Support for Central Directory Encryption

[nmoinvaz]

Need to add support for central directory encryption to prevent information leakage about the file names and sizes. Essentially the central directory is encrypted like any other file in the zip and the information in the local file headers are masked.

[nmoinvaz]

I did some initial investigations and the only application I could find that supported central directory encryption was PKWARE's. Additionally, PKWARE's zip application only supported central directory encryption using their patented Strong Encryption. The minizip library uses WinZIP's AES which doesn't have such licensing restrictions. WinZIP doesn't support central directory encryption at all, and WinZIP's AES specification doesn't mention central directory encryption either. If the minizip library was to implement central directory encryption it would have to use WinZIP's AES which nobody supports. At this point it is probably better to use an outside encryption app to encrypt the entire zip file which would probably be more secure than the WinZIP AES supported in minizip.

[nmoinvaz]

This is possible now. See How to Create a Secure Zip under Wiki.

[oleg-cherednik]

Hi, Have you tried to implement it?

[nmoinvaz]

It is done. Minizip can zip the central directory and if you are using AES encryption then the central directory will be encrypted. please see the wiki

[oleg-cherednik]

@nmoinvaz could you help me to extract this algo from the minzip code? I was C/C++ developer many years ago but now I am working on zip4jvm to support it in Java. I have successfully compiled this code but cannot run it in debug mode neither CLion nor VisualStudio. In both cases I have different errors. For me it's enough to have debuggable application and then I can extract what I need.