choco-package-list-backup: add used extra install arguments to the <package> nodes

[heldchen]

please add any extra arguments (https://github.com/chocolatey/choco/wiki/CommandsInstall#packagesconfig) used during package installation when exporting

example:

choco feature enable -n=useRememberedArgumentsForUpgrades
choco install git --packageparameters "/GitOnlyOnPath /NoAutoCrLf /NoShellIntegration /NoGitLfs"
choco install tortoisegit --installarguments "ADDLOCAL=ALL REMOVE=MoreIcons,CrashReporter"

expected packages.config:

<?xml version="1.0" encoding="utf-8"?>
<packages>
   <package id="git" packageParameters="/GitOnlyOnPath /NoAutoCrLf /NoShellIntegration /NoGitLfs" />
   <package id="tortoisegit" installArguments="ADDLOCAL=ALL REMOVE=MoreIcons,CrashReporter" />
</packages>

actual packages.config:

<?xml version="1.0" encoding="utf-8"?>
<packages>
   <package id="git" />
   <package id="tortoisegit" />
</packages>

[bcurran3]

@heldchen I don't know where to find those parameters. I don't think they are stored anywhere to reference and then use. Am I wrong? Point me in the right direction please.

[heldchen]

honestly I do not know. to me, the useRememberedArgumentsForUpgrades feature implies that it stores the required parameters somewhere:

useRememberedArgumentsForUpgrades - Use Remembered Arguments For Upgrades - when running upgrades, use arguments for upgrade that were used for installation ('remembered'). This is helpful when running upgrade for all packages. Available in 0.10.4+. This is considered in preview for 0.10.4 and will be flipped to on by default in a future release.

which - as a new user of chocolatey - makes sense to me as some installers do not persist the previously selected installation options when run multiple time (i.e. for an update), and me as a user do not want to have to remember how I initially installed a package some months ago.

[bcurran3]

This is impossible at the moment as choco.exe has no way of displaying the installed arguments used. The arguments are encrypted in \programdata\chocolatey.chocolatey\PackageName.Version.arguments and can't be viewed without the decryption key. :(

REF: chocolatey/choco#1310

[bcurran3]

Closing until such a time as it's possible to somehow view the install arguments.

[stippingerm]

Closing until such a time as it's possible to somehow view the install arguments.

@bcurran3 If the decryption key is present on the local system then it is possible to display the information (with some tool). In contrast, if it is not present, the remembered arguments cannot be used during upgrade (contradicting the purpose of useRememberedArgumentsForUpgrades) or, more intriguingly, the secret is mediated to an agent outside the local system.

[bcurran3]

choco.exe knows how to use it's encrypted saved arguments upon upgrading. This is a security feature of Chocolatey.
If a decryption key was found that could be used and publicly made available, I'm sure the Chocolatey Team would change the method ASAP.

This is a desirable request, but not a feasible request.

[heldchen]

isn't it though? choco.exe uses NugetEncryptionUtility.DecryptString to decrypt the stored arguments, and this function itself just uses the standard C# system ProtectedData class. this library seems to use the machine & user keys to encrypt/decrypt. so as long as the user and machine did not change, decryption is straight forward.

according to the docs, ProtectedData encryption is either bound to the current windows user or machine, and not the application used. NugetEnctyptionUtility seems to be using the machine-wide key, so should even be possible to decrypt using a different user on the same computer:

Caution The LocalMachine enumeration value allows multiple accounts to unprotect data. Use this value only when you trust every account on a computer. For most situations, you should use the CurrentUser value.

[bcurran3]

It might be beyond me. :)

If you know how... pull request would be the way.

