(chocolatey#3503, chocolatey#3513) Handle decryption failures better

src/chocolatey/infrastructure.app/services/NugetService.cs

@@ -189,6 +189,8 @@ it is possible that incomplete package lists are returned from a command
                 this.Log().Debug(ChocolateyLoggers.Verbose, () => "--- Start of List ---");
             }
 
+            var decryptionFailures = new List<ChocolateyPackageInformation>();
+
             foreach (var pkg in NugetList.GetPackages(config, _nugetLogger, _fileSystem))
             {
                 var package = pkg; // for lamda access
@@ -219,7 +221,12 @@ it is possible that incomplete package lists are returned from a command
 
                     if (!string.IsNullOrWhiteSpace(packageInfo.Arguments))
                     {
-                        var decryptedArguments = ArgumentsUtility.DecryptPackageArgumentsFile(_fileSystem, packageInfo.Package.Id, packageInfo.Package.Version.ToNormalizedStringChecked());
+                        var decryptedArguments = ArgumentsUtility.DecryptPackageArgumentsFile(_fileSystem, packageInfo.Package.Id, packageInfo.Package.Version.ToNormalizedStringChecked()).ToList();
+
+                        if (decryptedArguments.Count <= 0)
+                        {
+                            decryptionFailures.Add(packageInfo);
+                        }
 
                         packageArgumentsUnencrypted = "\n Remembered Package Arguments: \n  {0}".FormatWith(string.Join(Environment.NewLine + "  ", decryptedArguments));
                     }
@@ -336,6 +343,17 @@ Package url{6}
                     this.Log().Warn(logType, "Over {0:N0} packages was found per source, there may be more packages available that was filtered out. Please refine your search, or specify a page to check for more packages.".FormatWith(NugetList.LastPackageLimitUsed * 0.9));
                 }
             }
+
+            if (decryptionFailures.Count > 0)
+            {
+                // Emit a warning if we're on the info or list command.
+                if ((config.CommandName.IsEqualTo("info") || config.CommandName.IsEqualTo("list")) && config.RegularOutput)
+                {
+                    var failedPackages = string.Join(", ", decryptionFailures.Select(f => "{0} - {1}".FormatWith(f.Package.Id, f.Package.Version)));
+                    this.Log().Warn("There were some failures decrypting package arguments.");
+                    this.Log().Warn("Failed packages:{0}".FormatWith(failedPackages));
+                }
+            }
         }
 
         public void PackDryRun(ChocolateyConfiguration config)
@@ -1821,38 +1839,14 @@ protected virtual ChocolateyConfiguration SetConfigFromRememberedArguments(Choco
                 return config;
             }
 
-            var packageArgumentsUnencrypted = packageInfo.Arguments.ContainsSafe(" --") && packageInfo.Arguments.ToStringSafe().Length > 4 ? packageInfo.Arguments : NugetEncryptionUtility.DecryptString(packageInfo.Arguments);
+            var packageArguments = ArgumentsUtility.DecryptPackageArgumentsFile(_fileSystem, packageInfo.Package.Id, packageInfo.Package.Version.ToString());
 
-            var sensitiveArgs = true;
+            var packageArgumentsUnencrypted = string.Join(" ", packageArguments);
             if (!ArgumentsUtility.SensitiveArgumentsProvided(packageArgumentsUnencrypted))
             {
-                sensitiveArgs = false;
                 this.Log().Debug(ChocolateyLoggers.Verbose, "{0} - Adding remembered arguments for upgrade: {1}".FormatWith(packageInfo.Package.Id, packageArgumentsUnencrypted.EscapeCurlyBraces()));
             }
 
