EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Two questions.

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#2458
Posted: 03/07/2007 17:31:43
by Stanko Milošev (Standard support level)
Joined: 10/08/2006
Posts: 37

I need to decrypt XML in Windows 2000 using certificate from windows storage, which I found over serial number of certificate. All the time I get an error "Invalid key material".

Problem is in this line:

_Decryptor.KeyEncryptionKeyData := _X509KeyData

In WindowsXP works perfectly.

Second, if I need to use option "build with runtime packages", then we need also to deploy designide.bpl, beside SBB bpl's, and in according to Borland License Terms on deploying Delphi 7 applications we are not allowed to do this. So, please, if it is possible, in next version create two bpl's, one for designtime (which is using designide.bpl) and one for runtime (which I can to deploy and which doesn't have dependency on designide).

I am using Delphi 7, VCL Version 5.0.106 version of SBB.

Thank you.
#2460
Posted: 03/08/2007 01:27:35
by Eugene Mayevski (EldoS Corp.)

1. There can be many reasons for this error. Most likely the certificate's private key can't be accessed in the storage. Please try to step into the assignment line in your source code and check the call stack when the error happens.

2. You can build your own packages if you have the source code. This is better as you can include only the necessary units.


Sincerely yours
Eugene Mayevski
#2466
Posted: 03/08/2007 16:41:32
by Stanko Milošev (Standard support level)
Joined: 10/08/2006
Posts: 37

I am using same certificate for signature, from windows storage, with similiar code.

What I found in procedure procedure TElBuiltInCryptoContext.Init(Algorithm: integer; Mode: integer;
Key: TElCustomCryptoKey; Params : TElCPParameters);

on

FSymCrypto.KeyMaterial := Key;

Debuger give me

procedure TElBuiltIn3DESSymmetricCrypto.SetKeyMaterial(Material : TElCustomCryptoKey);

and on

if (Length(Material.Value) <> 24) then
raise EElSymmetricCryptoError.Create(SInvalidKeyMaterial);

I get exception.

Also in Init procedure I tried

if key.IsValid then
ShowMessage('Ok');
I get message that Key is valid.

I don't no where to search anymore, I need help.

Problem is that in WindowsXP my code work perfectly, with certificate I guess is nothing wrong, since with same certificate from windows storage I can sign document, using sample from EldoS.

Also, there is no sample for Encrypting/Decrypting document using windows storage.
#2467
Posted: 03/08/2007 16:55:46
by Ken Ivanov (EldoS Corp.)

Quote
I get exception.

Would you be so kind to provide also the call stack that takes place when the exception is thrown?
#2468
Posted: 03/08/2007 17:19:16
by Stanko Milošev (Standard support level)
Joined: 10/08/2006
Posts: 37

I am sorry I didn't understand first time.

Before exception:

TElBuiltIn3DESSymmetricCrypto.SetKeyMaterial($F787C0)
TElBuiltInCryptoContext.Init(28675,???,$F787C0,nil)
TElBuiltInCryptoContext.Create(28675,2,$F787C0,$F786B8,nil)
TElBuiltInCryptoProvider.DecryptInit(28675,2,$F787C0,nil,nil,nil)
TElSymmetricCrypto.InitializeDecryption
TElSymmetricCrypto.Decrypt($1080520,4704,$F788D8,4704)
TElXMLDecryptor.DecryptData(???,???,xem3DES)
TElXMLDecryptor.InternalDecrypt($DBA5E4)
TElXMLDecryptor.Decrypt(???)
Dekriptuj('C:\Trinet\Kriptonit\Xml\data-0000.xml','','C:\Trinet\Kriptonit\Xml\data-0000-dec-out.xml','','EncryptedData',???,False)
DekriptujSer('02 A8 29','MY','C:\Trinet\Kriptonit\Xml\data-0000.xml','C:\Trinet\Kriptonit\Xml\data-0000-dec-out.xml','EncryptedData',atCurrentUser,False)
TfxmlSBB.btnDeKriptujSerClick(???)
TfMain.btnSBBClick(???)
Kriptonit

On exception:

TElBuiltIn3DESSymmetricCrypto.SetKeyMaterial(???)
TElBuiltInCryptoContext.Init(28675,???,$F787C0,nil)
TElBuiltInCryptoContext.Create(28675,2,$F787C0,$F786B8,nil)
TElBuiltInCryptoProvider.DecryptInit(28675,2,$F787C0,nil,nil,nil)
TElSymmetricCrypto.InitializeDecryption
TElSymmetricCrypto.Decrypt($1080520,4704,$F788D8,4704)
TElXMLDecryptor.DecryptData(???,???,xem3DES)
TElXMLDecryptor.InternalDecrypt($DBA5E4)
TElXMLDecryptor.Decrypt(???)
Dekriptuj('C:\Trinet\Kriptonit\Xml\data-0000.xml','','C:\Trinet\Kriptonit\Xml\data-0000-dec-out.xml','','EncryptedData',???,False)
DekriptujSer('02 A8 29','MY','C:\Trinet\Kriptonit\Xml\data-0000.xml','C:\Trinet\Kriptonit\Xml\data-0000-dec-out.xml','EncryptedData',atCurrentUser,False)
TfxmlSBB.btnDeKriptujSerClick(???)
TfMain.btnSBBClick(???)
Kriptonit
#2469
Posted: 03/08/2007 17:29:33
by Ken Ivanov (EldoS Corp.)

Thank you. We will try to reproduce the issue in our conditions and answer you as soon as possible.

Just one more question -- would you be so kind to specify the software that was used to encrypt the file? Was it SBB or some other tool?
#2470
Posted: 03/08/2007 17:43:16
by Stanko Milošev (Standard support level)
Joined: 10/08/2006
Posts: 37

I tried with SBB.

#2471
Posted: 03/09/2007 02:02:13
by Ken Ivanov (EldoS Corp.)

The problem really does exist. It seems that cryptographic providers included to Windows 2000 do not understand encrypted 3DES keys. We will perform a deeper investigation of the issue and try to implement a workaround for the next build update.
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 3134 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!