refactor: rewrite aes settings

[Its-Just-Nans]

Following #814 (merge it first)

Diff with previous MR https://github.com/zip-rs/zip2/compare/rewrite-aes-settings...rewrite-aes-settings-2?expand=1

[amazon-q-developer]

Code Review Summary

This PR introduces buffer reuse functionality to improve memory efficiency, but contains critical security and logic issues that must be fixed before merge:

Critical Issues Found:

1. Logic Error in AES padding validation (src/aes.rs:116-121): The padding validation is inverted - panics on valid padding and accepts invalid padding
2. Security vulnerabilities (4 instances): Password data is not zeroized after use in multiple functions, leaving sensitive data in memory

Required Actions:

• Fix the inverted padding validation logic in AES decryption
• Add proper password zeroization after use in all affected functions (read.rs and write.rs)

All identified issues have specific code suggestions attached for easy remediation.

---

You can now have the agent implement changes and create commits directly on your pull request's source branch. Simply comment with /q followed by your request in natural language to ask the agent to make changes.

[gemini-code-assist]

Code Review

This pull request refactors encryption handling by moving the EncryptWith enum to src/types.rs and removing the redundant AesModeOptions struct. FileOptions and ZipWriter now use an updated EncryptWith::Aes variant that includes vendor_version and an optional password, simplifying metadata management and CRC logic. Feedback suggests renaming the crc_in_header variable to improve clarity regarding its role in data descriptor logic.

[Its-Just-Nans]

In this MR

I move EncryptWith to src/types.rs and use it instead of aes_mode (it was kinda duplicates)

[Pr0methean]

Looks good; just one nitpick (the variable where Gemini complained about the misleading name can just be inlined).