Re: Custom CSP - Bad Signature Error
From: Doug Barlow (soft_pedal_at_hotmail.com)
Date: 12/13/04
- Previous message: Mzito: "Re: Can't call WlxSASNotify in a separate thread! Alternative ways?"
- In reply to: Prassi: "Re: Custom CSP - Bad Signature Error"
- Next in thread: lelteto: "Re: Custom CSP - Bad Signature Error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 13 Dec 2004 16:32:11 GMT
For full information on how CSP signing works, see
http://msdn.microsoft.com/library/en-us/seccrypto/security/test_signing_the_csp.asp
and the surrounding MSDN articles.
For Windows 98, the signature of the CSP must be in the registry, and must
be updated each time you rebuild your CSP.
For simplicity, look at the source code file supplied with Microsoft's CSPDK
called autoreg.cpp (in the 'csp' folder). If you edit that file where
marked and link it into your CSP, it will do the work of adding all the
proper registry information for the target platform when you call the
regsvr32 command line tool. (If your CSP isn't using a smart card, then you
can ignore any edits that occur within '#ifdef SCARD_CSP'/'#endif' pairs.)
Here are the full steps:
1) Copy the autoreg.cpp file into your project source area, and edit it
where marked. If your CSP doesn't use smart cards, then the critical edit
points are:
Line 73: Change the text string to the name of your CSP.
Line 76: If your CSP isn't a PROV_RSA_FULL type, change the type to the
right value.
Line 817: If your CSP isn't built with MFC, find some way for it to get a
hold of the module handle supplied in the DLLmain entry point. (The example
code uses a suggested global variable.)
2) Add the autoreg.cpp file to your build, and make sure the following
lines are in your CSP's .def file:
DllRegisterServer PRIVATE
DllUnregisterServer PRIVATE
3) Each time you relink your CSP, also sign it and register it. Here's a
batch file that does all that, suitable for calling from within the build
process. To use it, define an environment variable "CSPDK" that points to
where you've installed the Microsoft CSPDK. Then call it with a parameter
of the CSP DLL file to sign.
@echo off
call :doSig "%CSPDK%" "%~f1"
goto :eof
:doSig
"%~1\cspSign.exe" c "%~2"
"%~1\cspSign.exe" c "%~2"
"%~1\cspSign.exe" s "%~2" "%~dpn2.sig"
regsvr32 "%~2"
Now to distribute your CSP to other systems, copy both the newly built .DLL
and .SIG files to the other system, and run regsvr32 on that system.
Doug Barlow
The Soft Pedal Shop
CSP Design & Development Consulting
http://www.SoftPedal.net
-- "Prassi" <Prassi@discussions.microsoft.com> wrote in message news:87FD9279-07AC-4EDA-B793-DF0D8AF8F608@microsoft.com... > Hi..., > I have created a custom CSP DLL and also successfully registered it with > the OS (Win 98 SE). > When I create a small test application and try to call > "CryptAcquireContext" of this custom DLL, it returns the error 0x80090006 > (Bad Signature error...)... > Why does this happen...? If the signature is bad then howcome the DLL is > registered...? > Please suggest a solution to this problem... > Thanks in advance....
- Previous message: Mzito: "Re: Can't call WlxSASNotify in a separate thread! Alternative ways?"
- In reply to: Prassi: "Re: Custom CSP - Bad Signature Error"
- Next in thread: lelteto: "Re: Custom CSP - Bad Signature Error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
