Enforce encrypted zip for unstreaming when password parameter is supplied

[HugoMichelCognex]

Hey,

I just found out using your library (which is really nice btw, thank you very much) that even if you specify a password in the stream_unzip method, you can still send zip that are not encrypted and they are still being read.

While this can be a nice feature, it could also be a problem if you want to control the input zip that is being passed. In our case, we want to be sure the input zip has been produced by us and is therefore encrypted with our password.

Could it be possible to add either an option or a flag to raise an error if you try to read a non-encrypted archive when you supply a password? I have not fully read your code, but this should (?) be possible I guess.

Thanks 🙏

[michalc]

It should be possible yes. And in fact I wonder if this should be the default behaviour, and maybe even not turn-offable... it'll be technically a backwards-incompatible change, but I suspect that's fine.

For a bit of background, what sort of encryption do your zip files use? Old-style ZipCrypto or AES? (And if AES, what key length encryption key if you know?)

[HugoMichelCognex]

I only tried with ZipCrypto for now.

[michalc]

Have got a WIP version at #97

[michalc]

The WIP version at #97 now has a bit of documentation explaining how to tighten up the allowed encryption mechanism

[michalc]

Merged in and released in v0.0.93. So in the case discussed here, to only allow ZipCrypto, but not allow anything else, including non-encrypted files, you would do something like this:

from stream_unzip import stream_unzip, ZIP_CRYPTO

for file_name, file_size, unzipped_chunks in stream_unzip(
    zipped_chunks(),
    password=b'my-password', allowed_encryption_mechanisms=(ZIP_CRYPTO,),
):

And it does not allow non-encrypted files because NO_ENCRYPTION was not passed in the allowed_encryption_mechanisms parameter.

[HugoMichelCognex]

That is perfect, thank you very much!!

Your responsiveness is amazing 👍