May I know if the zip output is encrypted (rather than just password-protected)?
Hi YS,
As far as I'm aware, the contents of a password-protected ZIP files are always encrypted... but maybe not the way you are expecting:
That being said, this is general of all ZIP files (regardless of the applications or components that generate or manipulate them).
Do note that the component's documentation explicitly mentions this:
"Password - optional password for protecting the ZIP archive. If you specify a password, the password is needed to extract a file from the archive. Note that regardless of whether a password is specified, the file names are always visible (e.g. in Windows), so it's not a full protection."
So that means a password-protected BigZip file HAS persistent data-level encryption? Thanks (:
Any idea what's the encryption algorithm used here?
Hi Yappy,
BigZip is using the Ionic Zip library, the documentation of which can be found here. According to the documentation, by default the "PKZip 2.0 ("Weak") encryption is used". It's possible to specify a different encryption, but BigZip doesn't do that, so that default is used.
Got it. Thanks Kilian.
Is there any way for us to change the encryption method? For example, change it to AES.
There is currently not, but if you need it, I could add it to the component and publish a new version.
Ok, I went ahead and already added it. You can get the latest version of BigZip (2.1.0) from the Forge, which now include actions to change the compression level, password and encryption algorithm. I hope this helps!
Awesome! Thanks Kilian!
You're most welcome :). Happy coding!