CryptUnprotectDataHex Problem

Feb 16, 2011 at 9:07 AM
Edited Feb 16, 2011 at 10:01 AM

Hi,
can anyone help me with Unprotect crypt data. I will save decrypted password to registry and load it on show first wix dialog to an property.
Here my snippets

Properties in wxy:

 

<Property Id="CRYPTPROTECT_FLAGS"
                  Value="CRYPTPROTECT_LOCAL_MACHINE|CRYPTPROTECT_UI_FORBIDDEN" />

        <Property Id="CRYPTPROTECT_DATA"
                  Hidden="yes"
                  Secure="yes" />

        <Property Id="CRYPTPROTECT_RESULT"
                  Hidden="yes"
                  Secure="yes" />

        <Property Id="CRYPTUNPROTECT_FLAGS"
                  Value="CRYPTPROTECT_LOCAL_MACHINE|CRYPTPROTECT_UI_FORBIDDEN" />

        <Property Id="CRYPTUNPROTECT_DATA"
                  Hidden="yes"
                  Secure="yes">
            <RegistrySearch Id="RS.Password"
                            Key="SOFTWARE\$(var.ProductManufacturerShort)\$(var.ProductNameShort)"
                            Name="ServicePassword"
                            Root="HKLM"
                            Type="raw" />
        </Property>

        <Property Id="CRYPTUNPROTECT_RESULT"
                  Hidden="yes"
                  Secure="yes" />

 

InstallExecuteSequence:

 

<InstallExecuteSequence>
            <RemoveExistingProducts After="InstallInitialize" />

            <Custom Action="CA.DecryptPassword"
                    After="FindRelatedProducts" />

            <Custom Action="CA.SetDecryptedPassword"
                    After="CA.DecryptPassword" />

            <Custom Action="CA.SetPasswordForEncryption"
                    After="InstallInitialize" />

            <Custom Action="CA.EncryptPassword"
                    After="CA.SetPasswordForEncryption" />
        </InstallExecuteSequence>

 

 

And Custom Actions:

 

<CustomAction Id="CA.EncryptPassword"
                      BinaryKey="B.Cryptography"
                      DllEntry="CryptProtectDataHex"
                      Execute="immediate" />

        <CustomAction Id="CA.SetPasswordForEncryption"
                      Property="CRYPTPROTECT_DATA"
                      Value="[PASSWORD]" />

        <CustomAction Id="CA.DecryptPassword"
                      BinaryKey="B.Cryptography"
                      DllEntry="CryptUnProtectDataHex"
                      Execute="immediate" />

        <CustomAction Id="CA.SetDecryptedPassword"
                      Property="PASSWORD"
                      Value="[CRYPTUNPROTECT_RESULT]" />

 

Protect Password works.
But by Unprotect, the Installer breaks with an Error...

[UPDATE]
this is the info in the msi log:
"CustomAction CA.DecryptPassword returned actual error code 1154 (note this may not be 100% accurate if translation happened inside sandbox)"

 

How use it in correct way?

Many Thanks,
Manuel

Coordinator
Feb 16, 2011 at 1:26 PM
Edited Feb 16, 2011 at 1:26 PM

I don't see anything immediately wrong. Remove the secure attributes so that you can see the values being set and post the sections of the msi log that are relevant. 

Feb 16, 2011 at 1:30 PM

Hi,
i found the solution in CustomAction:

old:

<CustomAction Id="CA.DecryptPassword"
                      BinaryKey="B.Cryptography"
                      DllEntry="CryptUnProtectDataHex"
                      Execute="immediate" />

new:

<CustomAction Id="CA.DecryptPassword"
                      BinaryKey="B.Cryptography"
                      DllEntry="CryptUnprotectDataHex"
                      Execute="immediate" />

The dllentry "CryptUnProtectDataHex" must rename to "CryptUnprotectDataHex"!!!

Many Thanks, Greetings, Manuel