2. NSIS Discussion
  3. DES in NSIS

Archive: DES in NSIS


lushdog
31st January 2008 18:19 UTC

DES Encryption (or encryption in general) in NSIS
Sorry if this has been answered before but is there any way to invoke DES encryption/decryption from within a NSIS script?

I want to encrypt/decrypt a string.

Thanks in advance,

Joel
31st January 2008 19:14 UTC

Probably yes, assuming calling the library via system plugin or recompiling the source of it into nsis portable plugin.

lushdog
31st January 2008 19:15 UTC

Excuse my ignorance but I'm assuming you mean calling a Win32 library via system::call ?

lushdog
31st January 2008 21:36 UTC

Ah I see that I can use Advapi32.dll to access the CryptEncrypt function.

But this CryptEncrypt function needs pointers to data created with the CryptImportKey which in turn needs data created with CryptAcquireContext function.

Can I string these together, i.e. passing the vars from one system call to another?

Also I see that some of the functions use a HCRYPTKEY data type. Is this type supported in system calls from NSIS?

Joel
1st February 2008 01:10 UTC

System plugin supports all the return types, the question here is...what would the propper code, there's a system tutorial around here and @ wikis, search the forums about pointers and system plugin, read the docs, so you can know how to :)

Anders
1st February 2008 01:26 UTC

HCRYPTPROV,HCRYPTKEY and HCRYPTHASH are probably pointer sized, use i and *i

lushdog
1st February 2008 15:44 UTC

Ok I'll try this out in my spare time. I've gone through the MSDN and collated the function sigs and here is what I have so far.

BOOL WINAPI CryptEncrypt(
__in HCRYPTKEY hKey, **CryptImportKey**
__in HCRYPTHASH hHash, **NULL**
__in BOOL Final, **TRUE**
__in DWORD dwFlags, **0 or NULL**
__inout BYTE* pbData, **string to be encrypted** **when function done it contains encrypted**
__inout DWORD* pdwDataLen, **length in bytes of above**
__in DWORD dwBufLen
);

BOOL WINAPI CryptImportKey(
__in HCRYPTPROV hProv, **returned by CryptAquireContext**
__in BYTE* pbData,
__in DWORD dwDataLen,
__in HCRYPTKEY hPubKey,
__in DWORD dwFlags, **CRYPT_NO_SALT**
__out HCRYPTKEY* phKey **returned**
);



BOOL WINAPI CryptAcquireContext(
__out HCRYPTPROV* phProv, **returned**
__in LPCTSTR pszContainer, **NULL uses default**
__in LPCTSTR pszProvider, **MS_DEF_PROV** **NULL uses default**
__in DWORD dwProvType, **NULL?**
__in DWORD dwFlags **0**
);

Am I on the right track here?

kichik
1st February 2008 16:04 UTC

If you're not locked on DES, you could use the Blowfish plug-in.

http://nsis.sourceforge.net/Blowfish_plug-in

lushdog
1st February 2008 16:42 UTC

Unfortunately I have to decrypt a string from legacy code (reg entry) that was encrypted in DES.

Fork me on GitHub