What's the easiest way to zip and encrypt a file with AES (128 or 256) in a Rails app, so that the zip archive can be opened with WinZip?
Requirements:
Zip archive can be opened by WinZip (so no 7-zip)
Zip archive is encrypted with AES-128 or AES-256 (which WinZip supports)
Gems:
Rubyzip: doesn't support encryption
Zipruby: supports only the traditional/legacy non-AES encryption which is significantly less secure.
Any advice on what I can do here?
Thanks!
Are commercial products out of the question? Chilkat Ruby Zip appears to support WinZip AES. The example code looks pretty temptingly easy.
There also appears to be a Java library available. If you're running in JRuby... Or if you feel like porting!
Related
How to unzip .zip file in objective-c + ios without third party tool/ software
like SSZipArchive or ZipArchive.
I already check many threads but not get any useful links.
If you don't want to use third party you have to implement mechanisms that frameworks make for you. So you have to repeat their already done job. If so you may as well use those frameworks.
If you are interested how this works you can just check their code.
Well you could do it with first party software (from Apple). I haven't tried it myself, but how about this: https://opensource.apple.com/source/gnuzip/gnuzip-28/gzip/unzip.c
Zip archives are nontrivial archives. Theres more to a zip archive than just the deflate compression. Apple supplies libz as a framework you can link to. But libz isn't enough to recreate a zip file's directory structure, for instance.
If you seriously want to avoid external dependencies, i'd suggest trying to convert to something that iOS can handle out of the gate: try gzip! heres a tutorial: http://www.clintharris.net/2009/how-to-gzip-data-in-memory-using-objective-c/
Otherwise, honestly, there are well supported 3rd party zip libraries that should work just fine.
I would like to encrypt a plist file at building time (XCode) and then decrypt it at running time when launching the app. As you can see, the purpose is to encrypt the entire plist file, and not just some text inside it.
I've tried to encrypt this file with a run script and OpenSSL, and decrypt it with RNCryptor for Swift, but I couldn't find a good result.
On the other hand, I've seen some posts talking about OpenSSL vs new Mac OS, and maybe this command is not good enough to encrypt due it's deprecated.
Please any idea about it?
Thanks!!
Though we can add a pass in the pass application in iOS 6.0 programmatically given we have .pkpass file in our document directory or we get it from the server. But i have searched all the apple documentation in which steps are given to generate the .pkpass file manually.
Is this feasible to create a .pkpass file programmatically using Xcode.
The .pkpass file is composed of several components. The most difficult component that must be done programmatically is the signature of the manifest file. The other parts are trivial to assemble on the iPhone platform programmatically. You may note that Apple's documentation uses a shell command to compute this value using the OpenSSL library. I had to manually write a function that signed the manifest files using the OpenSSL C library, however it is not trivial due to a lack of examples and the complexity of the library. The signing function selected by Apple for the manifest is not present in their CommonCrypto framework.
Also, in order to sign these passes on the phone, the credentials must be present in the binary's bundle or compiled assets which is probably not a good idea to distribute if you would like to protect the integrity of your profile and signing identities.
So in summary: This is certainly possible, and is doable using the existing specifications and libraries. However, I would not recommend doing this on the phone. It is fairly difficult, and may introduce security risks if not done properly. Additionally, if you incorporate the OpenSSL library in your binary then you must report to Apple that you incorporate encryption in your device and must register for an ERN with the government. There may also be other export conditions on your code depending on your locality (but of course I am not a lawyer so this is a guess).
Does anyone know of an iOS library that allows us to encrypt using AES128 CFB mode with not padding. Looks like commoncrypto does not support this .
Thanks
I'd suggest pushing OpenSSL into your project, if possible. A quick search for "ios openssl" returns a first hit for Easy inclusion of OpenSSL into iOS projects. See also AES interoperability between .Net and iPhone?
Beware that without padding, you'll need to feed the cipher blocks of the correct size.
I'm developing a BlackBerry application in which I need to unpack a zip file compressed with PKZIP. The package could have one file in it, or it could have 10; it will vary in each case. I know that the BlackBerry API has native support for GZip and Zlib, although I'm pretty sure that these methods aren't going to be helpful in my case. It doesn't look as if I can extract the individual files using these calls.
I've tried JZlib (http://www.jcraft.com/jzlib/), which compiled fine, but again it doesn't look as if the methods contained therein are going to allow me to pull the individual files.
It appears as if this is possible, as there's an application called Ziplorer (http://www.s4bb.com/software/ziplorer/) that claims to do perform this exact procedure. How they're doing it, however, escapes me.
So here I am after hours of Googling. I'm welcoming any insight into my problem with open arms.
"zip" algorithms are typically offshoots of the Lempel-Ziv-Welch algorithm. They are a fairly efficient stream compression algorithms, but because of how they function, you can't start to decompress at random points in the file, you have to start from the start.
Any product that claims to be able to decompress one file from a zip still has to decompress everything before it in the zip file in order to know how to decrypt the given file, or even, for that matter, where the file is in the archive.
If you can tolerate GPL code in your application, then this library http://jazzme.sourceforge.net/ that might work. However the project (and its parent project http://sourceforge.net/projects/jazzlib/) don't look like they're being developed.