Using Dotnetzip 1.16 from nuget with .Net core sample app, I run into an issue with PkzipWeak encryption:
Using the following simple test:
private static void Main(string[] args)
{
using var zipFile = new ZipFile();
var entry = zipFile.AddEntry("dummy.bin", (nameof, stream) =>
{
var r = new Random();
var buffer = new byte[40960];
r.NextBytes(buffer);
stream.Write(buffer);
});
entry.Encryption = EncryptionAlgorithm.PkzipWeak;
entry.Password = "pwd12345";
zipFile.Save("testzip.zip");
var check = ZipFile.CheckZipPassword("testzip.zip", "pwd12345");
}
The verification of the file with CheckWithPassword fails.
I also checked with several tools (Z-zip, Windows Explorer,...) that the generated file is indeed incorrect (or at least cannot be dezipped with specified password).
When using Aes128 or Aes256 for encryption method, the test succeeds....
What gives? I must be missing something obvious here...
Hello,
Using Dotnetzip 1.16 from nuget with .Net core sample app, I run into an issue with PkzipWeak encryption:
Using the following simple test:
The verification of the file with CheckWithPassword fails. I also checked with several tools (Z-zip, Windows Explorer,...) that the generated file is indeed incorrect (or at least cannot be dezipped with specified password). When using Aes128 or Aes256 for encryption method, the test succeeds....
What gives? I must be missing something obvious here...
Thank you!