RE: How can Guest use encryption?

From: lelteto (lelteto_at_discussions.microsoft.com)
Date: 02/18/05

  • Next message: ESOCIAL: "Re: How to CERT_SYSTEM_STORE_USERS?" 
    Date: Fri, 18 Feb 2005 08:49:02 -0800

    You don't need a key store if you use CryptAcquireContext with
    CRYPT_VERIFYCONTEXT.

    Laszlo Elteto
    SafeNet, Inc.

    "sean" wrote:

    > I have a Windows 2000 kiosk PC that is logged-in as Guest. I have a C++
    > application that uses the Crypto API to encrypt communication over the
    > Internet. When the application tries to create the keystore so the key
    > can be imported and used I get the error:
    >
    > 0x80090024 - The profile for the user is a temporary profile.
    >
    > The only information I can find about this error is this:
    >
    > <http://support.microsoft.com/default.aspx?scid=kb;en-us;265357>
    >
    > The relevant paragraph:
    >
    > This error also occurs if the user is a member of the Guests or Domain
    > Guests group, but this is by design. Certificates and the associated
    > private keys are stored in a secured location in the user's profile. If
    > the user is a member of the Guests or Domain Guests groups, then the
    > system marks the profile as temporary which means it will be deleted
    > when the user logs off. Windows 2000 will not allow you to save a
    > private key to a temporary profile because it will not persist from
    > logon session to logon session.
    >
    > I need to create a keystore just so I can import my pre-shared key. I
    > use the key, then delete it. Its a temporary thing. Not allowing Guest
    > to create a keystore just because it will get deleted on logout seems to
    > me to be a very limiting restriction, and for no apparent reason.
    >
    > Is there any way around this problem?
    >
    > Thanks,
    >
    > Sean
    >

  • Next message: ESOCIAL: "Re: How to CERT_SYSTEM_STORE_USERS?"

    Relevant Pages

    • RE: CryptAcquireContext() question.
      ... NTE_TEMPORARY_PROFILE (The profile for the user is a temporary profile). ... This error also occurs if the user is a member of the Guests or Domain ... because it will not persist from logon session to logon session. ...
      (microsoft.public.platformsdk.security)
    • Re: How can Guest use encryption?
      ... >>This error also occurs if the user is a member of the Guests or Domain ... >>private keys are stored in a secured location in the user's profile. ... >>logon session to logon session. ...
      (microsoft.public.platformsdk.security)
    • Re: How can Guest use encryption?
      ... >>This error also occurs if the user is a member of the Guests or Domain ... >>private keys are stored in a secured location in the user's profile. ... >>logon session to logon session. ...
      (microsoft.public.platformsdk.security)
    • Re: How can Guest use encryption?
      ... >>This error also occurs if the user is a member of the Guests or Domain ... >>private keys are stored in a secured location in the user's profile. ... >>logon session to logon session. ...
      (microsoft.public.platformsdk.security)
    • Re: An offer too good to refuse girls?
      ... >> Guests in executive rooms receive a complementary ... >>> I wonder if it will be Sean Connery??? ...
      (uk.people.silversurfers)
    Loading