/src/libzip/lib/zip_file_set_encryption.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | zip_file_set_encryption.c -- set encryption for file in archive |
3 | | Copyright (C) 2016-2023 Dieter Baron and Thomas Klausner |
4 | | |
5 | | This file is part of libzip, a library to manipulate ZIP archives. |
6 | | The authors can be contacted at <info@libzip.org> |
7 | | |
8 | | Redistribution and use in source and binary forms, with or without |
9 | | modification, are permitted provided that the following conditions |
10 | | are met: |
11 | | 1. Redistributions of source code must retain the above copyright |
12 | | notice, this list of conditions and the following disclaimer. |
13 | | 2. Redistributions in binary form must reproduce the above copyright |
14 | | notice, this list of conditions and the following disclaimer in |
15 | | the documentation and/or other materials provided with the |
16 | | distribution. |
17 | | 3. The names of the authors may not be used to endorse or promote |
18 | | products derived from this software without specific prior |
19 | | written permission. |
20 | | |
21 | | THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS |
22 | | OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
23 | | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
24 | | ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY |
25 | | DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
26 | | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE |
27 | | GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
28 | | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER |
29 | | IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR |
30 | | OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN |
31 | | IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
32 | | */ |
33 | | |
34 | | |
35 | | #include "zipint.h" |
36 | | |
37 | | #include <stdlib.h> |
38 | | #include <string.h> |
39 | | |
40 | | ZIP_EXTERN int |
41 | 985 | zip_file_set_encryption(zip_t *za, zip_uint64_t idx, zip_uint16_t method, const char *password) { |
42 | 985 | zip_entry_t *e; |
43 | 985 | char *our_password = NULL; |
44 | | |
45 | 985 | if (idx >= za->nentry) { |
46 | 0 | zip_error_set(&za->error, ZIP_ER_INVAL, 0); |
47 | 0 | return -1; |
48 | 0 | } |
49 | | |
50 | 985 | if (ZIP_IS_RDONLY(za)) { |
51 | 0 | zip_error_set(&za->error, ZIP_ER_RDONLY, 0); |
52 | 0 | return -1; |
53 | 0 | } |
54 | 985 | if (ZIP_WANT_TORRENTZIP(za)) { |
55 | 0 | zip_error_set(&za->error, ZIP_ER_NOT_ALLOWED, 0); |
56 | 0 | return -1; |
57 | 0 | } |
58 | | |
59 | 985 | if (method != ZIP_EM_NONE && _zip_get_encryption_implementation(method, ZIP_CODEC_ENCODE) == NULL) { |
60 | 0 | zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0); |
61 | 0 | return -1; |
62 | 0 | } |
63 | | |
64 | 985 | e = za->entry + idx; |
65 | | |
66 | | |
67 | 985 | if (e->changes == NULL) { |
68 | 0 | if ((e->changes = _zip_dirent_clone(e->orig)) == NULL) { |
69 | 0 | zip_error_set(&za->error, ZIP_ER_MEMORY, 0); |
70 | 0 | return -1; |
71 | 0 | } |
72 | 0 | } |
73 | | |
74 | 985 | if (password) { |
75 | 985 | if ((our_password = strdup(password)) == NULL) { |
76 | 0 | zip_error_set(&za->error, ZIP_ER_MEMORY, 0); |
77 | 0 | return -1; |
78 | 0 | } |
79 | 985 | } |
80 | | |
81 | 985 | e->changes->encryption_method = method; |
82 | 985 | e->changes->changed |= ZIP_DIRENT_ENCRYPTION_METHOD; |
83 | 985 | if (password) { |
84 | 985 | e->changes->password = our_password; |
85 | 985 | e->changes->changed |= ZIP_DIRENT_PASSWORD; |
86 | 985 | } |
87 | 0 | else { |
88 | 0 | if (e->changes->changed & ZIP_DIRENT_PASSWORD) { |
89 | 0 | _zip_crypto_clear(e->changes->password, strlen(e->changes->password)); |
90 | 0 | free(e->changes->password); |
91 | 0 | e->changes->password = e->orig ? e->orig->password : NULL; |
92 | 0 | e->changes->changed &= ~ZIP_DIRENT_PASSWORD; |
93 | 0 | } |
94 | 0 | } |
95 | | |
96 | 985 | return 0; |
97 | 985 | } |