From 5e050e62c995e25963170b99a113c9184abd74b3 Mon Sep 17 00:00:00 2001
From: Daniel Scharrer <daniel@constexpr.org>
Date: Sat, 9 Jun 2018 02:49:32 +0200
Subject: [PATCH] Add a --show-password option to print password check
 information

---
 CHANGELOG           |  1 +
 doc/innoextract.1   | 14 +++++++++++++-
 src/cli/extract.cpp | 34 +++++++++++++++++++++++++++++++++-
 src/cli/extract.hpp |  1 +
 src/cli/main.cpp    |  8 +++++---
 5 files changed, 53 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 73cc182..6c82e5b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2,6 +2,7 @@
 innoextract 1.7 (TDB)
  - Added (preliminary) support for Inno Setup 5.6.0 installers
  - Added support for new GOG installers with GOG Galaxy file parts
+ - Added a --show-password option to print password check information
  - Fixed building in paths that contain regex expressions
  - Fixed case-sensitivity in parent directory when creating subdirectories
  - Fixed .bin slice file names used with Inno Setup versions older than 4.1.7
diff --git a/doc/innoextract.1 b/doc/innoextract.1
index a101b42..07675e1 100644
--- a/doc/innoextract.1
+++ b/doc/innoextract.1
@@ -36,6 +36,7 @@ Here is a short summary of the options available in innoextract. Please refer to
  \-l \-\-list               Only list files, don't write anything
     \-\-list\-languages     List languages supported by the installer
     \-\-gog\-game\-id        Determine the GOG.com game ID for this installer
+    \-\-show\-password      Show password check information
 .fi
 .TP
 .B Modifiers:
@@ -121,7 +122,7 @@ Don't extract files that would have been deleted at the end of the install proce
 This option takes precedence over \fB\-\-include\fP and \fB\-\-language\fP: temporary files are never extracted when using the \fB\-\-exclude\-temp\fP, even if they match the selected language or include expressions.
 .TP
 \fB\-e\fP, \fB\-\-extract\fP
-Extract all files to the current directory. This action is enabled by default, unless either \fB\-\-list\fP or \fB\-\-extract\fP is specified. You may only specify one of \fB\-\-extract\fP and \fB\-\-test\fP.
+Extract all files to the current directory. This action is enabled by default, unless one or more of the \fB\-\-list\fP, \fB\-\-test\fP, \fB\-\-list\-languages\fP, \fB\-\-gog\-game\-id\fP or \fB\-\-show\-password\fP actions are specified. You may only specify one of \fB\-\-extract\fP and \fB\-\-test\fP.
 .TP
 \fB\-g\fP, \fB\-\-gog\fP
 Try to process additional .bin files that have the same basename as the setup but are not actually part of the Inno Setup installer. This is the case for newer multi-part GOG.com installers where these .bin files are RAR archives, potential encrypted with the MD5 checksum of the game ID (see the \fB\-\-gog\-game\-id\fP option).
@@ -196,6 +197,17 @@ By default \fBinnoextract\fP will try to detect if the terminal supports shell e
 \fB\-q\fP, \fB\-\-quiet\fP
 Less verbose output.
 .TP
+\fB\-\-show\-password\fP
+Show checksum \fB$c\fP and salt \fB$s\fP used for the password \fB$p\fP check as well as encoding of the password. The checksum is calculated from the salt concatenated with the password:
+
+ \fB$c = hash($s . $p)\fP
+
+With \fB\-\-silent\fP option, the checksum name and hash is printed on one line seperated buy a space followed by the salt encoded as hex bytes and password encoding on separate lines.
+
+Checksum types can be \fBCRC32\fP, \fBMD5\fP or \fBSHA-1\fP although \fBCRC32\fP is not used in installers with encryption.
+
+The password encoding is either \fBMS-ANSI\fP (Windows-1252) or \fBUTF16-LE\fP.
+.TP
 \fB\-s\fP, \fB\-\-silent\fP
 Don't output anything except errors and warnings unless explicitly requested.
 
