Encrypting a password using Windows standard key?

Just starting out? Need help? Post your questions and find answers here.
Post Reply
pthien
Enthusiast
Enthusiast
Posts: 148
Joined: Sun Jun 29, 2003 9:39 pm

Encrypting a password using Windows standard key?

Post by pthien »

Hi.

I've written a little app that monitors the Windows event logs and log files for changes, and forwards those to me via E-Mail. I've called it jptnotify so far (JPT being my initials).

I'd like to make a version available to the public, but would have to allow users to enter their own E-Mail settings (server name, login name, password, etc.).

Right now, I've got my credentials hard-coded into my app, but want the user to be able to enter their own credentials. I already have an INI file that the app reads for event #'s to include/exclude, etc., but if I use the new version, I don't want to stick my E-Mail server password into my ini file.

So I started looking at the crypto features in PB. Then the next question became, what to use for the key? I'd rather not use a single key across platforms, and figured maybe there is a call to Windows to get a unique key Windows uses?

So my thinking is, someone would run 'jptnotify "thisismyemailpassword"' and then jptnotify would spit-out the encrypted version of the password that could be placed into the INI file, and that encrypted password would only work on THAT Windows machine.

Does Windows have any sort of standard keys used for encryption that I can access with a PB function?

What about the SID? Or maybe I should use the processor serial # or the MAC address?

Any thoughts?
Top
firace
Addict
Addict
Posts: 946
Joined: Wed Nov 09, 2011 8:58 am

Re: Encrypting a password using Windows standard key?

Post by firace »

I don't remember where I got it from, but the following API should do exactly what you need (encrypts and decrypts a string using machine and user specific cryptographic keys):

Code: Select all


OpenLibrary(111, "crypt32.dll")
      
Structure CRYPTOAPI_BLOB
    cbData.i  ;;  size
  *pbData
EndStructure

Global CI.CRYPTOAPI_BLOB          ;;; cleartext
Global CO.CRYPTOAPI_BLOB          ;;; encrypted data
Global Outdata2.CRYPTOAPI_BLOB    ;;; cleartext again
Global Text.s

Text = "Hallo!"

CI\pbData = @Text
CI\cbData = (Len(Text) + 1) * SizeOf(Character)

CallFunction(111, "CryptProtectData", @CI, 0, 0, 0, 0, 0, @CO) ;; 

CallFunction(111, "CryptUnprotectData", @CO, 0, 0, 0, 0, 1, @Outdata2)
Debug PeekS(Outdata2\pbData, Outdata2\cbData)
I've heard that Chrome uses this API to store saved passwords, for instance.
Top
pthien
Enthusiast
Enthusiast
Posts: 148
Joined: Sun Jun 29, 2003 9:39 pm

Re: Encrypting a password using Windows standard key?

Post by pthien »

Thank you so much for the help, I'll give this a shot.
Top
User avatar
Mijikai
Addict
Addict
Posts: 1517
Joined: Sun Sep 11, 2016 2:17 pm

Re: Encrypting a password using Windows standard key?

Post by Mijikai »

The function as import:

Code: Select all

Import "crypt32.lib"
 CryptProtectData(*pDataIn,szDataDescr.s,*pOptionalEntropy,pvReserved.i,*pPromptStruct,dwFlags.l,*pDataOut)
EndImport
Top
Post Reply

Return to “Coding Questions”