Re: Decrypting on different platforms
From: Frank Perry (FrankPerry_at_discussions.microsoft.com)
Date: 05/26/05
- Next message: noolyg_at_yahoo.com: "Creating certificate request with 2 Signers"
- Previous message: Eduardo Francos: "Querying ALT+CTRL+DEL policy"
- In reply to: Ryan Menezes [MSFT]: "Re: Decrypting on different platforms"
- Next in thread: Ryan Menezes [MSFT]: "Re: Decrypting on different platforms"
- Reply: Ryan Menezes [MSFT]: "Re: Decrypting on different platforms"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 May 2005 03:21:04 -0700
Howdy,
I am using the built in CSP.
The code is lifted from the eMbedded Visual C++ help for encrypting and
decrypting data. Here are the sections that give me trouble.
// Get the handle to the default provider.
if (!CryptAcquireContext (&hProv, NULL, NULL, PROV_RSA_FULL, 0))
{
wprintf (TEXT("Error %x during CryptAcquireContext!\n"),
GetLastError ());
goto exit;
}
if (lpszPassword == NULL)
{
// Encrypt the file with a random session key.
// Create a random session key.
if (!CryptGenKey (hProv, CALG_RC2, CRYPT_EXPORTABLE, &hKey))
{
wprintf (TEXT("Error %x during CryptGenKey!\n"),
GetLastError ());
goto exit;
}
// Get the handle to the key exchange public key.
if (!CryptGetUserKey (hProv, AT_KEYEXCHANGE, &hXchgKey))
{
wprintf (TEXT("Error %x during CryptGetUserKey!\n"),
GetLastError ());
goto exit;
}
This is the path with no password. Here it should be giving me a key that I
can export to a blob and then save someplace. At this point, it always fails
saying there is no key.
***
}
else
{
// Encrypt the file with a session key derived from a password.
// Create a hash object.
if (!CryptCreateHash (hProv, CALG_MD5, 0, 0, &hHash))
{
wprintf (TEXT("Error %x during CryptCreateHash!\n"),
GetLastError ());
goto exit;
}
// Hash in the password data.
if (!CryptHashData (hHash, (PBYTE)lpszPassword,
wcslen (lpszPassword), 0))
{
wprintf (TEXT("Error %x during CryptHashData!\n"),
GetLastError ());
goto exit;
}
// Derive a session key from the hash object.
if (!CryptDeriveKey (hProv, CALG_RC2, hHash, 0, &hKey))
{
wprintf (TEXT("Error %x during CryptDeriveKey!\n"),
GetLastError ());
goto exit;
}
}
If I give it a pass word, this section works fine but the same pass word on
the CE machine does not work on the W2K machine. It does work on a different
CE machine. (I have converted both to bytes so the CE machine is not
encrypting Unicode.)
For the first example, I have tried running it on both the systems and get
the same failure. My current thinking is that the is a security setting at
the OS level that is preventing me from exporting a key. If so, the sample
code should say something about it, but doesn't.
For the second, I have looked at the hash and found the hash was different
between the machines. I took the hash from one machine and force the hash in
the other machine to the same value. But that didn't help. I would force
the key but I can't get an exportable key.
Any ideas? As I said, I'm looking at the security settings to see if there
is something that could block me from making an exportable key.
-- Frank Perry LavaLeaf Software "Ryan Menezes [MSFT]" wrote: > Which encryption algorithm are you using and what are the default CSPs on > those machines ? > > Would definetely help if you can post some sample code. > > Thanks, > Ryan Menezes [MSFT] > > - > This posting is provided "AS IS" with no warranties, and confers no rights. > "Use of included script samples are subject to the terms specified at > http://www.microsoft.com/info/cpyright.htm" > > > > "Frank Perry" <FrankPerry@discussions.microsoft.com> wrote in message > news:03189DBD-7470-4C7A-97D3-50F68764BCED@microsoft.com... > > Howdy, > > > > I forgot to mention that I have both machines using 40 bit key lengths. > > > > -- > > Frank Perry > > LavaLeaf Software > > > > > > "Frank Perry" wrote: > > > >> Howdy, > >> > >> I have been using the sample code for encrypting and decrypting files. I > >> have no trouble using the password version to encrypt a file and decrypt > >> it > >> on the same machine. But when I move the file to a different machine > >> with a > >> different OS, it fails. The two OSs are W2K and CE. > >> > >> So far, I have found the the hash created from the same password is > >> different on the two machines. I have tried forcing the same hash on > >> both > >> machines but that doesn't get me anywhere either. I haven't seen the CE > >> side, but the KP_IV of the W2K side is all 0's. > >> > >> I would try transfering the key itself, but on a different problem, I > >> can't > >> get CryptGetUserKey to return a key. I am using the code from the > >> example > >> but nothing comes back. I get the error that there is no key. > >> > >> Are there any ideas about either of these problems? > >> > >> Thanks in advance. > >> -- > >> Frank Perry > >> LavaLeaf Software > > >
- Next message: noolyg_at_yahoo.com: "Creating certificate request with 2 Signers"
- Previous message: Eduardo Francos: "Querying ALT+CTRL+DEL policy"
- In reply to: Ryan Menezes [MSFT]: "Re: Decrypting on different platforms"
- Next in thread: Ryan Menezes [MSFT]: "Re: Decrypting on different platforms"
- Reply: Ryan Menezes [MSFT]: "Re: Decrypting on different platforms"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
