M
Mick
Guest
We’re having problems using symmetric encryption/decryption between a Vista
machine and an XP machine. We use the same code on all platforms, and it
works fine between XP, Win2K, and other systems, but when the data is
encrypted on a Vista machine, it cannot be decrypted successfully on an XP
machine. We get the correct number of decrypted bytes back, but they’re just
garbage.
We have a class that wraps calls to the crypto API. This isn’t the complete
code, just some pieces of the encryption process…
// We get a key container…
CryptAcquireContext(&hProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, 0);
// We create a hash object…
CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash);
// We hash the password…
CryptHashData(hHash, (byte*) password.c_str(), dwBytes, 0);
// We generate a session key…
CryptDeriveKey(hProv, m_nAlgorithm, hHash, 0, &hKey)
// Finally we encrypt the source data one chunk at a time …
CryptEncrypt(hKey, 0, bFinal, 0, pbBuffer, &dwBytes, dwBuffSize);
Basically, on Vista we encrypt some data using a known password, and then it
is passed to the XP machine using a socket. The XP machine attempts to
decrypt the data using the same key container, hash, algorithm, and password,
and the decryption fails.
If we encrypt data on Vista, it can successfully be decrypted on the Vista
machine.
If we encrypt data on XP, it can successfully be decrypted on the XP machine.
If we encrypt data on Vista, it can’t be decrypted on the XP machine.
I verified that the encrypted data sent from the Vista machine is received
intact at the XP machine. I also verified that the known password is the same
on both machines.
Any help will be greatly appreciated.
machine and an XP machine. We use the same code on all platforms, and it
works fine between XP, Win2K, and other systems, but when the data is
encrypted on a Vista machine, it cannot be decrypted successfully on an XP
machine. We get the correct number of decrypted bytes back, but they’re just
garbage.
We have a class that wraps calls to the crypto API. This isn’t the complete
code, just some pieces of the encryption process…
// We get a key container…
CryptAcquireContext(&hProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, 0);
// We create a hash object…
CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash);
// We hash the password…
CryptHashData(hHash, (byte*) password.c_str(), dwBytes, 0);
// We generate a session key…
CryptDeriveKey(hProv, m_nAlgorithm, hHash, 0, &hKey)
// Finally we encrypt the source data one chunk at a time …
CryptEncrypt(hKey, 0, bFinal, 0, pbBuffer, &dwBytes, dwBuffSize);
Basically, on Vista we encrypt some data using a known password, and then it
is passed to the XP machine using a socket. The XP machine attempts to
decrypt the data using the same key container, hash, algorithm, and password,
and the decryption fails.
If we encrypt data on Vista, it can successfully be decrypted on the Vista
machine.
If we encrypt data on XP, it can successfully be decrypted on the XP machine.
If we encrypt data on Vista, it can’t be decrypted on the XP machine.
I verified that the encrypted data sent from the Vista machine is received
intact at the XP machine. I also verified that the known password is the same
on both machines.
Any help will be greatly appreciated.