Add XChaCha20/XChaCha20-Poly1305/cascaded algorithm, using a 64-bit counter to support large files.

CPP/7zip/7zip.mak

@@ -231,7 +231,7 @@ $(C_OBJS): ../../../../C/$(*B).c
 {../../Compress}.cpp{$O}.obj::
 	$(COMPLB_O2)
 {../../Crypto}.cpp{$O}.obj::
-	$(COMPLB_O2)
+	$(COMPLB_O2) -utf-8
 {../../../../C}.c{$O}.obj::
 	$(CCOMPLB)
 

CPP/7zip/7zip_gcc.mak

@@ -827,16 +827,30 @@ $O/7zAes.o: ../../Crypto/7zAes.cpp
 	$(CXX) $(CXXFLAGS) $<
 $O/7zAesRegister.o: ../../Crypto/7zAesRegister.cpp
 	$(CXX) $(CXXFLAGS) $<
+$O/7zKeyDerivation.o: ../../Crypto/7zKeyDerivation.cpp
+	$(CXX) $(CXXFLAGS) $<
+$O/Ascon.o: ../../Crypto/Ascon.cpp
+	$(CXX) $(CXXFLAGS) $<
+$O/Cascade.o: ../../Crypto/Cascade.cpp
+	$(CXX) $(CXXFLAGS) $<
+$O/CascadeRegister.o: ../../Crypto/CascadeRegister.cpp
+	$(CXX) $(CXXFLAGS) $<
+$O/HkdfBlake2sp.o: ../../Crypto/HkdfBlake2sp.cpp
+	$(CXX) $(CXXFLAGS) $<
 $O/HmacSha1.o: ../../Crypto/HmacSha1.cpp
 	$(CXX) $(CXXFLAGS) $<
 $O/HmacSha256.o: ../../Crypto/HmacSha256.cpp
 	$(CXX) $(CXXFLAGS) $<
+$O/HmacSha512.o: ../../Crypto/HmacSha512.cpp
+	$(CXX) $(CXXFLAGS) $<
 $O/MyAes.o: ../../Crypto/MyAes.cpp
 	$(CXX) $(CXXFLAGS) $<
 $O/MyAesReg.o: ../../Crypto/MyAesReg.cpp
 	$(CXX) $(CXXFLAGS) $<
 $O/Pbkdf2HmacSha1.o: ../../Crypto/Pbkdf2HmacSha1.cpp
 	$(CXX) $(CXXFLAGS) $<
+$O/Pbkdf2HmacSha512.o: ../../Crypto/Pbkdf2HmacSha512.cpp
+	$(CXX) $(CXXFLAGS) $<
 $O/RandGen.o: ../../Crypto/RandGen.cpp
 	$(CXX) $(CXXFLAGS) $<
 $O/Rar20Crypto.o: ../../Crypto/Rar20Crypto.cpp
@@ -851,6 +865,14 @@ $O/ZipCrypto.o: ../../Crypto/ZipCrypto.cpp
 	$(CXX) $(CXXFLAGS) $<
 $O/ZipStrong.o: ../../Crypto/ZipStrong.cpp
 	$(CXX) $(CXXFLAGS) $<
+$O/XChaCha20.o: ../../Crypto/XChaCha20.cpp
+	$(CXX) $(CXXFLAGS) $<
+$O/XChaCha20Register.o: ../../Crypto/XChaCha20Register.cpp
+	$(CXX) $(CXXFLAGS) $<
+$O/XChaCha20Poly1305.o: ../../Crypto/XChaCha20Poly1305.cpp
+	$(CXX) $(CXXFLAGS) $<
+$O/XChaCha20Poly1305Register.o: ../../Crypto/XChaCha20Poly1305Register.cpp
+	$(CXX) $(CXXFLAGS) $<
 
 
 

CPP/7zip/Archive/7z/7zCompressionMode.h

@@ -6,6 +6,8 @@
 #include "../../Common/MethodId.h"
 #include "../../Common/MethodProps.h"
 
+#include "7zHeader.h"
+
 namespace NArchive {
 namespace N7z {
 
@@ -64,6 +66,7 @@ struct CCompressionMethodMode
 
   UString Password; // _Wipe
   UInt64 MemoryUsageLimit;
+  CMethodId EncryptionMethodId;
 
   bool IsEmpty() const { return (Methods.IsEmpty() && !PasswordIsDefined); }
   CCompressionMethodMode():
@@ -78,6 +81,7 @@ struct CCompressionMethodMode
       , NumThreadGroups(0)
       #endif
       , MemoryUsageLimit((UInt64)1 << 30)
+      , EncryptionMethodId(k_AES)
   {}
 
