Re: CSP error
From: lelteto (lelteto_at_discussions.microsoft.com)
Date: 10/18/05
- Next message: Sam Hobbs: "Re: To detect weak or blank password?"
- Previous message: EP: "Re: Create a user and specify the SID?"
- Maybe in reply to: Doug Barlow: "Re: CSP error"
- Next in thread: lelteto: "Re: CSP error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 18 Oct 2005 09:37:08 -0700
You should check why the CALLER sets the (I think bad) phProv value. The
error may not be in your code but the test code in its CryptAcquireContext.
BTW when you write a CSP you should NOT just pass down everything -
specifically not the phProv parameter. What you need to do is ALLOCATE MEMORY
for whatever struct you will use for YOUR context and return the address (or
index or whatever way you can retrieve it for a later call) back to your
caller. In this struct you need to save the hProv value you got back from the
provider you called "down", ie. in your case you would add
typedef struct _MYCONTEXT {
HCRYPTPROV hGotProv;
// anything else you need to keep context
} MYCONTEXT, *PMYCONTEXT;
then in your function
PMYCONTEXT pNewContext;
HCRYPTPROV hMsProv;
and your call down will look like
pNewContext = malloc(sizeof(MYCONTEXT));
CryptAcquireContext(&hMsProv, ...)
pNewContext->hGotProv = hMsProv;
*phProv = pNewContext;
(I am lazy, left out the error checking code... You can add it.)
Laszlo Elteto
SafeNet, Inc.
"bender" wrote:
> Ok, i made a few changes to pass all the test cases of AquireContext. Now
> all my failures have to do with the "Parameter incorrect" error:
>
> BOOL WINAPI
> CPAcquireContext(
> HCRYPTPROV* phProv,
> CHAR* pszContainer,
> DWORD dwFlags,
> PVTableProvStruc pVTable
> )
> {
> //Ensure that we pass in the proper flags
> DWORD allowed = CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET |
> CRYPT_MACHINE_KEYSET | CRYPT_DELETEKEYSET | CRYPT_SILENT;
>
> //Ensure there are no invalid bits set
> if( (dwFlags & ~allowed) != 0x0 )
> {
> SetLastError( NTE_BAD_FLAGS );
> return FALSE;
> }
>
> //Ensure there are only valid combinations of options
> if( dwFlags == (CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET) || dwFlags ==
> (CRYPT_NEWKEYSET | CRYPT_DELETEKEYSET) ) {
> SetLastError( NTE_BAD_FLAGS );
> return FALSE;
> }
>
> if( pszContainer!= NULL && dwFlags == CRYPT_VERIFYCONTEXT ) {
> SetLastError( NTE_BAD_FLAGS );
> return FALSE;
> }
>
> //Set the proper container name
> CHAR* tempContainer;
> if( strlen(pszContainer) > MAX_PATH ) {
> tempContainer = NULL;
> }
> else {
> tempContainer = pszContainer;
> }
>
> return CryptAcquireContext( phProv, tempContainer, NULL, PROV_RSA_FULL,
> dwFlags );
> }
- Next message: Sam Hobbs: "Re: To detect weak or blank password?"
- Previous message: EP: "Re: Create a user and specify the SID?"
- Maybe in reply to: Doug Barlow: "Re: CSP error"
- Next in thread: lelteto: "Re: CSP error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
