>> No doubt this is a useful functionality to have but it would be great to
>> have some comments on whether
>> this can be(or even should be) feasibly added as an inbuilt support.
> 
> MvL already asked for a patch so I suppose that means he thinks it's
> useful.

I am actual skeptical that it is implementable in a reasonable way;
if implemented, I'd say: why not?

> Personally I've never encountered an encrypted zipfile, so I
> just have questions: is there a standard encryption algorithm?

In principle, yes. There are several aspects of encryption described in

http://www.pkware.com/documents/casestudies/APPNOTE.TXT

There are several encryption algorithms defined, such as
"traditional PKWARE", DES, 3DES, "original RC2", RC4, AES,
"corrected RC2", "corrected RC2-64", blowfish, twofish. 

In the file header general purpose bits , bit 0 indicates "file is
encrypted" (which means "traditional PKWARE"), bit 6 indicates "strong
encryption" (an additional header then giving details).

> What is encrypted? The entire file or individual members?

Traditionally, only individual files. With strong encryption (only?),
the central directory can also be encrypted.

> How are you supposed to give the password?

In pkzip: interactively. In the import support: this remains to be seen
in the patch. I assume people requesting that feature have a plan.

> Also, I suppose there could be (US) export
> problems with the code, so it would have to be optional (and we might
> not be able to build it into binaries we distribute from python.org).

The zipfile module already supports decryption. I forgot whether we
determined that support for decryption only doesn't fall under the
export restrictions, or whether we reported the module to the BXA as
well.

Regards,
Martin

_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Reply via email to