issue with pkzip weak encryption

[ArnaudDebaene]

Hello,

Using Dotnetzip 1.16 from nuget with .Net core sample app, I run into an issue with PkzipWeak encryption:

Using the following simple test:

private static void Main(string[] args)
{
    using (var zipFile = new ZipFile())
    {
        var entry = zipFile.AddEntry("dummy.bin", (nameof, stream) =>
        {
            var r = new Random();
            var buffer = new byte[40960];
            r.NextBytes(buffer);
            stream.Write(buffer);
        });
        entry.Encryption = EncryptionAlgorithm.PkzipWeak;
        entry.Password = "pwd12345";
        zipFile.Save("testzip.zip");
    }

    var check = ZipFile.CheckZipPassword("testzip.zip", "pwd12345");
}

The verification of the file with CheckWithPassword fails.
I also checked with several tools (Z-zip, Windows Explorer,...) that the generated file is indeed incorrect (or at least cannot be dezipped with specified password).
When using Aes128 or Aes256 for encryption method, the test succeeds....

What gives? I must be missing something obvious here...

Thank you!

[jshergal]

Thanks for reporting this bug/problem, and sorry about the delay in getting back to you. This is a self-service repository, where we merge PRs and where the merging of PRs causes nugets to be pushed automatically (if you bump the version number in your PR). I'll leave this issue open until someone (or yourself) fixes it.