best to ensure the key is disposed of in some way. In my opinion, any reading operation should dispose of the key from the ZipEntry, and another approach would be that a function like setKey would create a copy of the ZipEntry which tracks the key, and the garbage collector would erase the ZipEntry instance which contains the key.
Making the password part of ZipEntry instead of the archive has several benefits. The ZIP specification does not state that all files within an archive must have the same password or encryption method, and this would allow the user to account for this outside of a configuration more global to the archive. My hope is that it also is closer to the design focus of the library, putting the onus of determining the particulars of how to process the archive on the user. If this approach doesn't, I'm happy to try a different way of organizing decryption features.
I'm trying my hand at implementing file decryption in Unzipit. I already have some commits on my local system, including a ZIP compatibility check function which only adds ~450 bytes to the minified JavaScript file.
In the test data directory, there are two zip files with encrypted file records. If I can be provided the keys to these files, I can work on this feature within tests without modifying existing files. Otherwise, I would be happy to make new encrypted zip files for testing.
My use case for this prefers AES encryption, so that's what I'm going to focus on for the time being. I have an idea for how this would be fit with existing data structures, and it would look something like this:
The
setKeymethod would set a private property and return theZipEntryitself, which would then make it simple to chain a reading method afterwards. For security purposes, I get the impression it would be best to ensure the key is disposed of in some way. In my opinion, any reading operation should dispose of the key from theZipEntry, and another approach would be that a function likesetKeywould create a copy of theZipEntrywhich tracks the key, and the garbage collector would erase theZipEntryinstance which contains the key.Making the password part of
ZipEntryinstead of the archive has several benefits. The ZIP specification does not state that all files within an archive must have the same password or encryption method, and this would allow the user to account for this outside of a configuration more global to the archive. My hope is that it also is closer to the design focus of the library, putting the onus of determining the particulars of how to process the archive on the user. If this approach doesn't, I'm happy to try a different way of organizing decryption features.