Re: CryptoAPI migration from WinNT to Win2003 server

From: Michel Gallant (neutron_at_istar.ca)
Date: 01/27/05 

Date: Thu, 27 Jan 2005 11:52:23 -0500

The keys are enumerated for the current user (as specified by default in the CryptAcquireContext() call).
The enumeration is provided by the CryptoAPI fn:
   CryptGetProvParam(..) with dwParam = PP_ENUMCONTAINERS
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/cryptgetprovparam.asp

Since details of how keycontainers are implemented (file system, registry etc..) are platform dependent,
and subject to change, the api call above manages those details internally (i.e. no explicit "keycontainer file" is specified).

- Mitch

"Eric" <Eric@discussions.microsoft.com> wrote in message news:6FAF5CD1-DFAC-46A9-ADCA-ED7F8D4B2642@microsoft.com...
> Hi Mitch-
>
> Took a look at your program. Wonder if I might inquire how you are pulling
> the key container from the file system? Are you just doing some file IO and
> grabbing the name of the files off the system for a particular profile?
>
> Thanks
>
> Eric
>
> "Michel Gallant" wrote:
>
> > If you have .NET runtime installed, here is a keycontainer utility
> > which might help:
> > http://www.jensign.com/JavaScience/dotnet/keypal
> >
> > - Mitch Gallant
> > MVP Security
> >
> > "CryptoAPI migration from WinNT to Win200" <CryptoAPI migration from WinNT to Win200@discussions.microsoft.com> wrote in message
> > news:D4FB2ADE-5F38-42B4-8D82-34A38FADFFC5@microsoft.com...
> > > Hello-
> > >
> > > Can anyone help me to understand how to enumerate through the key containers
> > > (for specific profiles) on a windows 2003 server?
> > >
> > > CryptAquireContext does grab the active key container, but if the system has
> > > multiple key containers for a particular user profile I am not seeing the
> > > solution to knowing/grabbing all the key containers? Where this would be
> > > benifical for me is for say the export process where I want to export
> > > multiple key containers to another system.
> > >
> > > There is a longer explination below if anyone is interested in greater
> > > detail of what I am trying to do.
> > >
> > > Any suggestions or help for things to look at for this software migrations
> > > would be greatly appreciated.
> > > Thanks
> > > ***************
> > >
> > > I currently am trying to migrate a program written durning the Windows NT
> > > 4.0 days to windows 2003 server. This program implements the CryptoAPI and
> > > WinReg api.
> > >
> > > Basically, the issue revolves around accessing the key containers on the
> > > system the application is installed on. For WinNT 4.0 the storage of the key
> > > containers was in the registry. So the program would enumerate through the
> > > registry space grabbing the key containers (ie in an export).
> > >
> > > Obviously, the key containers are stored in a different location (profile
> > > based on the file system) in the newer OS'es. It seems all the cryptoAPI
> > > calls still function correclty. My issue resides in the fact that I need to
> > > change how the cryptoAPI accesses the key containers (since the change was in
> > > registry access).
> > >
> >
> >
> >

Relevant Pages

  • Re: Hashtable
    ... > private TextField userNumber = new ... > public void View ... If you don't care about the keys, use the valuesmethod instead of the ... keysmethod to get an enumeration of values. ...
    (comp.lang.java.programmer)
  • Re: Disable IE Attachment File Browsing
    ... settings in gpedit. ... perhaps Slobodan or KM might know what the keys are off hand. ... want to allow users to view the file system or attach files using an e-mail ...
    (microsoft.public.windowsxp.embedded)
  • Re: Cobol ISAM Alternate Keys
    ... > keys is permitted, and the more alternate keys there are, the more likely ... Modifying the value of an alternate key within a record indeed causes a bit ... of 'stirring' of that index tree as the file system has to remove the old ... REWRITE) should a system failure occur during the REWRITE. ...
    (comp.lang.cobol)
  • Re: StdRegProv EnumKey HKEY_USERS
    ... > Can anyone, please, make clear situation with remote host registry keys ... > enumeration using SUBJ. ... > I am trying to get keys from remote machine and the problem is to get right ... -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: ...
    (microsoft.public.win32.programmer.wmi)
  • Re: Windows.forms.keys collection
    ... I've found that when I convert the char, it does not match the enumeration item index and thereby generates a very random output. ... Any ideas on how I can convert chars to their right equivalent in the Keys enumeration. ... If you are going to do that, you need to correctly map the characters to key press events. ... But there are other keys in the enumeration that don't correspond to any ASCII character, and other ASCII characters cannot be converted simply by changing the case and applying a modifier key. ...
    (microsoft.public.dotnet.framework)