This package implements an algorithm for breaking the PkZip cipher that was

devised by Eli Biham and Paul Kocher.

This program applies a known plaintext attack to an encrypted file.
A known-plaintext-attack recovers a password using the encrypted file and
(part of) the unencrypted file.

Please note that cryptographers use the word 'plaintext' for any kind of
unencrypted data - not necessarily readable ASCII text.

Before you ask why somebody may want to know the password when he already knows
the plaintext think of the following situations:

 - Usually there's a large number of files in a ZIP-archive. Usually all these
   files are encrypted using the same password. So if you know one of the files,
   you can recover the password and decrypt the other files.
 - You need to know only a part of the plaintext (at least 13 bytes). Many files
   have commonly known headers, like DOS .EXE-files. Knowing a reasonably long
   header you can recover the password and decrypt the entire file.

WWW: http://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html

PR:		ports/84192
Submitted by:	Emanuel Haupt <ehaupt@critical.ch>

security/Makefile

@@ -393,6 +393,7 @@
     SUBDIR += pinentry-gtk
     SUBDIR += pinentry-gtk2
     SUBDIR += pinentry-qt
+    SUBDIR += pkcrack
     SUBDIR += pks
     SUBDIR += pktsuckers
     SUBDIR += poc

security/pkcrack/Makefile

@@ -0,0 +1,50 @@
+# New ports collection makefile for:	pkcrack
+# Date created:				27 Jul 2005
+# Whom:					Emanuel Haupt <ehaupt@critical.ch>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	pkcrack
+PORTVERSION=	1.2.2
+CATEGORIES=	security
+MASTER_SITES=	http://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack/
+
+MAINTAINER=	ehaupt@critical.ch
+COMMENT=	A utility for breaking pkzip encryption
+
+USE_GMAKE=	yes
+USE_REINPLACE=	yes
+
+WRKSRC=		${WRKDIR}/${DISTNAME}/src
+PLIST_FILES=	bin/pkextract bin/pkfindkey bin/pkmakekey bin/pkcrack bin/zipdecrypt
+PORTDOCS=	README pkzip.ps.gz
+
+post-patch:
+	@${REINPLACE_CMD} -e 's|^\(#include\ <\)malloc\.h>|\1stdlib.h>|' \
+		${WRKSRC}/exfunc.c \
+		${WRKSRC}/readhead.c
+	@${REINPLACE_CMD} -e '/<malloc\.h>/d' \
+		${WRKSRC}/extract.c \
+		${WRKSRC}/main.c \
+		${WRKSRC}/zipdecrypt.c
+	@${REINPLACE_CMD} -E 's/^(CC|CFLAGS)=/\1?=/' \
+		${WRKSRC}/Makefile
+
+do-install:
+.for f in pkcrack zipdecrypt
+	${INSTALL_PROGRAM} ${WRKSRC}/${f} ${PREFIX}/bin
+.endfor
+# these file names are too generic
+.for f in extract findkey makekey
+	${INSTALL_PROGRAM} ${WRKSRC}/${f} ${PREFIX}/bin/pk${f}
+.endfor
+
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${DOCSDIR}
+.for f in ${PORTDOCS}
+	${INSTALL_DATA} ${WRKDIR}/${DISTNAME}/doc/${f} ${DOCSDIR}
+.endfor
+.endif
+
+.include <bsd.port.mk>

security/pkcrack/distinfo

@@ -0,0 +1,2 @@
+MD5 (pkcrack-1.2.2.tar.gz) = 41e2037ceb95fc0717f7d9ae0abe10db
+SIZE (pkcrack-1.2.2.tar.gz) = 174208

security/pkcrack/pkg-descr

@@ -0,0 +1,24 @@
+This package implements an algorithm for breaking the PkZip cipher that was
+devised by Eli Biham and Paul Kocher.
+
+This program applies a known plaintext attack to an encrypted file.
+A known-plaintext-attack recovers a password using the encrypted file and
+(part of) the unencrypted file.
+
+Please note that cryptographers use the word 'plaintext' for any kind of
+unencrypted data - not necessarily readable ASCII text.
+
+Before you ask why somebody may want to know the password when he already knows
+the plaintext think of the following situations:
+
+ - Usually there's a large number of files in a ZIP-archive. Usually all these
+   files are encrypted using the same password. So if you know one of the files,
+   you can recover the password and decrypt the other files.
+ - You need to know only a part of the plaintext (at least 13 bytes). Many files
+   have commonly known headers, like DOS .EXE-files. Knowing a reasonably long
+   header you can recover the password and decrypt the entire file. 
+
+WWW: http://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html
+
+- ehaupt
+ehaupt@critical.ch