net.java.truevfs.driver.zip.raes.ZipRaesDriverMapModifier Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of truevfs-driver-zip-raes Show documentation

Provides a file system driver for accessing the RAES encrypted ZIP file format, alias ZIP.RAES or TZP. Add the JAR artifact of this module to the run time class path to make its file system drivers available for service location in the client API modules.

The newest version!

/*
 * Copyright © 2005 - 2021 Schlichtherle IT Services.
 * All rights reserved. Use is subject to license terms.
 */
package net.java.truevfs.driver.zip.raes;

import global.namespace.service.wight.annotation.ServiceImplementation;
import net.java.truecommons.shed.ExtensionSet;
import net.java.truevfs.kernel.spec.FsDriver;
import net.java.truevfs.kernel.spec.FsScheme;
import net.java.truevfs.kernel.spec.spi.FsDriverMapModifier;

import javax.annotation.concurrent.Immutable;
import java.util.Map;

/**
 * Maps a file system driver for accessing the RAES encrypted ZIP file format,
 * alias ZIP.RAES or TZP.
 * The modified map will contain the following entries:
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * URI Schemes / Archive File Extensions File System Driver Class
{@code tzp}, {@code zip.rae}, {@code zip.raes} {@link SafeZipRaesDriver}
 *
 * @author Christian Schlichtherle
 */
@Immutable
@ServiceImplementation(priority = -100)
public final class ZipRaesDriverMapModifier implements FsDriverMapModifier {

    @Override
    public Map apply(final Map map) {
        // Select exactly ONE of the following drivers by
        // uncommenting it.
        // Please refer to the class Javadoc for more information.

        // If you're quite paranoid, then this driver is for you:
        // It authenticates every input archive file using
        // the Message Authentication Code (MAC) specified by the
        // RAES file format, which makes it comparably slow.
        // The driver also uses unencrypted byte arrays for
        // temporary storage of archive entries whenever required.
        // If you were completely paranoid, you would even want to
        // use encrypted byte arrays or wipe them with nulls after
        // use.
        // However, the latter is currently not supported.
        /*final FsDriver driver = new ParanoidZipRaesDriver(new ByteArrayIOPoolProvider(2048));*/

        // If you're just a bit paranoid, then use this driver:
        // It authenticates every input archive file using
        // the Message Authentication Code (MAC) specified by the
        // RAES file format, which makes it comparably slow.
        // The driver also uses unencrypted temporary files for
        // archive entries whenever required.
        /*final FsDriver driver = new ParanoidZipRaesDriver(IOPoolLocator.SINGLETON);*/

        // For the rest of us, this driver is our choice:
        // It authenticates input archive files up to 512 KB using
        // the Message Authentication Code (MAC) specified by the
        // RAES file format.
        // For larger input archive files, it just checks the
        // CRC-32 value whenever an archive entry input stream is
        // closed.
        // CRC-32 has frequent collisions when compared to a MAC.
        // However, it should not be feasible to make an
        // undetectable modification.
        // The driver also uses unencrypted temporary files for
        // archive entries whenever required.
        final FsDriver driver = new SafeZipRaesDriver();

        new ExtensionSet("tzp|zip.rae|zip.raes").forEach(e -> map.put(FsScheme.create(e), driver));
        return map;
    }
}