Comments (13)
sunny-shu
commented on May 23, 2024
1
I was reading the source code of winrar and now I found some important clues. I think in a few days, I can solve this issue.
from junrar.
sunny-shu
commented on May 23, 2024
yeah,i agree with you.
When i was doing this feature,i thougt i shoud creat a filterinputStream to support decryption.
but if i do so, more changes come up.and DataComprIO is just a wrapper of channel and DataComprIO assume this role。
so i have not created a new class.
when support to decrypt encrypted archives,Let's refactor again。
from junrar.
gotson
commented on May 23, 2024
i was playing with the code this morning, trying to decrypt the headers. The most painful part is that AES/CBC is a block cipher, and it requires decrypting by block of 16 bytes. That's what the read code in ComprDataIO is doing at the moment.
I like the FilterInputStream idea, but we don't always use a stream, as the channel can be a file or stream, and we have very low level operations reading byte[].
I'm trying to have a working decryption of the headers first, even with dirty code, then we can refactor.
from junrar.
sunny-shu
commented on May 23, 2024
@gotson
do you work it out?
from junrar.
gotson
commented on May 23, 2024
Nope. I'm confident the salt is the next 8 bytes after the main header, I could get some data decrypted but the size is wrong and I get an extraction error.
I didn't have time to debug more.
from junrar.
sunny-shu
commented on May 23, 2024
If you don’t have time, I will continue your work。
from junrar.
gotson
commented on May 23, 2024
@sunny-shu sure. I have pushed a branch encrypted-headers with my current work, you can use that.
I think we need to implement the same behaviour as in ComprDataIO with the decryptedDataBuffer and notConsumptedLen. Because the Archive.readHeaders() method reads headers in small parts, and we need to decrypt in blocks of 16 bytes with AES.
from junrar.
sunny-shu
commented on May 23, 2024
@sunny-shu i think i have found where the salt for the header encryption is located. I have found this website that talk about it (it's in french). The 8 byte salt is located just after the Main Header block. They also have working python code for decryption which confirms the location of the salt.
hi gotson,have you tested the project "unarcrypto"?
i test it with header-encrypted file and fail.
here is the log.
python3 test.py -p test test1.rar
password= test
Block header: crc 6152 type 72 (marker) flags 0x1a21 size 7 addsize 0
Block header: crc 99ce type 73 (archive) flags 0x80 size 13 addsize 0
headersEncrypted True
header salt b'acbbc8f5d6a50a48'
password test
iv b'e2b62aedef183ba788553e597d2dea30' key b'0347c2184752bd449d39302dc76347f2'
encrypted headers: AES key is OK
Block header: crc a32d type 74 (file) flags 0x9624 size 79 addsize 0
has password
has ext_time
file salt b'acbbc8f5d6a50a48'
file crc OK ? False
header salt b'acbbc8f5d6a50a48'
password test
iv b'e2b62aedef183ba788553e597d2dea30' key b'0347c2184752bd449d39302dc76347f2'
encrypted headers: AES key is OK
Block header: crc 3dc4 type 7b (terminator) flags 0x4000 size 7 addsize 0
i must make sure the project can get right result before i can refer to his code.
from junrar.
gotson
commented on May 23, 2024
Why do you say it fails?
from junrar.
sunny-shu
commented on May 23, 2024
file crc OK ? False
I know better about compression。
Decompression is a mathematical calculation. If input data is wrong, the decompression can stiil continue, but the result is wrong。
the log shows the content is wrong.
from junrar.
gotson
commented on May 23, 2024
Indeed.
It seems it's OK for RAR5 though:
> python3 unarcrypto.py -p hello -s 76d7a5a8d72da80c19acbd0f20f90dabac0c52f6 -v 1 tests/hello5_pw_store.rar 7.7s Wed Jul 29 02:50:01 2020
password= hello
Block header: crc e5b59233 headerSize 10 headerType 1 (Main) headerFlags 5
ARCHIVE_FLAG_VOLUME
ARCHIVE_FLAG_SOLID
extraSize 6 archiveFlags 0 volNum -1
extra: b'050101808000'
innerExtraSize 5 extraType 1 extraData: b'0101808000'
Block header: crc d5c0a057 headerSize 86 headerType 2 (File) headerFlags 3
extraSize 60 fileFlags 4 dataSize 32 unpackedSize 23 dataCRC 0x292f7419 comprInfo 0x0 hostOS 0 filename b'hello.txt'
innerExtraSize 48 extraType 1 (Encryption) extraData: b'00030f3e8ecf5188a0ceae32cc0fdfc9ab9980825952411445b8610ccbe6b3eb05b81591179e35245a115c37811683'
encrVersion 0 encrFlags 3 kdfCount 15 salt b'3e8ecf5188a0ceae32cc0fdfc9ab9980' iv b'825952411445b8610ccbe6b3eb05b815' checkValue b'91179e35245a115c37811683'
use tweaked checksum
innerExtraSize 10 extraType 3 (Time) extraData: b'02bf2b20ff1e13d201'
winFileTime b'bf2b20ff1e13d201'
hmac_sha256(password,hashdata) b'de1bf4c31403ca43d8538b4a0fb34fa3c67feffd74b7e2fd507e82b88cc22b74'
AES key b'a9356e422f3d7fcd8a9b851697cda8d96e6741e46a5e443b490dfb8a4ddcee52'
v1 b'358eb01bed0cc6d9e6c4f8fef1b02adf173215e59325f70c788d46bc5b678464'
v2 b'447751b5b3a8d51651d60e7ed36beb70ed0dc8e985a1f6c869bb0917c138d9f2'
passwd check OK ? True , hash value OK ? True
sha1 correct ? True
Block header: crc 5156771d headerSize 3 headerType 5 (End) headerFlags 4
from junrar.
gotson
commented on May 23, 2024
I have tested other archives in the test folder, some are working.
