/** * Traditional PKWARE ZIP encryption (ZipCrypto). * * This implements the "traditional ZIP encryption" algorithm as specified * in the PKWARE APPNOTE.TXT (section 6.1.5 "Traditional PKWARE Encryption"). * * WARNING: ZipCrypto is cryptographically weak and should only be used * for backward compatibility. Use AES encryption for new archives. * * References: * - PKWARE APPNOTE.TXT 6.1.5 - Traditional Encryption * - https://www.forensicfocus.com/stable/wp-content/uploads/2009/04/zip_encryption.pdf */ /** * ZipCrypto encryption header size. * The first 12 bytes of encrypted data are the encryption header. */ export declare const ZIP_CRYPTO_HEADER_SIZE = 12; /** * Internal state for ZipCrypto cipher. * Uses three 32-bit keys updated with each byte processed. */ export interface ZipCryptoState { key0: number; key1: number; key2: number; } /** * Initialize ZipCrypto state with a password. */ export declare function zipCryptoInitKeys(password: string | Uint8Array): ZipCryptoState; /** * Update the cipher state with a single byte. */ export declare function zipCryptoUpdateKeys(state: ZipCryptoState, byte: number): void; /** * Get the next stream byte for encryption/decryption. */ export declare function zipCryptoGetStreamByte(state: ZipCryptoState): number; /** * Decrypt a single byte and update state. */ export declare function zipCryptoDecryptByte(state: ZipCryptoState, cipher: number): number; /** * Encrypt a single byte and update state. */ export declare function zipCryptoEncryptByte(state: ZipCryptoState, plain: number): number; /** * Decrypt the encryption header and verify. * * @param state - Initialized cipher state * @param header - 12-byte encryption header from encrypted data * @param crc32 - Expected CRC32 of the uncompressed data (for verification) * @param lastModTime - Last modified time field (alternative verification) * @returns true if header passes verification */ export declare function zipCryptoDecryptHeader(state: ZipCryptoState, header: Uint8Array, crc32: number, lastModTime?: number): boolean; /** * Generate an encryption header for writing. * * @param state - Initialized cipher state * @param crc32 - CRC32 of the uncompressed data * @param getRandomBytes - Function to generate random bytes * @returns 12-byte encrypted header */ export declare function zipCryptoCreateHeader(state: ZipCryptoState, crc32: number, getRandomBytes: (length: number) => Uint8Array): Uint8Array; /** * Decrypt data in-place after header decryption. */ export declare function zipCryptoDecryptData(state: ZipCryptoState, data: Uint8Array): Uint8Array; /** * Encrypt data after header encryption. */ export declare function zipCryptoEncryptData(state: ZipCryptoState, data: Uint8Array): Uint8Array; /** * High-level decryption interface for ZipCrypto. * * @param encryptedData - Full encrypted data including 12-byte header * @param password - Password string or bytes * @param crc32 - Expected CRC32 for header verification * @param lastModTime - Optional last modified time for alternative verification * @returns Decrypted data (excluding header) or null if verification fails */ export declare function zipCryptoDecrypt(encryptedData: Uint8Array, password: string | Uint8Array, crc32: number, lastModTime?: number): Uint8Array | null; /** * High-level encryption interface for ZipCrypto. * * @param data - Plain data to encrypt * @param password - Password string or bytes * @param crc32 - CRC32 of the data * @param getRandomBytes - Function to generate random bytes * @returns Encrypted data including 12-byte header */ export declare function zipCryptoEncrypt(data: Uint8Array, password: string | Uint8Array, crc32: number, getRandomBytes: (length: number) => Uint8Array): Uint8Array; /** * Check if a password is valid for ZipCrypto-encrypted data without full decryption. * This only verifies the encryption header check byte. * * @param encryptedData - Full encrypted data including 12-byte header * @param password - Password string or bytes * @param crc32 - Expected CRC32 for header verification * @param lastModTime - Optional last modified time for alternative verification * @returns true if password verification passes, false otherwise */ export declare function zipCryptoCheckPassword(encryptedData: Uint8Array, password: string | Uint8Array, crc32: number, lastModTime?: number): boolean;