Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
platform
active.directory
adsi
adsi.iis-admin
base
com_ole
complus_mts
component_svcs
database
directx
gdi
graphics_mm
internet.client
internet.server
internet.server.isapi-dev
localization
mapi
messaging
msi
mslayerforunicode
multimedia
networking
networking.ipv6
sdk_install
security
shell
telephony.tapi_2
telephony.tapi_3
telephony.tsp
telephony.wte
tools
ui
ui_shell
win_base_svcs
win16
  
 
date: Tue, 10 Jun 2008 01:17:00 -0700,    group: microsoft.public.platformsdk.security        back       


CryptEncrypt - Inconsistent behaviour with duplicate strings in Vi    
We are currently investigating becoming vista compliant and have come across 
an issue that we're not entirely certain we can fix.

We've noticed an inconsistency when trying to encrypt duplicate strings 
(this was found in testing), in that the CryptEncrypt function (in wincrypt) 
simply isn't failing with duplicate data like it's expected to.

Testing the same code in XP, the function fails as expected with the error 
code: NTE_DOUBLE_ENCRYPT -2146893806, so we were wondering if this was a bug 
that anyone else has encountered or whether it was an issue with our code. 
Any help would be much appreciated.

I'll post the code to be thorough (cutting out superfluous information):


   HCRYPTPROV hProv = 0;

   if 
(CryptAcquireContext(&hProv,NULL,MS_DEF_PROV,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT) 
      || 
CryptAcquireContext(&hProv,NULL,MS_DEF_PROV,PROV_RSA_FULL,CRYPT_NEWKEYSET)) 
   {
      ASSERT(hProv);

      HCRYPTHASH hHash = 0;
      if (CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) 
      {
         ASSERT(hHash);

         DWORD nPasswordLen = 0;
         if (Password)
            nPasswordLen = _tcslen(Password);

         if (CryptHashData(hHash, (PBYTE)Password, nPasswordLen, 0)) 
         {
            HCRYPTKEY hKey = 0;
            if (CryptDeriveKey(hProv, CALG_RC2, hHash, 0, &hKey))
            {
               ASSERT(hKey);

               PBYTE pnt = (PBYTE)pData;
               PBYTE pResults = (PBYTE)ACQMemMalloc(10*Size);
               ASSERT(pResults);
               PBYTE pResPnt = pResults;
               long Done = 0;
               *ResSize = 0;

               DWORD CIPHBlockSize = 0;
               DWORD Length;

               if 
(!CryptGetKeyParam(hKey,KP_BLOCKLEN,(PBYTE)&CIPHBlockSize,&Length,0))
                  CIPHBlockSize = Size; // try whole lot in one call

               PBYTE pBuffer = (PBYTE)ACQMemMalloc(CIPHBlockSize + 1000);
               ASSERT(pBuffer);

               DWORD Count;
               do 
               {
                  int BlockSize = (Size-Done)> (int) CIPHBlockSize ? 
CIPHBlockSize : Size-Done;

                  if (BlockSize<=0) 
                     break;
                  memcpy(pBuffer,pnt,BlockSize);
                  Done += BlockSize;
                  Count = BlockSize;

                  if (Crypt) {
                     if (!CryptEncrypt(hKey, 0, (Size-Done)<=0, 0, pBuffer, 
&Count, 1000 + CIPHBlockSize)) {

...

This call to CryptEncrypt is where the inconsistent results are arising.
date: Tue, 10 Jun 2008 01:17:00 -0700   author:   acquire

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us