santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matthias Niggemeier"...@thias.de>
Subject RE: Problem with WinCAPICryptoProvider
Date Thu, 18 Aug 2005 08:03:41 GMT
Hi,
the code sample is in xsecplatformutils.cpp,
XSECPlatformUtils::Initialise

the line

XSECnew(g_cryptoProvider, XSEC_DEFAULT_PROVIDER);

creates a new WinCAPICryptoProvider, which throws the mentioned
error message in its constructor when the following call fails:

// Try to create
if (!CryptAcquireContext(&m_provApacheKeyStore,
	s_xsecKeyStoreName,
	provRSAName,
	m_provRSAType,
	dwFlags | CRYPT_NEWKEYSET)) {
throw XSECException(XSECException::InternalError,
	"WinCAPICryptoProvider() - Error obtaining generating internal key store for PROV_RSA_FULL");
}

The problem exists on WinXP, IE6 (only on one PC). The other PCs where
my app is running have the same configuration. This error is also
thrown on another PC running Win2000, IE6.

User rights: On the other machines, the users have no admin rights. So I think
the real problem is that the call before the cited fails:

	if (!CryptAcquireContext(&m_provApacheKeyStore,
		s_xsecKeyStoreName,
		provRSAName,
		m_provRSAType,
		dwFlags))

But why? Are admin rights needed for this call? I think not.

Regards

Matthias

> -----Original Message-----
> From: Milan Tomic [mailto:milan@setcce.org] 
> Sent: Thursday, August 18, 2005 8:08 AM
> To: security-dev@xml.apache.org
> Subject: RE: Problem with WinCAPICryptoProvider
> 
> Hi,
> 
> If it fails on a PC where user is logged on without admin rights then
> the solution is the same: don't use CRYPT_MACHINE_KEYSET flag.
> 
> Some additional info would help:
> - code sample
> - OS version
> - IE version
> 
> Hope it helps,
> Milan
> 
> 
> > -----Original Message-----
> > From: Matthias Niggemeier [mailto:M@thias.de] 
> > Sent: Wednesday, August 17, 2005 5:12 PM
> > To: security-dev@xml.apache.org
> > Subject: Problem with WinCAPICryptoProvider
> > 
> > 
> > Hi there!
> > When I start my application on a WinXP-PC at my customers, i 
> > get the following error:
> > 
> > WinCAPICryptoProvider() - Error obtaining generating internal key 
> > store for PROV_RSA_FULL
> > 
> > What can be wrong? I have no idea at the moment, since the 
> > app is running on 118 (identical) PCs without that message. I 
> > found on the archive that there is an issue when running as a 
> > service, but thats not true for my situation.
> > 
> > Regards
> > 
> > Matthias
> > 
> 


Mime
View raw message