News  [SoftwareSite

Latest News
Older News
RSS Feed
 
Complete Projects
Useful Classes
Top Downloads
Message Board
AllAPI.net
 
Send Comments
Software License
Mentalis.org Buttons
Donate
 
Forums -> Security Library Forum
 
Bad Key in Windows 98/NT4.0  
by Marian Dvorsky [marian at step dot sk]
posted on 2004/08/04

Hello,

I'm not sure whether this is the issue in the seclib library, but I post this question here, since I did not find anything about it on other forums.

In our project, we generate certificate requests using XEnroll. We use MS Enhanced provider and not-exportable keys (ie. GenKeyFlags==0; this is important thing here, because it works with exportable certificates). Then we use seclib to load this certificate from certstore, where xenroll saves it. Operations involving only public key (encrypting/verifying) work as expected, but when we try to decrypt/sign something, we get the following exception:
System.Security.Cryptography.CryptographicException: Bad Key.
at System.Security.Cryptography.RSACryptoServiceProvider._DecryptKey(IntPtr hCSP, IntPtr hPubKey, Byte[] rgbKey, Int32 dwFlags)
at System.Security.Cryptography.RSACryptoServiceProvider.Decrypt(Byte[] rgb, Boolean fOAEP)
...

Everything works in Windows 2000 and Windows XP but in Windows 98 and Windows NT 4.0, we have to generate exportable certificates. Any ideas?

Thanks.

Marian

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2004/08/05

Yes, we're aware of that problem but unfortunately we can't do anything about it; it's a bug in the RSACryptoServiceProvider class. We've notified Microsoft about this and they promised to fix it in .NET 2.0.

If you really need to work with these nonexportable RSACryptoServiceProvider keys, you can use the hack we used for our SSL library (we initially had the same problem as you). Look for the RSAKeyTransform.cs class in the security library source code.

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2004/08/05

P.S. also make sure you have the latest version of Internet Explorer installed. IE contains several cryptography upgrades.

 

Copyright © 2002-2007, The Mentalis.org Team. All rights reserved.
This site is located at http://www.mentalis.org/
Send comments to the webmaster.