Open neridonk opened 7 years ago
ianhays
commented
7 years ago It's certainly possible to add encryption support to ZipArchives. There are a few competing standards for which encryption and accompanying header definitions, but I think the AES one used by 7-zip is one of the more popular ones. There's also basic passwords included in the zip format but iirc those are easily crackable.
The format also has some strong encryption support but it's copyrighted so out of bounds for us.
karelz
commented
7 years ago We need API proposal to move it further.
ghost
commented
7 years ago Speaks something against?
namespace System.IO.Compression
{
public static class ZipFile
{
public static ZipArchive Open(String archiveFileName, ZipArchiveMode mode, Encoding entryNameEncoding, string password)
}
}@ianhays can you please comment if that is sufficient?
ianhays
commented
7 years ago @lburkovsky take a look at this issue for a good example of the kind of API proposal that we're looking for. In general, the more implementation details, the better. You can also look at our API Review process doc for more info on the process.
For Zip password support specifically, an API proposal should include analysis on the different methods of password support in Zip, the pros and cons of each, and which you think should be officially supported in .NET.
danmoseley
commented
7 years ago @neridonk perhaps you would like to make the proposal for us to formally review? as above.
mfjerome
commented
6 years ago Any news or plans about this feature? Would be very useful!
karelz
commented
6 years ago @mfjerome we are open to API proposal and contribution. Are you interested?
carlossanlop
commented
4 years ago What do we need this feature for? Is it for reading password-protected files or producing or something else? @bartonjs can you please chime in?
bartonjs
commented
4 years ago I'm not quite sure what's being asked of me here. So here are words.
All further comments relate to the WinZIp version:
The preference in cryptography API is to never have a default algorithm choice, so creating new encrypted ZIP files would require using a method that took that as an input. That might mean that instead of
public static ZipArchive Open(String archiveFileName, ZipArchiveMode mode, Encoding entryNameEncoding, string password);You want
public enum ZipEncryptionMode
{
Unknown,
Aes128,
Aes192,
Aes256,
}
public static ZipArchive OpenRead(string archiveFileName, Encoding entryNameEncoding, string password);
public static ZipArchive OpenCreate(string archiveFileName, Encoding entryNameEncoding, string password, ZipEncryptionMode encryptionMode);
public static ZipArchive OpenUpdate(string archiveFileName, Encoding entryNameEncoding, string password, ZipEncryptionMode encryptionMode);Or, you could combine them:
public enum ZipEncryptionMode
{
Unknown,
Aes128,
Aes192,
Aes256,
}
// Update/Create modes will throw if newFileEncryptionMode is default
public static ZipArchive Open(string archiveFileName, Encoding entryNameEncoding, string password, ZipEncryptionMode newFileEncryptionMode = default);This is all unfortunate that you're holding the password string in memory. Being able to take it as a ReadOnlySpan
So, short form:
soroshsabz
commented
3 years ago I think this issue can resolve my feature needed in https://developercommunity.visualstudio.com/idea/368318/add-password-protected-zip-file-to-systemiocompres.html
NgocThachThai
commented
3 years ago We need it.
adamsitnik
commented
2 years ago @jeffhandley @danmoseley I think it's a good .NET 7 candidate for the "Bottom Up" initiative
danmoseley
commented
2 years ago Could well be. That's what the 7.0 milestone is for.
cgountanis
commented
1 year ago So... can we extract Zips with passwords yet? .NET6-8+
SuhasParameshwara
commented
3 months ago So we have to use third party library?
wakuflair
commented
2 months ago Can't believe this issue is still open
dos-ise
commented
2 months ago dotnetzip is now no longer maintained. And this feature is still not implemented. This missing feature is still blocking us from using System.IO.Compression.
tts-sdrissen
commented
3 weeks ago need this, too
peter0302
commented
1 week ago You have to be freakin kidding me. I just was about to add password support and started looking for ZipArchive constructor overloads that took a password, and not finding one, Googled it. This is the last thing I expected to see. What on earth is wrong with you people? How can this not be part of .NET's built-in Zip support? I don't even know what to say.
cgountanis
commented
1 week ago Best I can think of is that, there's just too many compression and encryption methods. We ended up just using SharpZipLib, wasn't really too bad.
sladecurtis
commented
5 days ago Need this also! So basic a concept.. please implement in near future. My use case: SOC junior analysts attempting to take potentially malicious files off a machine that threw an endpoint alert in Azure. We want them to zip and password protect the malicious file and download from a Defender Live Response Session. Currently this cannot be done. Zip is a good start, but all potentially malicious files should be password protected too (standard malware handling procedures). We've tested and cannot even install other modules from a live response session, so it needs to be native to powershell cmdlets. Thanks.
StarWars999123
commented
4 days ago @SteveL-MSFT Is there any update to put it on the roadmap by Microsoft? What about implementations for the legacy .net framework support for NET472, NET48, and NET6 that could previously rely on the maintained DotNetZip library? IMHO this isn't something to be planned for NET9 or whatever, but something that needs to support even the old frameworks asap.
I don't wanna express my honest thoughts regarding this issue, but lets say @peter0302 kept it very polite...
peter0302
commented
4 days ago I don't wanna express my honest thoughts regarding this issue, but lets say @peter0302 kept it very polite...
LOL they marked my comment as abuse. Imagine if I'd expressed my honest thoughts.
The format also has some strong encryption support but it's copyrighted so out of bounds for us.
First it's a patent not a copyright:
https://ppubs.uspto.gov/dirsearch-public/print/downloadPdf/11461487
Priority date is July 16, 2003 with a 242 day administrative extension, plus a 20 year term. That's March 14, 2024, meaning the patent is expired.
Patent gone, carry on. Time to implement this.
chosh-capa
commented
4 days ago You have to be freakin kidding me. I just was about to add password support and started looking for
ZipArchiveconstructor overloads that took a password, and not finding one, Googled it. This is the last thing I expected to see. What on earth is wrong with you people? How can this not be part of .NET's built-in Zip support? I don't even know what to say.
Absolutely the same feeling. The support for compressed archive formats is probably the worst part of the .Net experience.
I hope they can prioritize these fundamental experiences that have been missing for decades, so that we can love the .NET ecosystem even more.
sladecurtis
commented
4 days ago So that means we might actually get this feature added in future??? [Hopeful]
Sent from Proton Mail Android
-------- Original Message -------- On 2024-07-19 11:50 a.m., peter0302 wrote:
I don't wanna express my honest thoughts regarding this issue, but lets say @.***(https://github.com/peter0302) kept it very polite...
LOL they marked my comment as abuse. Imagine if I'd expressed my honest thoughts.
The format also has some strong encryption support but it's copyrighted so out of bounds for us.
First it's a patent not a copyright:
https://ppubs.uspto.gov/dirsearch-public/print/downloadPdf/11461487
Priority date is July 16, 2003 with a 242 day administrative extension, plus a 20 year term. That's March 14, 2024, meaning the patent is expired.
Time to implement this.
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: @.***>
can we make that happen?