Crypto plug-in: Difference between revisions

From NSIS Wiki
Jump to navigationJump to search
Line 45: Line 45:


==== Software Example ====
==== Software Example ====
'''File:''' [[File:Zip.gif]] [http://forums.winamp.com/attachment.php?s=&postid=2221660 uharc sfx examples.zip] (95 KB)
'''File:''' [[File:Zip.gif]] [http://forums.winamp.com/attachment.php?s=&postid=2221660 uharc sfx examples.zip] (95 KB)<BR>
'''Short Description:''' This is a real world implementation of the Crypto plugin.  It does an MD5 on the extractor right before extracting the archive, this ensures that the extractor isn't tampered with and the user isn't tricked into giving their password away.
'''Short Description:''' This is a real world implementation of the Crypto plugin.  It does an MD5 on the extractor right before extracting the archive, this ensures that the extractor isn't tampered with and the user isn't tricked into giving their password away.



Revision as of 06:00, 13 August 2007

Author: GAG (talk, contrib)


Links

Zip.gif cryptoplg11.zip (43 KB) (plugin dll + readme + examples)
Zip.gif hashcalc.zip (30 KB) (Calculates the hash for Strings or specified files)

Forum Thread

Introduction

Version: 1.1.

This plugin provides you cryptographic interface using CryptoAPI. Using this plugin you can get common cryptographic hashes like MD5, SHA1, MD2, MD4.

Plugin DLL size: 3 660 bytes (not packed), 2 886 bytes (upx packed)

How to use

String Hash

Crypto::HashData "MD5" "String to be hashed"
Pop $0

Supported algorithms: MD5|SHA1|MD2|MD4

File Hash

Crypto::HashFile "MD5" "$WINDIR\notepad.exe"
Pop $0

Supported algorithms: MD5|SHA1|MD2|MD4

Implemented in software

Quick Example

Calculate the hash of the file you want checked using the Hash Calculator (hashcalc.zip). From there I was able to use Crypto to ensure that notepad hasn't changed:

Crypto::HashFile "MD5" "$WINDIR\notepad.exe" 
Pop $0
StrCmp $0 "FF7F14FDA901090E337488A1900E3660" +3
MessageBox MB_OK|MB_TOPMOST|MB_SETFOREGROUND|MB_ICONSTOP "ERROR: notepad.exe has been changed!!!"
Quit

Software Example

File: Zip.gif uharc sfx examples.zip (95 KB)
Short Description: This is a real world implementation of the Crypto plugin. It does an MD5 on the extractor right before extracting the archive, this ensures that the extractor isn't tampered with and the user isn't tricked into giving their password away.

How can a file be tampered with and why?

Lets say someone really wants that password. Well they (or malware) can replace the extractor (uharc.exe) with a dummy exe file with the same name that takes all the arguments given to it and puts them into a text file to be read by the evil doer. Well since the password is one of the arguments passed off to extract the archive then you can see where this would be a problem. The advantage to having an MD5 checksum of a file is to ensure that it is not changed. Whether it be changed for malicious purpose or simply a corrupted file.

Another use for checksums

If you are managing your software then you can make your update process even faster. If you create an MD5 checksum of all the files that are currently installed on the system, then you can compare those checksums with the checksums of all the files that are in your patch. Anything that doesn't match will be installed (or reinstalled) and all the checksums that match will simply be skipped. This way your installer doesn't have to take the time to install all the files, only the ones that need to be updated.