Re: CryptAcquireContext _sometimes_ fails with NTE_PROVIDER_DLL_FAIL

From: Stephan Keil (Stephan.Keil_at_gmx.de)
Date: 11/23/05 

Date: Wed, 23 Nov 2005 10:05:56 +0100

Thanx, yes, I've tried CRYPT_VERIFYCONTEXT, but it didn't help. Finally
I solved the problem on the WinXP machines, now I am not using the
default container but a named one.
Here's what I do:

// create container if not already there
CryptAcquireContext(&hdl, _T("MyContainer"), MS_ENHANCED_PROV,
PROV_RSA_FULL, CRYPT_NEWKEYSET); // may fail if container already exists

// ... and somewhere later
CryptAcquireContext(&hdl, _T("MyContainer"), MS_ENHANCED_PROV,
PROV_RSA_FULL, 0); // should not fail

This works on WinXP, but on Win2003 Server SE I have the following effects:
1. When using these calls within the target application (huge MFC MDI
application with ComServer etc., but started as normal EXE) and the
rsaenh.dll shipped with Win2003 Server (version 5.2.3790.1830
(srv03_sp1_rtm.050324-1447)), the application silently closes without a
notice and return value 128
2. When using these calls within a test application (command line app),
they work just fine
3. Doing 1. with the rsaenh.dll from WinXP copied to Win2003 Server
(version 5.1.2600.2161 (xpsp.040706-1629)), the calls fail with
NTE_PROVIDER_DLL_FAIL (0x8009001D)
4. Doing 1. or 3. with a remote debugger connected to the application
(connected before the calls) the calls succeed

Any ideas?

Thanks & Regards, Stephan

lelteto wrote:
> Did you try CryptAcquireContext with CRYPT_VERIFYCONTEXT flag? If that works
> and your call doesn't that means you don't have default container on those
> systems.
>
> Laszlo Elteto
> SafeNet, Inc.
>
> "Stephan.Keil@gmx.de" wrote:
>
>
>>Hi,
>>
>>in a program I call
>> CryptAcquireContext(&hdl, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, 0)
>>which always succeeds on some machines (esp. WinXP), but fails on
>>others (Win2003 Server, but also other WinXP) with
>>NTE_PROVIDER_DLL_FAIL (0x8009001D).
>>I tried to remote debug the software on those machines but when using
>>the remote debugger the call succeeds :-o.
>>
>>I tried to track the problem with FileMon from SysInternals, which
>>shows me that in both cases the rsaenh.dll is looked up and found in
>>c:\windows\system32. At some time the access pattern changes but this
>>doesn't make sense to me (I can provide more details if necessary).
>>
>>Any hint what's going wrong here?
>>
>>Thx & Regards, Stephan
>>
>>

Relevant Pages

  • Re: Active directory discovery after SP1
    ... Have you configured the permissions correctly on the AD system container? ... >>Are you running Active Directory System Group Discovery? ... >>If you want machines you need to run Active Directory ... >>> Server name: servername.domain.fgov.be ...
    (microsoft.public.sms.admin)
  • Mangament studio hangs on db connection
    ... I'm having a very wierd problem with Management studio. ... Servers from my WinXP box running management studio without any ... when I try to log in the "connect to server" box just hangs. ... machines are able to connect to it using management studio. ...
    (microsoft.public.sqlserver.tools)
  • Re: [SLE] Duelling SAMBAs
    ... I have a central linux server that acts as a gateway to the internet ... home directories of each login. ... WinXP, Win98SE and Linux. ... I am unable to print to my HP printer that is connected to the WinXP machine. ...
    (SuSE)
  • Re: outlook express mail Retrieve problem
    ... Go to Tools | Folder Options | File Types. ... Choose 'Extract One File From Installation Disk' ("Expand File" for WinXP). ... and no more mails in mail server. ... then i delete all mail accounts, ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Applying active directory policies top winxp
    ... > I am a newbie as far as w2k server is concerned.i have set ... i have created active directory and i wish to ... > know how to apply group policies to winxp clients. ...
    (microsoft.public.windowsxp.security_admin)