[heldchen]

I won't be able to create a PR as I'm not using your tool anymore. but here's a proof of concept:

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;

namespace ChocoDecrypt
{
    public class Program
    {
        private static readonly byte[] _entropyBytes = Encoding.UTF8.GetBytes("Chocolatey");
        
        public static void Main(string[] args)
        {
            var encryptedByteArray = Convert.FromBase64String(File.ReadAllText(args[0]));
            var decryptedByteArray = ProtectedData.Unprotect(encryptedByteArray, _entropyBytes, DataProtectionScope.LocalMachine);

            Console.WriteLine(Encoding.UTF8.GetString(decryptedByteArray));
        }
    }
}

compile and use it like so:

D:\>C:\windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /nologo ChocoDecrypt.cs

D:\>ChocoDecrypt.exe C:\ProgramData\chocolatey\.chocolatey\git.2.19.0\.arguments
 --package-parameters="'/GitOnlyOnPath /NoAutoCrLf /NoShellIntegration /NoGitLfs'" --cache-location="'C:\Users\Heldchen\AppData\Local\Temp\chocolatey'" --use-system-powershell

[stippingerm]

@heldchen Thank you for the valuable input, I was sure it could be done. Here, I confirm your method works.

Now I know how to properly migrate the list of my previously installed packages from one machine to an other without manually defining the arguments again.

If a decryption key was found that could be used and publicly made available, I'm sure the Chocolatey Team would change the method ASAP.

@bcurran3 I think, the "security risk" disclosed now is that the Chocolatey team thought the machine key was a good choice. Instead, they could have restricted access to the user who installed Chocolatey or to a newly created group key for the local Choco administrators, which could then be shared while protected with specific authorized user keys. Disclaimer: I am not familiar with the Chocolatey codebase to create a pull request now nor experienced enough (yet) to tell how to implement the proposed "group key" on Windows.

Also applies to chocolatey/choco#1310.

[bcurran3]

@heldchen Thanks for the info.

Could you send me a link to a compiled version of that for me to play around with?

I'm willing to look into this again, but it might be later than sooner.

[heldchen]

I'd recommend compiling it yourself using the freely available .net sdk. you can find them on https://www.microsoft.com/net/download/visual-studio-sdks as "Developer Pack" download.

also, there seems to be a way to execute c# code directly from powershell: https://blogs.technet.microsoft.com/stefan_gossner/2010/05/07/using-csharp-c-code-in-powershell-scripts/
but be aware: as my code above is just a proof of concept, it lacks any error handling. :)

[bcurran3]

I finally got around compiling and testing this today, success.

I'll do some brainstorming on implementing it in the future.

[musm]

Can you also add pinned packages to the back up list options?

choco pin add --name=dropbox

THis is useful since, when installing my backup list I also want it to remember the packages I pinned on the new computer.

[bcurran3]

@musm Yes/No.

Yes there's probably something I could do but there's nothing in Chocolaty to process the info on installing from packages.config. I could probably export a list of pinned packages for you to then at least know about it.

It'll take some thought.

Please open an issue specifically related to this.

[Jackenmen]

Hi, I thought that since I were trying to decode .arguments file too I'll share the code that I used to do it (based on Chocolatey's encryption util):

Add-Type -AssemblyName System.Security
$entropyBytes = [System.Text.UTF8Encoding]::UTF8.GetBytes("Chocolatey")

function Decode-Arguments {
    param([string]$data)
    $encryptedByteArray = [System.Convert]::FromBase64String($data)
    $decryptedByteArray = [System.Security.Cryptography.ProtectedData]::Unprotect(
        $encryptedByteArray,
        $entropyBytes,
        [System.Security.Cryptography.DataProtectionScope]::LocalMachine
    )
    return [System.Text.UTF8Encoding]::UTF8.GetString($decryptedByteArray)
}

$data = Get-Content "C:\ProgramData\chocolatey\.chocolatey\Opera.62.0.3331.99\.arguments"
Decode-Arguments -data $data

[bcurran3]

Thanks.

I just tested that and seems to work.

I'll see about implementing as soon as I have time.

[bcurran3]

FYI: @musm pinned packages back up was added in v2019.01.24