This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: zipfile cannot read AES encrypted files
Type: enhancement Stage: needs patch
Components: Library (Lib) Versions: Python 3.2
Status: closed Resolution: wont fix
Dependencies: 8998 Superseder:
Assigned To: Nosy List: amaury.forgeotdarc, aymill, georg.brandl, pitrou
Priority: normal Keywords:

Created on 2010-07-05 17:42 by aymill, last changed 2022-04-11 14:57 by admin. This issue is now closed.

File name Uploaded Description Edit aymill, 2010-07-05 17:42 Example zip encrypted with WinZip 11.1 using AES 256. Password is "cat".
Messages (4)
msg109342 - (view) Author: Andrew Miller (aymill) Date: 2010-07-05 17:42
On a WinZip AES-256 encrypted zip, zipfile.extractall raises a RuntimeError for "Bad password for file" when given the correct password. Command line example below:

Python 2.6.2 (release26-maint, Apr 19 2009, 01:56:41) 
[GCC 4.3.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from zipfile import ZipFile
>>> zip = ZipFile("", "r")
>>> zip.extractall(".", pwd="cat")
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.6/", line 935, in extractall
    self.extract(zipinfo, path, pwd)
  File "/usr/lib/python2.6/", line 923, in extract
    return self._extract_member(member, path, pwd)
  File "/usr/lib/python2.6/", line 963, in _extract_member
    source =, pwd=pwd)
  File "/usr/lib/python2.6/", line 898, in open
    raise RuntimeError("Bad password for file", name)
RuntimeError: ('Bad password for file', <zipfile.ZipInfo object at 0xb739e26c>)
msg109385 - (view) Author: Amaury Forgeot d'Arc (amaury.forgeotdarc) * (Python committer) Date: 2010-07-06 11:32
zipfile only supports the "Traditional PKWARE Encryption" method.
Support for other encryption methods would be useful.
msg109650 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2010-07-09 00:31
Do note that providing a patch first requires that encryption/decryption facilities be made available in the stdlib.
(right now we only offer hashing, and "high-level" socket wrapping)
msg199933 - (view) Author: Georg Brandl (georg.brandl) * (Python committer) Date: 2013-10-14 17:40
#8998 has been closed (among others due to legal concerns), so this need not be kept open.
Date User Action Args
2022-04-11 14:57:03adminsetgithub: 53416
2013-10-14 17:40:22georg.brandlsetstatus: open -> closed

nosy: + georg.brandl
messages: + msg199933

resolution: wont fix
2010-07-09 00:32:20pitrousetdependencies: + add crypto routines to stdlib
2010-07-09 00:31:40pitrousetnosy: + pitrou
messages: + msg109650
2010-07-09 00:30:16pitrousetversions: + Python 3.2, - Python 2.6
2010-07-06 11:32:02amaury.forgeotdarcsetnosy: + amaury.forgeotdarc
title: zipfile.extractall raises runtime error on correct password -> zipfile cannot read AES encrypted files
messages: + msg109385

type: behavior -> enhancement
stage: needs patch
2010-07-05 17:42:22aymillcreate