Added support for password-protected .zip files.

To use: mount a .zip file as usual, open a file as usual, but append '$' plus
the password to the end of the path, like so:

    PHYSFS_File *f = PHYSFS_openRead("/path/to/my/file.txt$MyPassword");

Note that this is the "traditional" PKWARE crypto, like you might get from
PkZip 2.04g or Info-ZIP. They have more advanced cryptography in the modern
.zip spec, but that's not implemented here. If you've ever tried to unzip
an archive and were prompted for a password, you probably saw the traditional
crypto at work.

Note that this is NOT a secure thing: if you ship an app that contains a
password, someone with a debugger can retrieve it. Note also that this
password could be available to any code registered as a PHYSFS_Archiver, and
that due to how archives combine into a single file tree, the wrong archiver
can get the password, at a minimum causing it to fail because passwords don't
match.

In short: make sure you know what you're doing before you use this!

src/archiver_zip.c

@@ -63,11 +63,13 @@ typedef struct _ZIPentry
     PHYSFS_uint64 offset;               /* offset of data in archive      */
     PHYSFS_uint16 version;              /* version made by                */
     PHYSFS_uint16 version_needed;       /* version needed to extract      */
+    PHYSFS_uint16 general_bits;         /* general purpose bits           */
     PHYSFS_uint16 compression_method;   /* compression method             */
     PHYSFS_uint32 crc;                  /* crc-32                         */
     PHYSFS_uint64 compressed_size;      /* compressed size                */
     PHYSFS_uint64 uncompressed_size;    /* uncompressed size              */
     PHYSFS_sint64 last_mod_time;        /* last file mod time             */
+    PHYSFS_uint32 dos_mod_time;         /* original MS-DOS style mod time */
     struct _ZIPentry *hashnext;         /* next item in this hash bucket  */
     struct _ZIPentry *children;         /* linked list of kids, if dir    */
     struct _ZIPentry *sibling;          /* next item in same dir          */
@@ -78,11 +80,12 @@ typedef struct _ZIPentry
  */
 typedef struct
 {
-    PHYSFS_Io *io;            /* the i/o interface for this archive.  */
-    ZIPentry root;            /* root of directory tree.              */
-    ZIPentry **hash;          /* all entries hashed for fast lookup.  */
-    size_t hashBuckets;       /* number of buckets in hash.           */
-    int zip64;                /* non-zero if this is a Zip64 archive. */
+    PHYSFS_Io *io;            /* the i/o interface for this archive.    */
+    ZIPentry root;            /* root of directory tree.                */
+    ZIPentry **hash;          /* all entries hashed for fast lookup.    */
+    size_t hashBuckets;       /* number of buckets in hash.             */
+    int zip64;                /* non-zero if this is a Zip64 archive.   */
+    int has_crypto;           /* non-zero if any entry uses encryption. */
 } ZIPinfo;
 
 /*
@@ -95,6 +98,8 @@ typedef struct
     PHYSFS_uint32 compressed_position;    /* offset in compressed data. */
     PHYSFS_uint32 uncompressed_position;  /* tell() position.           */
     PHYSFS_uint8 *buffer;                 /* decompression buffer.      */
+    PHYSFS_uint32 crypto_keys[3];         /* for "traditional" crypto.  */
+    PHYSFS_uint32 initial_crypto_keys[3]; /* for "traditional" crypto.  */
     z_stream stream;                      /* zlib stream state.         */
 } ZIPfileinfo;
 
@@ -115,6 +120,103 @@ typedef struct
 #define UNIX_FILETYPE_MASK    0170000
 #define UNIX_FILETYPE_SYMLINK 0120000
 