diff --git a/src/cli/extract.cpp b/src/cli/extract.cpp
index c79741c..93655d9 100644
--- a/src/cli/extract.cpp
+++ b/src/cli/extract.cpp
@@ -66,6 +66,7 @@
 
 #include "util/boostfs_compat.hpp"
 #include "util/console.hpp"
+#include "util/encoding.hpp"
 #include "util/fstream.hpp"
 #include "util/load.hpp"
 #include "util/log.hpp"
@@ -573,7 +574,7 @@ bool print_file_info(const extract_options & o, const setup::info & info) {
 	}
 	#endif
 	
-	bool multiple_sections = (o.list_languages + o.gog_game_id + o.list > 1);
+	bool multiple_sections = (o.list_languages + o.gog_game_id + o.list + o.show_password > 1);
 	if(!o.quiet && multiple_sections) {
 		std::cout << '\n';
 	}
@@ -616,6 +617,37 @@ bool print_file_info(const extract_options & o, const setup::info & info) {
 		}
 	}
 	
+	if(o.show_password) {
+		if(info.header.options & setup::header::Password) {
+			if(o.silent) {
+				std::cout << info.header.password << '\n';
+			} else {
+				std::cout << "Password hash: " << color::yellow << info.header.password << color::reset << '\n';
+			}
+			if(o.silent) {
+				std::cout << print_hex(info.header.password_salt) << '\n';
+			} else if(!info.header.password_salt.empty()) {
+				std::cout << "Password salt: " << color::yellow
+				          << print_hex(info.header.password_salt) << color::reset;
+				if(!o.quiet) {
+					std::cout << " (hex bytes, prepended to password)";
+				}
+				std::cout << '\n';
+			}
+			if(o.silent) {
+				std::cout << util::encoding_name(info.version.codepage()) << '\n';
+			} else {
+				std::cout << "Password encoding: " << color::yellow
+				          << util::encoding_name(info.version.codepage()) << color::reset << '\n';
+			}
+		} else if(!o.quiet) {
+			std::cout << "Setup is not passworded!\n";
+		}
+		if((o.silent || !o.quiet) && multiple_sections) {
+			std::cout << '\n';
+		}
+	}
+	
 	return multiple_sections;
 }
 
diff --git a/src/cli/extract.hpp b/src/cli/extract.hpp
index 9b84c02..dee43a2 100644
--- a/src/cli/extract.hpp
+++ b/src/cli/extract.hpp
@@ -57,6 +57,7 @@ struct extract_options {
 	bool extract; //!< Extract files
 	bool list_languages; //!< List available languages
 	bool gog_game_id; //!< Show the GOG.com game id
+	bool show_password; //!< Show password check information
 	
 	bool preserve_file_times; //!< Set timestamps of extracted files
 	bool local_timestamps; //!< Use local timezone for setting timestamps
diff --git a/src/cli/main.cpp b/src/cli/main.cpp
index 20536cd..483ffcf 100644
--- a/src/cli/main.cpp
+++ b/src/cli/main.cpp
@@ -133,7 +133,8 @@ int main(int argc, char * argv[]) {
 		("extract,e", "Extract files (default action)")
 		("list,l", "Only list files, don't write anything")
 		("list-languages", "List languages supported by the installer")
-		("gog-game-id", "Determine the GOG.com game ID for this installer")
+		("gog-game-id", "Determine the installer's GOG.com game ID")
+		("show-password", "Show password check information")
 	;
 	
 	po::options_description modifiers("Modifiers");
@@ -244,8 +245,9 @@ int main(int argc, char * argv[]) {
 	o.test = (options.count("test") != 0);
 	o.list_languages = (options.count("list-languages") != 0);
 	o.gog_game_id = (options.count("gog-game-id") != 0);
-	bool explicit_action = o.list || o.test || o.extract
-	                       || o.list_languages || o.gog_game_id;
+	o.show_password = (options.count("show-password") != 0);
+	bool explicit_action = o.list || o.test || o.extract || o.list_languages
+	                       || o.gog_game_id || o.show_password;
 	if(!explicit_action) {
 		o.extract = true;
 	}