DPAPI implementation problems
From: Alan Croston (anonymous_at_discussions.microsoft.com)
Date: 03/01/04
- Next message: vivek: "counter sign question"
- Previous message: Innokentiy Ivanov: "Re: Attaching private key to the existing certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 1 Mar 2004 07:59:16 -0800
Hello everyone,
I have been referred from the 2000 server forum to here
because there my topic is more applicable to this forum.
OK here goes:-
I have implemented a file encryption solution using
windows XP. this uses DPAPI it calls via a Visual Basic
Class (I have tested the class and as a COM object). I
then make calls to this class object like Encrypt
(BLOBin, , , , , BLOBout) and Decrypt(BLOBin, , , , ,
BLOBout). In visual Basic, the 'BLOB' I pass into the
functions is a Byte array (e.g. Dim bytes() as Byte). I
cannot currently use .NET. However, I am convinced that
if I could, this would not solve the problem as in my
attempt to find the cause of this problem has lead me to
belive that the DPAPI implementation on XP and 2000 may
be the culprit?
Windows XP problem
I have tested encryption on files up to 109 MB. However,
decryption of Encrypted data BLOBs of roughly the same
size causes DPAPI to return an empty byte array with no
length and no error message on Windows XP.
I have checked my code and produced versions that allow
me to debug right up to the point where the DPAPI method
Encrypt / Decrypt is called from my Visual Basic 6 code.
The method is called... there is a pause... and then the
methods returns execution back to the Visual Basic code
with no error message and an empty byte array.
Windows 2000 Server problem
I moved the code onto windows 2000 server and the call to
the Crypt32.dll fails with "Automation Error: Remote
Procedure Call Failed". It only does this when I try to
encrypt files over about 300 kbytes. Anything less than
about 300 kbytes works encrypts and decrypts fine.
I have checked the versions of the dlls and XP has a
later (larger in size) version of the Crypt32.dll, so
obviously there were changes between 2000 and XP possibly
impacting the implementation of the DP API.
2000 version 5.131.2195.6661 (Supplied with 2000 SP4)
XP version 5.131.2600.1106 (Supplied with XP SP1)
Again (as with the XP problem) I have checked my code and
produced versions that allow me to debug right up to the
point where the DPAPI method Encrypt / Decrypt is called
from my Visual Basic 6 code. The method is called...
there is a pause... and the when I get the
err.getLastDLLError I get the RPC failed message. I have
tried recompiling the code on Windows 2000 Server.
What is / are the problems?
Are my byte arrays causing these problems? If so, how is
it that I have method failures from the DPAPI. After all,
I am just changing the number of bytes passed into the
Encrypt and Decrypt functions on different platforms.
Hmmmmmmm... :-(
Hope someone can help me.
Thankyou in anticipation,
Alan Croston
P.S. Apparently I can get around this problem by calling
a different set of encryption/decryption ("CryptEncrypt"
or something like that) functions, however I am not sure
of the implementation of this or how to call these in
Visual Basic 6!!!
- Next message: vivek: "counter sign question"
- Previous message: Innokentiy Ivanov: "Re: Attaching private key to the existing certificate"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
