Permalink
Browse files

Merge PR #260, Fix AES256 encryption

Fixes #181 by using an empty IV for AES encryption instead of the second derived key

Co-authored-by: FastJack2 <FastJack2@users.noreply.github.com>
  • Loading branch information...
FastJack2 authored and piksel committed Sep 16, 2018
1 parent 88302c5 commit 18b6e4741dd9e9ecd64a43b1613c20b5a858d93b
Showing with 7 additions and 5 deletions.
  1. +7 −5 src/ICSharpCode.SharpZipLib/Encryption/ZipAESTransform.cs
@@ -78,15 +78,17 @@ public ZipAESTransform(string key, byte[] saltBytes, int blockSize, bool writeMo
// Performs the equivalent of derive_key in Dr Brian Gladman's pwd2key.c
var pdb = new Rfc2898DeriveBytes(key, saltBytes, KEY_ROUNDS);
var rm = Aes.Create();
var rm = Aes.Create();
rm.Mode = CipherMode.ECB; // No feedback from cipher for CTR mode
_counterNonce = new byte[_blockSize];
byte[] byteKey1 = pdb.GetBytes(_blockSize);
byte[] byteKey2 = pdb.GetBytes(_blockSize);
_encryptor = rm.CreateEncryptor(byteKey1, byteKey2);
byte[] key1bytes = pdb.GetBytes(_blockSize);
byte[] key2bytes = pdb.GetBytes(_blockSize);
// Use empty IV for AES
_encryptor = rm.CreateEncryptor(key1bytes, new byte[16]);
_pwdVerifier = pdb.GetBytes(PWD_VER_LENGTH);
//
_hmacsha1 = IncrementalHash.CreateHMAC(HashAlgorithmName.SHA1, byteKey2);
_hmacsha1 = IncrementalHash.CreateHMAC(HashAlgorithmName.SHA1, key2bytes);
_writeMode = writeMode;
}

0 comments on commit 18b6e47

Please sign in to comment.