 #ifdef Z7_CPP_IS_SUPPORTED_default

CPP/7zip/Archive/7z/7zDecode.cpp

@@ -584,9 +584,29 @@ HRESULT CDecoder::Decode(
       progress2 = new CDecProgress(compressProgress);
 
     ISequentialOutStream *outStreamPointer = outStream;
-    return _mixer->Code(inStreamPointers, &outStreamPointer,
+    const HRESULT codeResult = _mixer->Code(inStreamPointers, &outStreamPointer,
         progress2 ? (ICompressProgressInfo *)progress2 : compressProgress,
         dataAfterEnd_Error);
+
+    if (codeResult == S_OK)
+    {
+      #ifndef Z7_NO_CRYPTO
+      for (i = 0; i < folderInfo.Coders.Size(); i++)
+      {
+        Z7_DECL_CMyComPtr_QI_FROM(
+            ICryptoAuthVerify,
+            authVerify, _mixer->GetCoder(i).GetUnknown())
+        if (authVerify)
+        {
+          Int32 authResult = 0;
+          RINOK(authVerify->CryptoAuthVerify(&authResult))
+          if (authResult != 0)
+            return E_FAIL;
+        }
+      }
+      #endif
+    }
+    return codeResult;
   }
 
   #ifdef USE_MIXER_ST
@@ -596,4 +616,4 @@ HRESULT CDecoder::Decode(
   #endif
 }
 
-}}
+}}

CPP/7zip/Archive/7z/7zEncode.cpp

@@ -562,7 +562,7 @@ HRESULT CEncoder::EncoderConstr()
       throw 1;
 
     CMethodFull method;
-    method.Id = k_AES;
+    method.Id = _options.EncryptionMethodId;
     method.NumStreams = 1;
     _options.Methods.Add(method);
 
@@ -687,7 +687,7 @@ HRESULT CEncoder::EncoderConstr()
     {
       CMethodFull method;
       method.NumStreams = 1;
-      method.Id = k_AES;
+      method.Id = _options.EncryptionMethodId;
       _options.Methods.Add(method);
 
       NCoderMixer2::CCoderStreamsInfo cod;

CPP/7zip/Archive/7z/7zHandler.cpp

@@ -307,7 +307,7 @@ bool CHandler::IsFolderEncrypted(CNum folderIndex) const
     for (unsigned j = 0; j < idSize; j++)
       id64 = ((id64 << 8) | longID[j]);
     inByte.SkipDataNoCheck(idSize);
-    if (id64 == k_AES)
+    if (id64 == k_AES || id64 == k_XCHACHA20 || id64 == k_XCHACHA20_POLY1305 || id64 == k_AES_XCHACHA20_ASCON || id64 == k_AES_XCHACHA20_POLY1305)
       return true;
     if ((mainByte & 0x20) != 0)
       inByte.SkipDataNoCheck(inByte.ReadNum());
@@ -505,6 +505,46 @@ HRESULT CHandler::SetMethodToProp(CNum folderIndex, PROPVARIANT *prop) const
           ConvertUInt32ToString(numCyclesPower, s);
         }
       }
+      else if (id == k_XCHACHA20)
+      {
+        name = "XChaCha20";
+        if (propsSize >= 1)
+        {
+          const Byte firstByte = props[0];
+          const UInt32 numCyclesPower = firstByte & 0x3F;
+          ConvertUInt32ToString(numCyclesPower, s);
+        }
+      }
+      else if (id == k_XCHACHA20_POLY1305)
+      {
+        name = "XChaCha20-Poly1305";
+        if (propsSize >= 1)
+        {
+          const Byte firstByte = props[0];
+          const UInt32 numCyclesPower = firstByte & 0x3F;
+          ConvertUInt32ToString(numCyclesPower, s);
+        }
+      }
+      else if (id == k_AES_XCHACHA20_ASCON)
+      {
+        name = "AES+XChaCha20+Ascon";
+        if (propsSize >= 1)
+        {
+          const Byte firstByte = props[0];
+          const UInt32 numCyclesPower = firstByte & 0x3F;
+          ConvertUInt32ToString(numCyclesPower, s);
+        }
+      }
+      else if (id == k_AES_XCHACHA20_POLY1305)
+      {
+        name = "AES+XChaCha20-Poly1305";
+        if (propsSize >= 1)
+        {
+          const Byte firstByte = props[0];
+          const UInt32 numCyclesPower = firstByte & 0x3F;
+          ConvertUInt32ToString(numCyclesPower, s);
+        }
+      }
     }
 
     if (name)

CPP/7zip/Archive/7z/7zHandler.h

@@ -60,6 +60,7 @@ class COutHandler: public CMultiMethodProps
   UInt32 _decoderCompatibilityVersion;
   CUIntVector _enabledFilters;
   CUIntVector _disabledFilters;
+  CMethodId _encryptionMethodId;
 
   void InitSolidFiles() { _numSolidFiles = (UInt64)(Int64)(-1); }
   void InitSolidSize()  { _numSolidBytes = (UInt64)(Int64)(-1); }