+#define ZIP_GENERAL_BITS_TRADITIONAL_CRYPTO   (1 << 0)
+#define ZIP_GENERAL_BITS_IGNORE_LOCAL_HEADER  (1 << 3)
+
+/* support for "traditional" PKWARE encryption. */
+static int zip_entry_is_tradional_crypto(const ZIPentry *entry)
+{
+    return (entry->general_bits & ZIP_GENERAL_BITS_TRADITIONAL_CRYPTO) != 0;
+} /* zip_entry_is_traditional_crypto */
+
+static int zip_entry_ignore_local_header(const ZIPentry *entry)
+{
+    return (entry->general_bits & ZIP_GENERAL_BITS_IGNORE_LOCAL_HEADER) != 0;
+} /* zip_entry_is_traditional_crypto */
+
+static PHYSFS_uint32 zip_crypto_crc32(const PHYSFS_uint32 crc, const PHYSFS_uint8 val)
+{
+    int i;
+    PHYSFS_uint32 xorval = (crc ^ ((PHYSFS_uint32) val)) & 0xFF;
+    for (i = 0; i < 8; i++)
+        xorval = ((xorval & 1) ? (0xEDB88320 ^ (xorval >> 1)) : (xorval >> 1));
+    return xorval ^ (crc >> 8);
+} /* zip_crc32 */
+
+static void zip_update_crypto_keys(PHYSFS_uint32 *keys, const PHYSFS_uint8 val)
+{
+    keys[0] = zip_crypto_crc32(keys[0], val);
+    keys[1] = keys[1] + (keys[0] & 0x000000FF);
+    keys[1] = (keys[1] * 134775813) + 1;
+    keys[2] = zip_crypto_crc32(keys[2], (PHYSFS_uint8) ((keys[1] >> 24) & 0xFF));
+} /* zip_update_crypto_keys */
+
+static PHYSFS_uint8 zip_decrypt_byte(const PHYSFS_uint32 *keys)
+{
+    const PHYSFS_uint16 tmp = keys[2] | 2;
+    return (PHYSFS_uint8) ((tmp * (tmp ^ 1)) >> 8);
+} /* zip_decrypt_byte */
+
+static PHYSFS_sint64 zip_read_decrypt(ZIPfileinfo *finfo, void *buf, PHYSFS_uint64 len)
+{
+    PHYSFS_Io *io = finfo->io;
+    const PHYSFS_sint64 br = io->read(io, buf, len);
+
+    /* Decompression the new data if necessary. */
+    if (zip_entry_is_tradional_crypto(finfo->entry) && (br > 0))
+    {
+        PHYSFS_uint32 *keys = finfo->crypto_keys;
+        PHYSFS_uint8 *ptr = (PHYSFS_uint8 *) buf;
+        PHYSFS_sint64 i;
+        for (i = 0; i < br; i++, ptr++)
+        {
+            const PHYSFS_uint8 ch = *ptr ^ zip_decrypt_byte(keys);
+            zip_update_crypto_keys(keys, ch);
+            *ptr = ch;
+        } /* for */
+    } /* if  */
+
+    return br;
+} /* zip_read_decrypt */
+
+static int zip_prep_crypto_keys(ZIPfileinfo *finfo, const PHYSFS_uint8 *crypto_header, const PHYSFS_uint8 *password)
+{
+    /* It doesn't appear to be documented in PKWare's APPNOTE.TXT, but you
+       need to use a different byte in the header to verify the password
+       if general purpose bit 3 is set. Discovered this from Info-Zip.
+       That's what the (verifier) value is doing, below. */
+
+    PHYSFS_uint32 *keys = finfo->crypto_keys;
+    const ZIPentry *entry = finfo->entry;
+    const int usedate = zip_entry_ignore_local_header(entry);
+    const PHYSFS_uint8 verifier = (PHYSFS_uint8) ((usedate ? (entry->dos_mod_time >> 8) : (entry->crc >> 24)) & 0xFF);
+    PHYSFS_uint8 finalbyte = 0;
+    int i = 0;
+
+    /* initialize vector with defaults, then password, then header. */
+    keys[0] = 305419896;
+    keys[1] = 591751049;
+    keys[2] = 878082192;
+
+    while (*password)
+        zip_update_crypto_keys(keys, *(password++));
+
+    for (i = 0; i < 12; i++)
+    {
+        const PHYSFS_uint8 c = crypto_header[i] ^ zip_decrypt_byte(keys);
+        zip_update_crypto_keys(keys, c);
+        finalbyte = c;
+    } /* for */
+
+    /* you have a 1/256 chance of passing this test incorrectly. :/ */
+    if (finalbyte != verifier)
+        BAIL_MACRO(PHYSFS_ERR_BAD_PASSWORD, 0);
+
+    /* save the initial vector for seeking purposes. Not secure!! */
+    memcpy(finfo->initial_crypto_keys, finfo->crypto_keys, 12);
+    return 1;
+} /* zip_prep_crypto_keys */
+
 
 /*
  * Bridge physfs allocation functions to zlib's format...
@@ -213,7 +315,6 @@ static int readui16(PHYSFS_Io *io, PHYSFS_uint16 *val)
 static PHYSFS_sint64 ZIP_read(PHYSFS_Io *_io, void *buf, PHYSFS_uint64 len)
 {
     ZIPfileinfo *finfo = (ZIPfileinfo *) _io->opaque;
-    PHYSFS_Io *io = finfo->io;
     ZIPentry *entry = finfo->entry;
     PHYSFS_sint64 retval = 0;
     PHYSFS_sint64 maxread = (PHYSFS_sint64) len;
@@ -226,7 +327,7 @@ static PHYSFS_sint64 ZIP_read(PHYSFS_Io *_io, void *buf, PHYSFS_uint64 len)
     BAIL_IF_MACRO(maxread == 0, ERRPASS, 0);    /* quick rejection. */
 
     if (entry->compression_method == COMPMETH_NONE)
-        retval = io->read(io, buf, maxread);
+        retval = zip_read_decrypt(finfo, buf, maxread);
     else
     {
         finfo->stream.next_out = buf;
@@ -247,7 +348,7 @@ static PHYSFS_sint64 ZIP_read(PHYSFS_Io *_io, void *buf, PHYSFS_uint64 len)
                     if (br > ZIP_READBUFSIZE)
                         br = ZIP_READBUFSIZE;
 
-                    br = io->read(io, finfo->buffer, (PHYSFS_uint64) br);
+                    br = zip_read_decrypt(finfo, finfo->buffer, (PHYSFS_uint64) br);
                     if (br <= 0)
                         break;
 
@@ -289,12 +390,13 @@ static int ZIP_seek(PHYSFS_Io *_io, PHYSFS_uint64 offset)
     ZIPfileinfo *finfo = (ZIPfileinfo *) _io->opaque;
     ZIPentry *entry = finfo->entry;
     PHYSFS_Io *io = finfo->io;
+    const int encrypted = zip_entry_is_tradional_crypto(entry);
 
     BAIL_IF_MACRO(offset > entry->uncompressed_size, PHYSFS_ERR_PAST_EOF, 0);
 
-    if (entry->compression_method == COMPMETH_NONE)
+    if (!encrypted && (entry->compression_method == COMPMETH_NONE))
     {
-        const PHYSFS_sint64 newpos = offset + entry->offset;
+        PHYSFS_sint64 newpos = offset + entry->offset;
         BAIL_IF_MACRO(!io->seek(io, newpos), ERRPASS, 0);
         finfo->uncompressed_position = (PHYSFS_uint32) offset;
     } /* if */
@@ -315,12 +417,15 @@ static int ZIP_seek(PHYSFS_Io *_io, PHYSFS_uint64 offset)
             if (zlib_err(inflateInit2(&str, -MAX_WBITS)) != Z_OK)
                 return 0;
 
-            if (!io->seek(io, entry->offset))
+            if (!io->seek(io, entry->offset + (encrypted ? 12 : 0)))
                 return 0;
 
             inflateEnd(&finfo->stream);
             memcpy(&finfo->stream, &str, sizeof (z_stream));
             finfo->uncompressed_position = finfo->compressed_position = 0;
+
+            if (encrypted)
+                memcpy(finfo->crypto_keys, finfo->initial_crypto_keys, 12);
         } /* if */
 
         while (finfo->uncompressed_position != offset)
@@ -994,10 +1099,10 @@ static ZIPentry *zip_load_entry(PHYSFS_Io *io, const int zip64,
     /* Get the pertinent parts of the record... */
     if (!readui16(io, &entry.version)) return NULL;
     if (!readui16(io, &entry.version_needed)) return NULL;
-    if (!readui16(io, &ui16)) return NULL;  /* general bits */
+    if (!readui16(io, &entry.general_bits)) return NULL;  /* general bits */
     if (!readui16(io, &entry.compression_method)) return NULL;
-    if (!readui32(io, &ui32)) return NULL;
-    entry.last_mod_time = zip_dos_time_to_physfs_time(ui32);
+    if (!readui32(io, &entry.dos_mod_time)) return NULL;
+    entry.last_mod_time = zip_dos_time_to_physfs_time(entry.dos_mod_time);
     if (!readui32(io, &entry.crc)) return NULL;
     if (!readui32(io, &ui32)) return NULL;
     entry.compressed_size = (PHYSFS_uint64) ui32;
@@ -1175,6 +1280,9 @@ static int zip_load_entries(ZIPinfo *info,
             allocator.Free(entry);
             return 0;
         } /* if */
+
+        if (zip_entry_is_tradional_crypto(entry))
+            info->has_crypto = 1;
     } /* for */
 
     return 1;
@@ -1557,6 +1665,26 @@ static PHYSFS_Io *ZIP_openRead(void *opaque, const char *filename)
     ZIPinfo *info = (ZIPinfo *) opaque;
     ZIPentry *entry = zip_find_entry(info, filename);
     ZIPfileinfo *finfo = NULL;
+    PHYSFS_Io *io = NULL;
+    PHYSFS_uint8 *password = NULL;
+    int i;
+
+    /* if not found, see if maybe "$PASSWORD" is appended. */
+    if ((!entry) && (info->has_crypto))
+    {
+        const char *ptr = strrchr(filename, '$');
+        if (ptr != NULL)
+        {
+            const PHYSFS_uint64 len = (PHYSFS_uint64) (ptr - filename);
+            char *str = (char *) __PHYSFS_smallAlloc(len + 1);
+            BAIL_IF_MACRO(!str, PHYSFS_ERR_OUT_OF_MEMORY, NULL);
+            memcpy(str, filename, len);
+            str[len] = '\0';
+            entry = zip_find_entry(info, str);
+            __PHYSFS_smallFree(str);
+            password = (PHYSFS_uint8 *) (ptr + 1);
+        } /* if */
+    } /* if */
 
     BAIL_IF_MACRO(!entry, ERRPASS, NULL);
 
@@ -1567,8 +1695,9 @@ static PHYSFS_Io *ZIP_openRead(void *opaque, const char *filename)
     GOTO_IF_MACRO(!finfo, PHYSFS_ERR_OUT_OF_MEMORY, ZIP_openRead_failed);
     memset(finfo, '\0', sizeof (ZIPfileinfo));
 
-    finfo->io = zip_get_io(info->io, info, entry);
-    GOTO_IF_MACRO(!finfo->io, ERRPASS, ZIP_openRead_failed);
+    io = zip_get_io(info->io, info, entry);
+    GOTO_IF_MACRO(!io, ERRPASS, ZIP_openRead_failed);
+    finfo->io = io;
     finfo->entry = ((entry->symlink != NULL) ? entry->symlink : entry);
     initializeZStream(&finfo->stream);
 
@@ -1581,6 +1710,18 @@ static PHYSFS_Io *ZIP_openRead(void *opaque, const char *filename)
             goto ZIP_openRead_failed;
     } /* if */
 
+    if (!zip_entry_is_tradional_crypto(entry))
+        GOTO_IF_MACRO(password != NULL, PHYSFS_ERR_BAD_PASSWORD, ZIP_openRead_failed);
+    else
+    {
+        PHYSFS_uint8 crypto_header[12];
+        GOTO_IF_MACRO(password == NULL, PHYSFS_ERR_BAD_PASSWORD, ZIP_openRead_failed);
+        if (io->read(io, crypto_header, 12) != 12)
+            goto ZIP_openRead_failed;
+        else if (!zip_prep_crypto_keys(finfo, crypto_header, password))
+            goto ZIP_openRead_failed;
+    } /* if */
+
     memcpy(retval, &ZIP_Io, sizeof (PHYSFS_Io));
     retval->opaque = finfo;
 

src/physfs.c

@@ -701,6 +701,7 @@ PHYSFS_DECL const char *PHYSFS_getErrorByCode(PHYSFS_ErrorCode code)
         case PHYSFS_ERR_DIR_NOT_EMPTY: return "directory isn't empty";
         case PHYSFS_ERR_OS_ERROR: return "OS reported an error";
         case PHYSFS_ERR_DUPLICATE: return "duplicate resource";
+        case PHYSFS_ERR_BAD_PASSWORD: return "bad password";
     } /* switch */
 
     return NULL;  /* don't know this error code. */

src/physfs.h

@@ -3153,7 +3153,8 @@ typedef enum PHYSFS_ErrorCode
     PHYSFS_ERR_BUSY,             /**< Tried to modify a file the OS needs.  */
     PHYSFS_ERR_DIR_NOT_EMPTY,    /**< Tried to delete dir with files in it. */
     PHYSFS_ERR_OS_ERROR,         /**< Unspecified OS-level error.           */
-    PHYSFS_ERR_DUPLICATE         /**< Duplicate entry.                      */
+    PHYSFS_ERR_DUPLICATE,        /**< Duplicate entry.                      */
+    PHYSFS_ERR_BAD_PASSWORD      /**< Bad password.                         */
 } PHYSFS_ErrorCode;