-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add partial encryption and deletion capabilities #34
base: master
Are you sure you want to change the base?
Conversation
Ping! :) |
@BjarniRunar This is great, but would your implementation in theory also support adding new files to the existing archive? |
@olfMombach Yes, I have incrementally adding and deleting files working locally. Would need to check how up-to-date my pull request is, this has been sitting for a while! In other news, I guess this qualifies as my second ping? I think I may be on the path to a friendly fork... :-) |
This is an attempt at solving #32.
There are two main features added here: partial encryption, and (secure) deletion of files from within an archive.
The rationale for partial encryption: I want to create ZIP archives which are encrypted, but also have one or two clear-text files which can be accessed without the password. In my use-case, these files will contain Passcrow (https://passcrow.org/) recovery data, to make it possible to decrypt an archive even if the password has been lost.
The rationale for deletion: I want to be able to efficiently and securely edit ZIP files in-place, instead of creating a new ZIP archive from scratch every time something changes.
As requested in the issue, the behavior is unchanged by default: You only get mixed-encryption files if you pass a new
encrypt=False
parameter toopen()
orwrite()
methods. Deletion never happen unless the developer explicitly requests it, and compaction only happens if something has been deleted. In particular, attempting to write to an exiting file will still raise an error as before, the developer has to manually delete it first if they want to replace the contents.I've documented the features and added tests for everything. I think flake8 is happy with my changes.
Apologies for submitting both features in a single PR - the partial encryption is quite trivial, so I hope that is OK.
What do you think?