CPP/7zip/Archive/7z/7zHandlerOut.cpp

@@ -749,6 +749,7 @@ Z7_COM7F_IMF(CHandler::UpdateItems(ISequentialOutStream *outStream, UInt32 numIt
 
   if (methodMode.PasswordIsDefined)
   {
+    methodMode.EncryptionMethodId = _encryptionMethodId;
     if (_encryptHeadersSpecified)
       encryptHeaders = _encryptHeaders;
     #ifndef Z7_NO_CRYPTO
@@ -760,6 +761,7 @@ Z7_COM7F_IMF(CHandler::UpdateItems(ISequentialOutStream *outStream, UInt32 numIt
     {
       headerMethod.PasswordIsDefined = methodMode.PasswordIsDefined;
       headerMethod.Password = methodMode.Password;
+      headerMethod.EncryptionMethodId = _encryptionMethodId;
     }
   }
 
@@ -874,6 +876,7 @@ void COutHandler::InitProps7z()
   _decoderCompatibilityVersion = k_decoderCompatibilityVersion;
   _enabledFilters.Clear();
   _disabledFilters.Clear();
+  _encryptionMethodId = k_AES;
 }
 
 void COutHandler::InitProps()
@@ -1023,6 +1026,29 @@ HRESULT COutHandler::SetProperty(const wchar_t *nameSpec, const PROPVARIANT &val
       return S_OK;
     }
 
+    if (name.IsEqualTo("em"))
+    {
+      if (value.vt != VT_BSTR)
+        return E_INVALIDARG;
+      UString m = value.bstrVal;
+      m.RemoveChar(L'-');
+      m.RemoveChar(L'+');
+      m.MakeLower_Ascii();
+      if (m.IsEqualTo("aes256"))
+        _encryptionMethodId = k_AES;
+      else if (m.IsEqualTo("xchacha20"))
+        _encryptionMethodId = k_XCHACHA20;
+      else if (m.IsEqualTo("xchacha20poly1305"))
+        _encryptionMethodId = k_XCHACHA20_POLY1305;
+      else if (m.IsEqualTo("axa") || m.IsEqualTo("aesxchacha20ascon"))
+        _encryptionMethodId = k_AES_XCHACHA20_ASCON;
+      else if (m.IsEqualTo("axp") || m.IsEqualTo("aesxchacha20poly1305"))
+        _encryptionMethodId = k_AES_XCHACHA20_POLY1305;
+      else
+        return E_INVALIDARG;
+      return S_OK;
+    }
+
     {
       bool processed;
       RINOK(TimeOptions.Parse(name, value, processed))

CPP/7zip/Archive/7z/7zHeader.h

@@ -122,7 +122,11 @@ const UInt32 k_ARM   = 0x3030501;
 const UInt32 k_ARMT  = 0x3030701;
 const UInt32 k_SPARC = 0x3030805;
 
-const UInt32 k_AES   = 0x6F10701;
+const UInt32 k_AES      = 0x6F10701;
+const UInt32 k_XCHACHA20 = 0x6F10702;
+const UInt32 k_XCHACHA20_POLY1305 = 0x6F10703;
+const UInt32 k_AES_XCHACHA20_POLY1305 = 0x6F10704;
+const UInt32 k_AES_XCHACHA20_ASCON = 0x6F10705;
 
 // const UInt32 k_ZSTD = 0x4015D; // winzip zstd
 // 0x4F71101, 7z-zstd

CPP/7zip/Archive/7z/7zItem.h

@@ -83,8 +83,11 @@ struct CFolder
   bool IsEncrypted() const
   {
     FOR_VECTOR(i, Coders)
-      if (Coders[i].MethodID == k_AES)
+    {
+      CMethodId id = Coders[i].MethodID;
+      if (id == k_AES || id == k_XCHACHA20 || id == k_XCHACHA20_POLY1305 || id == k_AES_XCHACHA20_ASCON || id == k_AES_XCHACHA20_POLY1305)
         return true;
+    }
     return false;
   }
 };

CPP/7zip/Archive/7z/7zOut.cpp

@@ -933,6 +933,7 @@ HRESULT COutArchive::WriteDatabase(
       CCompressionMethodMode encryptOptions;
       encryptOptions.PasswordIsDefined = options->PasswordIsDefined;
       encryptOptions.Password = options->Password;
+      encryptOptions.EncryptionMethodId = options->EncryptionMethodId;
       CEncoder encoder(headerOptions.CompressMainHeader ? *options : encryptOptions);
       CRecordVector<UInt64> packSizes;
       CObjectVector<CFolder> folders;