#2 Getting Error while acquiring Windows CryptoAPI context

v1.0_(example)
open
nobody
None
5
2016-01-26
2013-07-12
No

I'm trying to use NsisCrypt to secure a couple of passwords in a config file. The code works fine on my development machine but fails with the above error on every other machine I've tried it on.

The code:

StrCpy $algorithm "3des"

NsisCrypt::Base64Encode "<key string>"
Pop $key

NsisCrypt::Base64Encode "<iv string>"
Pop $iv

NsisCrypt::EncryptSymmetric $teststring $algorithm $key $iv
Pop $encryptedString

What am I doing wrong?

Discussion

  • Kamyar

    Kamyar - 2013-07-12

    I am considering and reproducing the error. Will reply you ASAP. Thanks!

     
  • Chris Forman

    Chris Forman - 2013-07-12

    I also asked this on Stack Overflow here and there was a suggestion that I run the following code to get more information:

    !define MS_DEF_PROV "Microsoft Base Cryptographic Provider v1.0"
    !define MS_ENHANCED_PROV "Microsoft Enhanced Cryptographic Provider v1.0"
    !define PROV_RSA_FULL 1
    
    System::Call 'advapi32::CryptAcquireContext(*i.r0,i0,t "${MS_ENHANCED_PROV}",i${PROV_RSA_FULL},i0)i.r1 ?e' # The plugin uses these parameters
    pop $3
    detailprint ret=$1,getlasterror=$3,hContext=$0
    
    System::Call 'advapi32::CryptAcquireContext(*i.r0,i0,t "${MS_DEF_PROV}",i${PROV_RSA_FULL},i0)i.r1 ?e'
    pop $3
    detailprint ret=$1,getlasterror=$3,hContext=$0
    
    System::Call 'advapi32::CryptAcquireContext(*i.r0,i0,i0,i${PROV_RSA_FULL},i0)i.r1 ?e'
    pop $3
    detailprint ret=$1,getlasterror=$3,hContext=$0
    

    All three calls return the error number -2146893802 (or 0x80090016) which according to this page is:

    NTE_BAD_KEYSET
    0x80090016L

    The key container could not be opened. A common cause of this error is that the key container does not exist. To create a key container, call CryptAcquireContext using the CRYPT_NEWKEYSET flag. This error code can also indicate that access to an existing key container is denied. Access rights to the container can be granted by the key set creator by using CryptSetProvParam.

     
  • Chris Forman

    Chris Forman - 2013-07-12

    It looks like this might well be related to the other bug report

     
  • Chris Forman

    Chris Forman - 2013-07-15

    I have implemented the patch given in the other bug report and this fixes my problem. For the time being we'll use this modified version, but will use the official version when you release a new version.

     
    • Evgemi Morozovs

      Evgemi Morozovs - 2016-01-26

      Download ready ddl please.

       
  • Steve Jarvis

    Steve Jarvis - 2013-12-11

    I have the same problem which the patch fixes. My only remaining problem is that I cannot seem to build the new version of nsiscrypt without Microsoft Visual C Run Time dependencies.

     
  • Evgemi Morozovs

    Evgemi Morozovs - 2016-01-26

    How to use the patch ? Help me to understand

     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks