'CSP Versioning problem'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    CSP Versioning problem
From:       Walls Marcus <marcus.walls () ISS-OXYGEN ! CO ! UK>
Date:       1998-09-23 9:54:05
[Download RAW message or body]


I have a problem with interoperating version 1 and 2 of the MS Base CSP.

I have a client/server which exchanges sessions keys, using something
similar to the 3-phase key exchange protocol discussed in MSDN.

My server is WinNT 4.0 SP3 (CryptoApi2.0), and my clients are Win95.
My Win95 machines have either IE3.02, or are Win95 OSR2, or have IE4.
As such my Win95 machines have either CryptoApi1.0 or CryptoApi2.0.

My problem occurs when the Win95 machine is using version 1.0.  Both
client and server generate public/private key pairs and exchange them.
Both client and server successfully import each others public keys.

Then both client and server generate session keys, export them
(encrypting the blobs with the other end's public key) and swap them.

The server successfully imports the clients key, but the client
cannot import the servers key, giving NTE_BAD_DATA.  GetLastError()
returns ERROR_INVALID_PARAMETER.

The process works fine if the Win95 machine has IE4 installed.  Is
there a problem with what I'm doing?  My keys are created using
CryptGenKey(m_hProv, CALG_RC2, CRYPT_EXPORTABLE, &m_hKey) and
CryptGenKey(m_hProv, AT_KEYEXCHANGE, CRYPT_EXPORTABLE, &m_hKey),
and my cryptographic service provider handle is acquired using
CryptAcquireContext(&m_hProv, "String", MS_DEF_PROV, PROV_RSA_FULL, 0)

Should I be giving some other non-default options to CryptGenKey?

Also, is there a way I can get CryptoApi2.0 on Win95 without IE4?

Thanks very much in advance
Marcus

----------------------------------------------------------------
Users Guide http://www.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic