Re: AcquireCredentialsHandle returns SEC_E_UNKNOWN_CREDENTIALS
From: sunit (sunit_at_newsgroup.nospam)
Date: 10/28/05
- Previous message: joy: "Re: winlogon not loading 32 bit xxgina.dll in xp 64 bit"
- In reply to: John Banes: "Re: AcquireCredentialsHandle returns SEC_E_UNKNOWN_CREDENTIALS"
- Next in thread: sunit: "Re: AcquireCredentialsHandle returns SEC_E_UNKNOWN_CREDENTIALS"
- Reply: sunit: "Re: AcquireCredentialsHandle returns SEC_E_UNKNOWN_CREDENTIALS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 28 Oct 2005 23:07:30 +0530
Ah... ha Jone Banes a very well-known name in this news group
I was awaiting your reply.Finally u answered my query.Thanx for considering my problem.
I read ur replies to queries u posted in this news group in Google search.it really helped me
a lot.
["John Banes"] wrote l...
> The error code translates to NTE_PROV_TYPE_NO_MATCH, and it's no doubt
> returned from CryptAcquireContext. I've never seen this error code before--I
> thought I'd seen them all! In any case, it sounds like the KEY_PROV_INFO
> property on the server certificate is set incorrectly. Perhaps you changed
> the CSP type without changing the CSP name to match?
Yes u r right . there was mismatch b/w the CSP name and CSP type so an error was
returned by CryptoAcquireContext.(I added MS_DEF_PROV (CSP name) instead of
MS_DEF_RSA_SCHANNEL_PROV with PROV_RSA_SCHANNEL(Provider type))
so error code 0x8009001b was generated
>
> As to the original problem, the NTE_BAD_FLAGS error code also indicates a
> problem with the KEY_PROV_INFO property. Since this is a machine key the
> flags value should be set to 0x20 (CRYPT_MACHINE_KEYSET). No other flags are
> allowed.
>
Yah there was a problem in KEY_PROV_INFO property
/*here was the problem*/
CRYPT_KEY_PROV_INFO cryptprivkeyinfo;
cryptprivkeyinfo.dwFlags =CERT_SET_KEY_PROV_HANDLE_PROP_ID;
//if i removed this line then program executes with out any error.
I still have a doubt .I added this line because as mentioned in MSDN
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wcesecurity5/html/wce50lrfcryptkeyprovinfo.asp
it improves efficency as the CryptAcquireContext is called by viz CryptDecryptMessage internally.
so adding CERT_SET_KEY_PROV_HANDLE_PROP_ID will open handle for subsequent calls which
improves the efficency.
/*here is the code of Crypt AcquireContext*/
HCRYPTPROV hCryptProv=NULL;
//first check whether that container is present
if(!CryptAcquireContext(&hCryptProv,
_T("saysnetsoft"), //name of the key container
MS_DEF_RSA_SCHANNEL_PROV,
PROV_RSA_SCHANNEL,
CRYPT_MACHINE_KEYSET))
{
if(::GetLastError()==NTE_BAD_KEYSET)
{
::OutputDebugString(_T("key container doesnot exist "));
::OutputDebugString(_T("create the key container"));
// create the key container
if(!CryptAcquireContext(&hCryptProv,
_T("saysnetsoft"),
MS_DEF_RSA_SCHANNEL_PROV,
PROV_RSA_SCHANNEL,
CRYPT_NEWKEYSET|CRYPT_MACHINE_KEYSET ))
{
::OutputDebugString(_T("error key container couldnot be created"));
break;
}
else
{OutputDebugString(_TEXT("key container has been created"));
}
else
{
::OutputDebugString(_T("error in CryptAcquireContext"));
break;
}
}
else
{::OutputDebugString(_T("key container already exist"));
}
I am understanding why it is throwing error .Pls help me.Pls consider my query
If I want the key needs to be of type AT_SIGNATURE then can I use PROV_DH_SCHANNEL(provider type)
along with MS_DEF_DH_SCHANNEL_PROV
Thanx in advance.
- Previous message: joy: "Re: winlogon not loading 32 bit xxgina.dll in xp 64 bit"
- In reply to: John Banes: "Re: AcquireCredentialsHandle returns SEC_E_UNKNOWN_CREDENTIALS"
- Next in thread: sunit: "Re: AcquireCredentialsHandle returns SEC_E_UNKNOWN_CREDENTIALS"
- Reply: sunit: "Re: AcquireCredentialsHandle returns SEC_E_UNKNOWN_CREDENTIALS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
