DPAPI implemented in Crypt32.dll

From: Alan Croston (anonymous_at_discussions.microsoft.com)
Date: 02/26/04 

Date: Thu, 26 Feb 2004 07:40:09 -0800

Greetings all,

This is fun (I had hair when I discovered this yesterday,
none today!)

I have implemented a file encryption solution using
windows XP. this uses DPAPI and calls it via a COM object
I obtained. I then make calls to this COM object like
Encrypt(blob, filepath) and Decrypt(filepath, filename).

This works great on windows xp. I have tested encryption
on files up to 120 MB. I can also decrypt these files
(Very useful lol!)

However, i moved the code onto windows 2000 server and
the call to the Crypt32.dll fails with "Automation Error:
Remote Procedure Call Failed". It only does this when I
try to encrypt files over about 300 kbytes. Anything less
than 300 kbytes works great! Why does it fail when it
works fine on xp?

I have checked the versions of the dlls and XP has a
later (larger in size) version of the Crypt32.dll, so
obviously there were changes between 2000 and XP possibly
impacting the implementation of the DP API.

2000 version 5.131.2195.6661 (Supplied with 2000 SP4)
XP version 5.131.2600.1106 (Supplied with XP SP1)

I have checked my code and produced versions that allow
me to debug right up to the point where the DPAPI method
Encrypt / Decrypt is called from my Visual Basic 6 code.
The method is called... there is a pause... and the when
I get the err.getLastDLLError I get the RPC failed
message. So I am 99.999% sure that the version of Crypt32
is to blame.

Can anyone tell me what is happening? Is there any way
that I can get around this problem e.g. coping the
Crypt32.dll over from XP to 2000? Will that work? Can I
upgrade the 2000 Crypt32 dll?

The really frustrating thing is that there is hardly any
info on DPAPI on the internet at all and even less of
Crypt32.dll problems. Surely I cannot be the only person
on the planet using DPAPI to encrypt / decrypt files!!!
(Knowing my current luck I am! lol)

Anyway, something for you guys to ponder over if you get
the chance. I would appreciate anyones info that may help
me to resolve this!

Thanks in anticipation

Regards

Alan Croston

Relevant Pages

  • DPAPI implementation problems
    ... I have been referred from the 2000 server forum to here ... this uses DPAPI it calls via a Visual Basic ... Windows XP problem ... Encrypt / Decrypt is called from my Visual Basic 6 code. ...
    (microsoft.public.platformsdk.security)
  • Encryption bugs with DPAPI
    ... I have been referred from the 2000 server forum to here ... this uses DPAPI it calls via a Visual Basic ... Windows XP problem ... Encrypt / Decrypt is called from my Visual Basic 6 code. ...
    (microsoft.public.platformsdk.security)
  • Re: How to decrypt files after reinstalling of WinXP??
    ... nothing you can do to decrypt your files. ... > I've encrypt my project files on my windows XP. ... It kept saying access is denied. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Encryption Key Question
    ... Here's a very quick explanation of how DPAPI works in Windows. ... > used to encrypt the user's secrets. ... the master key can not be decrypted. ... > that there are no universal solutions in security. ...
    (Security-Basics)
  • Re: DPAPI implemented in Crypt32.dll
    ... The DPAPI API for encrypting data is CryptProtectData. ... > Encrypt / Decrypt is called from my Visual Basic 6 code. ...
    (microsoft.public.win2000.security)