- Open the zip file in emacs.
- Use fundamental-mode to stop showing a listing of the zip contents. (M-x fundamental-mode)
- Use hexl-mode to get a binary view of the file. (M-x hexl-mode)
- Search for the string "0199 0700" to find the AES Extra header field. (C-S 0199 0700)
- Check that 2 bytes after the 0700 (skip the 2 vendor bytes; 0200 below) is 4145 (the characters AE) followed by 01, 02 or 03 representing the AES encryption strength. In our case, we wanted 03, or AES-256.
Thursday, September 27, 2012
How to check the encryption used in a zip file
Sadly, I've not found a nice CLI way of doing this, but I recently had to validate that a 3rd party was transferring files to us in an approved way (AES 256-bit) and this is what I did: