|
|
|
date: Mon, 5 May 2008 17:31:01 -0700,
group: microsoft.public.platformsdk.security
back
Re: 3DES encryption with a byte array for the key
Hello David
According to the issue description, you are wondering the format of
SIMPLEBLOB, and the correct way to build a SIMPLEBLOB. Let me know if I
misunderstand it.
SIMPLEBLOB format is documented at the MSDN article:
http://msdn.microsoft.com/en-us/library/aa387765(VS.85).aspx
and about how to build a SIMPLEBLOB for CryptImportKey, I think a sample
code list will be helpful:
http://support.microsoft.com/kb/228786
Regarding the question: ¡°CryptDeriveKey will hash the key bytes instead of
just using them as is. Is there a way to do this with the Microsoft
cryptoAPIs?¡±, I am researching it and will get back to you as soon as
possible.
Regards,
Jialiang Ge (jialge@online.microsoft.com, remove ¡®online.¡¯)
Microsoft Online Community Support
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@microsoft.com.
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notifications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
"David Moore" <DavidNM@community.nospam> wrote in message
news:D9624219-DC84-4DCD-AF7F-0218DC99057E@microsoft.com...
> Hi,
> Here is what I'm trying to do. I'm trying to take the key /
> initialization vector from another system and use the MS crypto APIs to
> encrypt/decrypt data that has been handled by that key. I'm trying to use
> the 3DES encryption algorithm. I have a byte array that contains the
> plaintext key bytes and another array that contains the plaintext
> initialiation vector. I'd use CryptImportKey, but how do I build up a
> SIMPLEBLOB that contains the correct values? Also, CryptDeriveKey will
> hash
> the key bytes instead of just using them as is. Is there a way to do this
> with the Microsoft cryptoAPIs?
>
> Is there any documentation on how the encrypted key material is laid out
> in
> a SIMPLEBLOB for MS_ENHANCED_PROV, PROV_RSA_FULL, alg = CALG_3DES.
>
>
> -dave
date: Tue, 6 May 2008 18:59:51 +0800
author: Jialiang Ge [MSFT]
Re: 3DES encryption with a byte array for the key
Hello Jialiang Ge,
I will try building the SIMPLEBLOB structure as you have outlined below.
I'll report back if I have issues.
"Jialiang Ge [MSFT]" wrote:
> Hello David
>
>
>
> According to the issue description, you are wondering the format of
> SIMPLEBLOB, and the correct way to build a SIMPLEBLOB. Let me know if I
> misunderstand it.
>
>
>
> SIMPLEBLOB format is documented at the MSDN article:
>
> http://msdn.microsoft.com/en-us/library/aa387765(VS.85).aspx
>
>
>
> and about how to build a SIMPLEBLOB for CryptImportKey, I think a sample
> code list will be helpful:
>
> http://support.microsoft.com/kb/228786
>
>
>
> Regarding the question: ¡°CryptDeriveKey will hash the key bytes instead of
> just using them as is. Is there a way to do this with the Microsoft
> cryptoAPIs?¡±, I am researching it and will get back to you as soon as
> possible.
>
>
>
> Regards,
>
> Jialiang Ge (jialge@online.microsoft.com, remove ¡®online.¡¯)
>
> Microsoft Online Community Support
>
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> msdnmg@microsoft.com.
>
>
>
> ==================================================
>
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notifications.
>
>
>
> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
>
> Engineer within 1 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
>
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
>
> that require urgent, real-time or phone-based interactions or complex
> project analysis and dump analysis issues. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/subscriptions/support/default.aspx.
>
> ==================================================
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
> "David Moore" <DavidNM@community.nospam> wrote in message
> news:D9624219-DC84-4DCD-AF7F-0218DC99057E@microsoft.com...
> > Hi,
> > Here is what I'm trying to do. I'm trying to take the key /
> > initialization vector from another system and use the MS crypto APIs to
> > encrypt/decrypt data that has been handled by that key. I'm trying to use
> > the 3DES encryption algorithm. I have a byte array that contains the
> > plaintext key bytes and another array that contains the plaintext
> > initialiation vector. I'd use CryptImportKey, but how do I build up a
> > SIMPLEBLOB that contains the correct values? Also, CryptDeriveKey will
> > hash
> > the key bytes instead of just using them as is. Is there a way to do this
> > with the Microsoft cryptoAPIs?
