M
mYsZa
Hi all!
I've got really strange (for me) problem:
I've got an application, that at startup decrypts some data. Everything
works fine - the rijndael key is decrypted using the
RSAPKCS1KeyExchangeDeformatter, and the deformatter is created basing on the
RSACryptoServiceProvider and on the RSA key pair stored in the machine key
store. But there is a problem - the application is a COM server, and when I
set it up using DCOMCNFG to be run by a particular user created at
installation, the rijndael key cannot be decrypted - the message is "bad
key". This happens only on the NT machine, W2k works fine... Any
suggestions?
I don't think this is a problem of permissions - the user that runs the
application is in the administrators group.
Maybe it is a problem, that the decryption is done using a COM object
written using C# (with ComVisible=true attribute) and called as a COM
library? Don't know why.
Here is the code:
CspParameters cspParams = new CspParameters(1);
cspParams.KeyContainerName = "mycontainername";
cspParams.KeyNumber = 1;
cspParams.ProviderName = "Microsoft Base Cryptographic Provider v1.0";
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider clientRSA;
try
{
clientRSA = new RSACryptoServiceProvider( cspParams );
clientRSA.PersistKeyInCsp = true;
}
catch( Exception ex )
{
System.Diagnostics.Debug.WriteLine( ex.Message );
return null;
}
RSAPKCS1KeyExchangeDeformatter pRSADef = new
RSAPKCS1KeyExchangeDeformatter( clientRSA );
RijndaelManaged rijndael = new RijndaelManaged();
try
{
rijndael.Key = pRSADef.DecryptKeyExchange( m_byteEncryptedRijndaelKey );
}
catch( Exception ex )
{
//here is the error!
System.Diagnostics.Debug.WriteLine( ex.Message );
return null;
}
I think the problem is with retrieving the key from the machine key store -
some debug logs i've made showed that the RSACryptoServiceProvider is not
initialized properly, but no exception is thrown then. As I mentioned - the
problem occurs only when the running user is different that the logged user
and only on the NT machine.
If you could give me any help...
TIA
I've got really strange (for me) problem:
I've got an application, that at startup decrypts some data. Everything
works fine - the rijndael key is decrypted using the
RSAPKCS1KeyExchangeDeformatter, and the deformatter is created basing on the
RSACryptoServiceProvider and on the RSA key pair stored in the machine key
store. But there is a problem - the application is a COM server, and when I
set it up using DCOMCNFG to be run by a particular user created at
installation, the rijndael key cannot be decrypted - the message is "bad
key". This happens only on the NT machine, W2k works fine... Any
suggestions?
I don't think this is a problem of permissions - the user that runs the
application is in the administrators group.
Maybe it is a problem, that the decryption is done using a COM object
written using C# (with ComVisible=true attribute) and called as a COM
library? Don't know why.
Here is the code:
CspParameters cspParams = new CspParameters(1);
cspParams.KeyContainerName = "mycontainername";
cspParams.KeyNumber = 1;
cspParams.ProviderName = "Microsoft Base Cryptographic Provider v1.0";
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider clientRSA;
try
{
clientRSA = new RSACryptoServiceProvider( cspParams );
clientRSA.PersistKeyInCsp = true;
}
catch( Exception ex )
{
System.Diagnostics.Debug.WriteLine( ex.Message );
return null;
}
RSAPKCS1KeyExchangeDeformatter pRSADef = new
RSAPKCS1KeyExchangeDeformatter( clientRSA );
RijndaelManaged rijndael = new RijndaelManaged();
try
{
rijndael.Key = pRSADef.DecryptKeyExchange( m_byteEncryptedRijndaelKey );
}
catch( Exception ex )
{
//here is the error!
System.Diagnostics.Debug.WriteLine( ex.Message );
return null;
}
I think the problem is with retrieving the key from the machine key store -
some debug logs i've made showed that the RSACryptoServiceProvider is not
initialized properly, but no exception is thrown then. As I mentioned - the
problem occurs only when the running user is different that the logged user
and only on the NT machine.
If you could give me any help...
TIA