Expose AES information

src/aes.rs

@@ -124,6 +124,23 @@ impl<R: Read> AesReader<R> {
             finalized: false,
         })
     }
+
+    /// Read the AES header bytes and returns the key and salt.
+    ///
+    /// # Returns
+    ///
+    /// the key and the salt
+    pub fn get_key_and_salt(mut self) -> io::Result<(Vec<u8>, Vec<u8>)> {
+        let salt_length = self.aes_mode.salt_length();
+
+        let mut salt = vec![0; salt_length];
+        self.reader.read_exact(&mut salt)?;
+
+        // next are 2 bytes used for password verification
+        let mut pwd_verification_value = vec![0; PWD_VERIFY_LENGTH];
+        self.reader.read_exact(&mut pwd_verification_value)?;
+        Ok((pwd_verification_value, salt))
+    }
 }
 
 /// A reader for aes encrypted files, which has already passed the first password check.

src/read.rs

@@ -645,6 +645,32 @@ impl<R: Read + Seek> ZipArchive<R> {
         Ok(shared)
     }
 
+    /// Returns key and salt
+    pub fn get_aes_key_and_salt(
+        &mut self,
+        file_number: usize,
+    ) -> ZipResult<Option<(AesMode, Vec<u8>, Vec<u8>)>> {
+        let (_, data) = self
+            .shared
+            .files
+            .get_index(file_number)
+            .ok_or(ZipError::FileNotFound)?;
+
+        if !data.encrypted {
+            return Err(ZipError::UnsupportedArchive(ZipError::PASSWORD_REQUIRED));
+        }
+        let limit_reader = find_content(data, &mut self.reader)?;
+        match data.aes_mode {
+            None => Ok(None),
+            Some((aes_mode, _, _)) => {
+                let (key, salt) = AesReader::new(limit_reader, aes_mode, data.compressed_size)
+                    .get_key_and_salt()
+                    .expect("AES reader failed");
+                Ok(Some((aes_mode, key, salt)))
+            }
+        }
+    }
+
     /// Read a ZIP archive, collecting the files it contains
     ///
     /// This uses the central directory record of the ZIP file, and ignores local file headers