Getting Error while acquiring Windows CryptoAPI context

Brought to you by: kamyar1979

#2 Getting Error while acquiring Windows CryptoAPI context

Milestone: v1.0_(example)

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2016-01-26

Created: 2013-07-12

Creator: Chris Forman

Private: No

I'm trying to use NsisCrypt to secure a couple of passwords in a config file. The code works fine on my development machine but fails with the above error on every other machine I've tried it on.

The code:

StrCpy $algorithm "3des"

NsisCrypt::Base64Encode "<key string>"
Pop $key

NsisCrypt::Base64Encode "<iv string>"
Pop $iv

NsisCrypt::EncryptSymmetric $teststring $algorithm $key $iv
Pop $encryptedString

What am I doing wrong?

Discussion

Kamyar - 2013-07-12

I am considering and reproducing the error. Will reply you ASAP. Thanks!

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Chris Forman - 2013-07-12

I also asked this on Stack Overflow here and there was a suggestion that I run the following code to get more information:

!define MS_DEF_PROV "Microsoft Base Cryptographic Provider v1.0" !define MS_ENHANCED_PROV "Microsoft Enhanced Cryptographic Provider v1.0" !define PROV_RSA_FULL 1 System::Call 'advapi32::CryptAcquireContext(*i.r0,i0,t "${MS_ENHANCED_PROV}",i${PROV_RSA_FULL},i0)i.r1 ?e' # The plugin uses these parameters pop $3 detailprint ret=$1,getlasterror=$3,hContext=$0 System::Call 'advapi32::CryptAcquireContext(*i.r0,i0,t "${MS_DEF_PROV}",i${PROV_RSA_FULL},i0)i.r1 ?e' pop $3 detailprint ret=$1,getlasterror=$3,hContext=$0 System::Call 'advapi32::CryptAcquireContext(*i.r0,i0,i0,i${PROV_RSA_FULL},i0)i.r1 ?e' pop $3 detailprint ret=$1,getlasterror=$3,hContext=$0

All three calls return the error number -2146893802 (or 0x80090016) which according to this page is:

NTE_BAD_KEYSET
0x80090016L

The key container could not be opened. A common cause of this error is that the key container does not exist. To create a key container, call CryptAcquireContext using the CRYPT_NEWKEYSET flag. This error code can also indicate that access to an existing key container is denied. Access rights to the container can be granted by the key set creator by using CryptSetProvParam.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Chris Forman - 2013-07-12

It looks like this might well be related to the other bug report

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Chris Forman - 2013-07-15

I have implemented the patch given in the other bug report and this fixes my problem. For the time being we'll use this modified version, but will use the official version when you release a new version.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Evgemi Morozovs - 2016-01-26
  
  Download ready ddl please.
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Steve Jarvis - 2013-12-11

I have the same problem which the patch fixes. My only remaining problem is that I cannot seem to build the new version of nsiscrypt without Microsoft Visual C Run Time dependencies.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Evgemi Morozovs - 2016-01-26

How to use the patch ? Help me to understand

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.