> >
> > Is there any documentation on how the encrypted key material is laid out
> > in
> > a SIMPLEBLOB for MS_ENHANCED_PROV, PROV_RSA_FULL, alg = CALG_3DES.
> >
> >
> > -dave
>
>
>
date: Tue, 6 May 2008 06:30:09 -0700
author: David Moore am
Re: 3DES encryption with a byte array for the key
Hi,
I tried the sample code from the KB article inside my own test program and
when I tried to import the key at the bottom of the function, I got
err,hr 0x80090005 Bad Data. unsigned long
I'm going to try the original source for the sample program, unmodified and
see if it fails too.
-dave
"Jialiang Ge [MSFT]" wrote:
> Hello David
>
>
>
> According to the issue description, you are wondering the format of
> SIMPLEBLOB, and the correct way to build a SIMPLEBLOB. Let me know if I
> misunderstand it.
>
>
>
> SIMPLEBLOB format is documented at the MSDN article:
>
> http://msdn.microsoft.com/en-us/library/aa387765(VS.85).aspx
>
>
>
> and about how to build a SIMPLEBLOB for CryptImportKey, I think a sample
> code list will be helpful:
>
> http://support.microsoft.com/kb/228786
>
>
>
> Regarding the question: ¡°CryptDeriveKey will hash the key bytes instead of
> just using them as is. Is there a way to do this with the Microsoft
> cryptoAPIs?¡±, I am researching it and will get back to you as soon as
> possible.
>
>
>
> Regards,
>
> Jialiang Ge (jialge@online.microsoft.com, remove ¡®online.¡¯)
>
> Microsoft Online Community Support
>
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> msdnmg@microsoft.com.
>
>
>
> ==================================================
>
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notifications.
>
>
>
> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
>
> Engineer within 1 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
>
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
>
> that require urgent, real-time or phone-based interactions or complex
> project analysis and dump analysis issues. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/subscriptions/support/default.aspx.
>
> ==================================================
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
> "David Moore" <DavidNM@community.nospam> wrote in message
> news:D9624219-DC84-4DCD-AF7F-0218DC99057E@microsoft.com...
> > Hi,
> > Here is what I'm trying to do. I'm trying to take the key /
> > initialization vector from another system and use the MS crypto APIs to
> > encrypt/decrypt data that has been handled by that key. I'm trying to use
> > the 3DES encryption algorithm. I have a byte array that contains the
> > plaintext key bytes and another array that contains the plaintext
> > initialiation vector. I'd use CryptImportKey, but how do I build up a
> > SIMPLEBLOB that contains the correct values? Also, CryptDeriveKey will
> > hash
> > the key bytes instead of just using them as is. Is there a way to do this
> > with the Microsoft cryptoAPIs?
> >
> > Is there any documentation on how the encrypted key material is laid out
> > in
> > a SIMPLEBLOB for MS_ENHANCED_PROV, PROV_RSA_FULL, alg = CALG_3DES.
> >
> >
> > -dave
>
>
>
date: Tue, 6 May 2008 09:12:01 -0700
author: David Moore am
Re: 3DES encryption with a byte array for the key
Hi,
I have some more questions, is there any chance I could e-mail you directly?
-dave
"David Moore" wrote:
> Hi,
> I tried the sample code from the KB article inside my own test program and
> when I tried to import the key at the bottom of the function, I got
> err,hr 0x80090005 Bad Data. unsigned long
>
> I'm going to try the original source for the sample program, unmodified and
> see if it fails too.
>
> -dave
>
> "Jialiang Ge [MSFT]" wrote:
>
> > Hello David
> >
> >
> >
> > According to the issue description, you are wondering the format of
> > SIMPLEBLOB, and the correct way to build a SIMPLEBLOB. Let me know if I
> > misunderstand it.