> python3 unarcrypto.py -p hello -v 1 tests/hello_pw_store_encryptednames2.rar 330ms Wed Jul 29 02:53:52 2020
password= hello
Block header: crc 6152 type 72 (marker) flags 0x1a21 size 7 addsize 0
Block header: crc 99ce type 73 (archive) flags 0x80 size 13 addsize 0
headersEncrypted True
header salt b'86d6dabf466195dc'
iv b'223bcf9b6ad1c376047622108bfdf05c' key b'4c17206f78c6ccd81de9d8998895740d'
encrypted headers: AES key is OK
Block header: crc 6f5 type 74 (file) flags 0x9424 size 54 addsize 0
has password
has ext_time
file salt b'86d6dabf466195dc'
file crc OK ? True
header salt b'86d6dabf466195dc'
iv b'223bcf9b6ad1c376047622108bfdf05c' key b'4c17206f78c6ccd81de9d8998895740d'
encrypted headers: AES key is OK
Block header: crc 3dc4 type 7b (terminator) flags 0x4000 size 7 addsize 0
> python3 unarcrypto.py -p hello -v 1 tests/hello_pw_store.rar 2884ms Wed Jul 29 02:54:15 2020
password= hello
Block header: crc 6152 type 72 (marker) flags 0x1a21 size 7 addsize 0
Block header: crc 90cf type 73 (archive) flags 0x0 size 13 addsize 0
headersEncrypted False
Block header: crc 44dc type 74 (file) flags 0x9424 size 54 addsize 0
has password
has ext_time
file salt b'728be58c227f8db4'
file crc OK ? True
Block header: crc 3dc4 type 7b (terminator) flags 0x4000 size 7 addsize 0
> python3 unarcrypto.py -p hello -v 1 tests/hello_pw_store_headers.rar 344ms Wed Jul 29 02:55:03 2020
password= hello
Block header: crc 6152 type 72 (marker) flags 0x1a21 size 7 addsize 0
Block header: crc 99ce type 73 (archive) flags 0x80 size 13 addsize 0
headersEncrypted True
header salt b'379475b06e303955'
iv b'e3dfe7498ad0faf3325f9ee9283a396c' key b'a002f7af8fc3b153436abb226f298747'
encrypted headers: AES key is OK
Block header: crc 4cd type 74 (file) flags 0x9424 size 54 addsize 0
has password
has ext_time
file salt b'379475b06e303955'
file crc OK ? True
header salt b'379475b06e303955'
iv b'e3dfe7498ad0faf3325f9ee9283a396c' key b'a002f7af8fc3b153436abb226f298747'
encrypted headers: AES key is OK
Block header: crc 3dc4 type 7b (terminator) flags 0x4000 size 7 addsize 0
> python3 unarcrypto.py -p hello -v 1 tests/hello_pw_store_headers2.rar 724ms Wed Jul 29 02:55:40 2020
password= hello
Block header: crc 6152 type 72 (marker) flags 0x1a21 size 7 addsize 0
Block header: crc 99ce type 73 (archive) flags 0x80 size 13 addsize 0
headersEncrypted True
header salt b'86d6dabf466195dc'
iv b'223bcf9b6ad1c376047622108bfdf05c' key b'4c17206f78c6ccd81de9d8998895740d'
encrypted headers: AES key is OK
Block header: crc 6f5 type 74 (file) flags 0x9424 size 54 addsize 0
has password
has ext_time
file salt b'86d6dabf466195dc'
file crc OK ? True
header salt b'86d6dabf466195dc'
iv b'223bcf9b6ad1c376047622108bfdf05c' key b'4c17206f78c6ccd81de9d8998895740d'
encrypted headers: AES key is OK
Block header: crc 3dc4 type 7b (terminator) flags 0x4000 size 7 addsize 0
from junrar.
gotson
commented on May 23, 2024
The release is available on:
v7.3.0- GitHub release
Your semantic-release bot
from junrar.
Related Issues (20)
- Get a specific inputstream from a rar containing multiple items. HOT 1
- Error unpacking large file(>2G) HOT 10
- Could the junrar project benefit from free security help?
- [BUG] Special characters are not recognized anymore HOT 8
- How to disable logging in System.err? HOT 2
- FileHeader times change depending on the current timezone HOT 9
- FileTime.fromMillis(getDateDos(fileTime)) is not working below android API 26 HOT 2
- Remove dependency from org.slf4j.LoggerFactory HOT 7
- CrcErrorException HOT 4
- [BUG] Compress HOT 1
- [BUG]A carefully crafted RAR archive can trigger an infinite loop while parsing. HOT 10
- com.github.junrar.exception.CrcErrorException during extracting of archive HOT 2
- [BUG]A carefully crafted RAR archive can trigger an infinite loop while parsing HOT 21
- [BUG] NullPointerException when extracting solid archives HOT 6
- [BUG]com.github.junrar.exception.CorruptHeaderException: null HOT 2
- [BUG] Exception swallowed during initialization -- silently missing data we used to get in 7.4.1 HOT 11
- [BUG] "IllegalArgumentException: Pipe Size <= 0" with an empty file in the archive HOT 9
- Integration with Google oss-fuzz fuzzing service HOT 2
- Hrlp me HOT 1
- [BUG] Pom License link leads to 404 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from junrar.