-            var packageArgumentsSplit = packageArgumentsUnencrypted.Split(new[] { " --" }, StringSplitOptions.RemoveEmptyEntries);
-            var packageArguments = new List<string>();
-            foreach (var packageArgument in packageArgumentsSplit.OrEmpty())
-            {
-                var packageArgumentSplit = packageArgument.Split(new[] { '=' }, 2, StringSplitOptions.RemoveEmptyEntries);
-                var optionName = packageArgumentSplit[0].ToStringSafe();
-                var optionValue = string.Empty;
-                if (packageArgumentSplit.Length == 2)
-                {
-                    optionValue = packageArgumentSplit[1].ToStringSafe().UnquoteSafe();
-                    if (optionValue.StartsWith("'"))
-                    {
-                        optionValue.UnquoteSafe();
-                    }
-                }
-
-                if (sensitiveArgs)
-                {
-                    this.Log().Debug(ChocolateyLoggers.Verbose, "{0} - Adding '{1}' to upgrade arguments. Values not shown due to detected sensitive arguments".FormatWith(packageInfo.Package.Id, optionName.EscapeCurlyBraces()));
-                }
-                packageArguments.Add("--{0}{1}".FormatWith(optionName, string.IsNullOrWhiteSpace(optionValue) ? string.Empty : "=" + optionValue));
-            }
-
             var originalConfig = config.DeepCopy();
             // this changes config globally
             ConfigurationOptions.OptionSet.Parse(packageArguments);

src/chocolatey/infrastructure.app/utility/ArgumentsUtility.cs

@@ -54,6 +54,11 @@ public static bool SensitiveArgumentsProvided(string commandArguments)
         }
 
         public static IEnumerable<string> DecryptPackageArgumentsFile(IFileSystem fileSystem, string id, string version)
+        {
+            return DecryptPackageArgumentsFile(fileSystem, id, version, true);
+        }
+
+        public static IEnumerable<string> DecryptPackageArgumentsFile(IFileSystem fileSystem, string id, string version, bool redactSensitiveArguments)
         {
             var argumentsPath = fileSystem.CombinePaths(ApplicationParameters.InstallLocation, ".chocolatey", "{0}.{1}".FormatWith(id, version));
             var argumentsFile = fileSystem.CombinePaths(argumentsPath, ".arguments");
@@ -79,11 +84,22 @@ public static IEnumerable<string> DecryptPackageArgumentsFile(IFileSystem fileSy
                 yield break;
             }
 
-            // The following code is borrowed from the Chocolatey codebase, should
-            // be extracted to a separate location in choco executable so we can re-use it.
-            var packageArgumentsUnencrypted = arguments.Contains(" --") && arguments.ToStringSafe().Length > 4
-                ? arguments
-                : NugetEncryptionUtility.DecryptString(arguments);
+            string packageArgumentsUnencrypted = string.Empty;
+
+            try
+            {
+                // The following code is borrowed from the Chocolatey codebase, should
+                // be extracted to a separate location in choco executable so we can re-use it.
+                packageArgumentsUnencrypted = arguments.Contains(" --") && arguments.ToStringSafe().Length > 4
+                    ? arguments
+                    : NugetEncryptionUtility.DecryptString(arguments);
+
+            }
+            catch (Exception ex)
+            {
+                "chocolatey".Log().Debug("There was an error attempting to decrypt the contents of the .arguments file for version '{0}' of package '{1}'.  See log file for more information.".FormatWith(version, id));
+                "chocolatey".Log().Debug("We failed to decrypt {0}. Error from decryption: {1}".FormatWith(argumentsFile, ex.Message));
+            }
 
             // Lets do a global check first to see if there are any sensitive arguments
             // before we filter out the values used later.
@@ -102,7 +118,7 @@ public static IEnumerable<string> DecryptPackageArgumentsFile(IFileSystem fileSy
                 var optionName = packageArgumentSplit[0].ToStringSafe();
                 var optionValue = string.Empty;
 
-                if (packageArgumentSplit.Length == 2 && isSensitiveArgument)
+                if (packageArgumentSplit.Length == 2 && isSensitiveArgument && redactSensitiveArguments)
                 {
                     optionValue = "[REDACTED ARGUMENT]";
                 }