> >
> >
> >
> > SIMPLEBLOB format is documented at the MSDN article:
> >
> > http://msdn.microsoft.com/en-us/library/aa387765(VS.85).aspx
> >
> >
> >
> > and about how to build a SIMPLEBLOB for CryptImportKey, I think a sample
> > code list will be helpful:
> >
> > http://support.microsoft.com/kb/228786
> >
> >
> >
> > Regarding the question: ¡°CryptDeriveKey will hash the key bytes instead of
> > just using them as is. Is there a way to do this with the Microsoft
> > cryptoAPIs?¡±, I am researching it and will get back to you as soon as
> > possible.
> >
> >
> >
> > Regards,
> >
> > Jialiang Ge (jialge@online.microsoft.com, remove ¡®online.¡¯)
> >
> > Microsoft Online Community Support
> >
> >
> >
> > Delighting our customers is our #1 priority. We welcome your comments and
> > suggestions about how we can improve the support we provide to you. Please
> > feel free to let my manager know what you think of the level of service
> > provided. You can send feedback directly to my manager at:
> > msdnmg@microsoft.com.
> >
> >
> >
> > ==================================================
> >
> > Get notification to my posts through email? Please refer to
> > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notifications.
> >
> >
> >
> > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> > where an initial response from the community or a Microsoft Support
> >
> > Engineer within 1 business day is acceptable. Please note that each follow
> > up response may take approximately 2 business days as the support
> >
> > professional working with you may need further investigation to reach the
> > most efficient resolution. The offering is not appropriate for situations
> >
> > that require urgent, real-time or phone-based interactions or complex
> > project analysis and dump analysis issues. Issues of this nature are best
> > handled working with a dedicated Microsoft Support Engineer by contacting
> > Microsoft Customer Support Services (CSS) at
> > http://msdn.microsoft.com/subscriptions/support/default.aspx.
> >
> > ==================================================
> >
> > This posting is provided "AS IS" with no warranties, and confers no rights.
> >
> >
> >
> > "David Moore" <DavidNM@community.nospam> wrote in message
> > news:D9624219-DC84-4DCD-AF7F-0218DC99057E@microsoft.com...
> > > Hi,
> > > Here is what I'm trying to do. I'm trying to take the key /
> > > initialization vector from another system and use the MS crypto APIs to
> > > encrypt/decrypt data that has been handled by that key. I'm trying to use
> > > the 3DES encryption algorithm. I have a byte array that contains the
> > > plaintext key bytes and another array that contains the plaintext
> > > initialiation vector. I'd use CryptImportKey, but how do I build up a
> > > SIMPLEBLOB that contains the correct values? Also, CryptDeriveKey will
> > > hash
> > > the key bytes instead of just using them as is. Is there a way to do this
> > > with the Microsoft cryptoAPIs?
> > >
> > > Is there any documentation on how the encrypted key material is laid out
> > > in
> > > a SIMPLEBLOB for MS_ENHANCED_PROV, PROV_RSA_FULL, alg = CALG_3DES.
> > >
> > >
> > > -dave
> >
> >
> >
date: Tue, 6 May 2008 13:06:02 -0700
author: David Moore am
Re: 3DES encryption with a byte array for the key
Hello Dave,
Sure, please feel free to email me directly. My mail address can be found
in my signature (don't forget to remove '.online').
And regarding the rror 0x80090005 Bad Data, here is a KB article that may
explain the problem:
http://support.microsoft.com/kb/331367
"If the application specifies this key size without the parity bits in the
upper 16 bits of dwFlags, the decryption does not succeed between Windows
XP and pre-Windows XP operating systems. Specifically, CryptDecrypt() does
not succeed and generates the 0x80090005 (NTE_BAD_DATA) error. To encrypt
and decrypt across Windows platforms, explicitly specify the key size that
corresponds to the Windows XP implementation in either the CryptDeriveKey()
function or the CryptGenKey() function (or in both functions). You can
specify the Windows XP key sizes for DES algorithms if you have the high
encryption pack installed on the earlier versions of the operating system. "
I am looking forward to your email.
Regards,
Jialiang Ge (jialge@online.microsoft.com, remove 'online.')
Microsoft Online Community Support
=================================================
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@microsoft.com.
This posting is provided "AS IS" with no warranties, and confers no rights.
=================================================
date: Wed, 07 May 2008 03:48:29 GMT
author: (Jialiang Ge [MSFT])
|
|
