CryptImport fails with ERROR_INVALID_PARAMETER on XP

Discussion in 'Security Software' started by Eric Cobber, Nov 8, 2010.

  1. Eric Cobber

    Eric Cobber Guest

    Hi there,

    I have a very strange problem happening on Windows XP (fully patched).
    I've created a small test program that imports a 1024 bit DSA private
    key through the CAPI function CryptImport(). My program works
    perfectly on both Windows Vista (32- and 64 bit, fully patched) and
    Windows 7 (32- and 64 bit, fully patched), but it fails with
    ERROR_INVALID_PARAMETER on Windows XP (32-bit).
    Can anyone explain why this is happening? I've tested my program on
    two different XP machines, and it fails on both of them.

    Here's fully functional example code. Just to compile if you like to:
    BYTE P[] = { 0xc7, 0x01, 0x48, 0xd1, 0x9d, 0x19, 0x03, 0x22,
    0xef, 0x2a, 0xd7, 0x61, 0x2b, 0xae, 0xf3, 0x75, 0xf6, 0x32, 0x91,
    0x16, 0x5a, 0x13, 0x54, 0x35, 0x02,
    0xc3, 0x1e, 0xc5, 0xd3, 0xf6,
    0x83, 0xfb, 0x04, 0x0f, 0x15, 0xa6, 0xa8, 0xc6, 0xe7,
    0x57, 0x3b, 0xf8, 0x1b, 0xc6, 0xb7,
    0xfe, 0xd7, 0xa9, 0xbb, 0x4f,
    0xc2, 0x22, 0x10, 0x7b, 0x04, 0xe8, 0x9f, 0x9f, 0xa4,
    0xa5, 0x50, 0x99, 0x6b, 0xb7, 0x60,
    0x66, 0xf2, 0x6f, 0x34, 0x1d,
    0x80, 0x3b, 0x81, 0xd7, 0x6c, 0x55, 0x9b, 0xcb, 0xf6,
    0x30, 0xba, 0xf5, 0xc5, 0xbf, 0xfa,
    0x58, 0x8d, 0x3d, 0x59, 0xfb,
    0x51, 0x22, 0x40, 0x5d, 0x45, 0x69, 0x26, 0x51, 0xb6,
    0x80, 0x3f, 0x1e, 0xc3, 0x00, 0x44,
    0xef, 0x3c, 0x52, 0xb7, 0x11,
    0xf6, 0xe7, 0xe4, 0xec, 0x2e, 0x9c, 0x4a, 0xdf, 0x52,
    0x29, 0x12, 0x75, 0x1d, 0x81, 0x53,
    0x7f, 0xfd };
    BYTE Q[] = { 0xf5, 0x1c, 0x58, 0xf0, 0x0b, 0x84, 0xeb, 0xa2,
    0xb9, 0x92, 0xb2, 0xcc, 0x0b, 0x23, 0x15, 0x8f, 0x50, 0x60, 0x97 };
    BYTE G[] = { 0x2a, 0x49, 0xcf, 0xfe, 0x3b, 0x4c, 0x01, 0x64,
    0x55, 0x7b, 0x80, 0x5e, 0x66, 0x8b, 0x92, 0x06, 0x9f, 0xe5, 0x5a,
    0xe1, 0xdf, 0x83, 0xa8, 0x89, 0x90,
    0x51, 0xa8, 0xbe, 0xf1, 0xa4,
    0xcc, 0x3b, 0x24, 0x01, 0x7a, 0x62, 0xfb, 0xf1, 0x62,
    0x35, 0x21, 0xfa, 0x0b, 0x7f, 0xa3,
    0x6e, 0x91, 0x75, 0xa6, 0xb3,
    0x2b, 0x1e, 0xae, 0xa3, 0xe0, 0x28, 0x8d, 0x7c, 0x54,
    0x8b, 0x7a, 0x16, 0x3c, 0xe1, 0xa6,
    0xc8, 0x8c, 0x32, 0x09, 0xcf,
    0xb7, 0x13, 0x16, 0x28, 0x4c, 0xe8, 0x23, 0x71, 0x16,
    0x49, 0xb4, 0x80, 0x81, 0x10, 0x07,
    0x71, 0xe6, 0x4f, 0x59, 0xd4,
    0xba, 0x8e, 0x57, 0x59, 0x51, 0x67, 0x82, 0x07, 0x3d,
    0x0b, 0x4c, 0x57, 0xf9, 0x82, 0xea,
    0x3a, 0xfa, 0xbb, 0xaf, 0x94,
    0x79, 0xb9, 0x57, 0xb8, 0x36, 0x5c, 0xab, 0xbc, 0xcb,
    0xde, 0x3d, 0x9b, 0xd6, 0x85, 0xa0,
    0xe1, 0xf7 };
    BYTE X[] = { 0x22, 0xb6, 0x17, 0x98, 0x44, 0x0b, 0x26, 0x4c,
    0x6a, 0x18, 0x8a, 0xed, 0x7e, 0xeb, 0x82, 0x64, 0xc2, 0x3c, 0x60 };

    HCRYPTPROV cspHandle = 0;
    HCRYPTKEY keyHandle = 0;
    BYTE* keyBlob = NULL;
    DSSPUBKEY dssPubKey;
    DSSSEED dssSeed;
    int index = 0;

    size_t keyBlobSize = sizeof(PUBLICKEYSTRUC) +
    sizeof(DSSPUBKEY) + 296
    + sizeof(DSSSEED);
    keyBlob = (BYTE*)malloc(keyBlobSize);

    pubKeyStruc.bType = PRIVATEKEYBLOB;
    pubKeyStruc.bVersion = CUR_BLOB_VERSION;
    pubKeyStruc.reserved = 0;
    pubKeyStruc.aiKeyAlg = CALG_DSS_SIGN;
    memcpy(keyBlob, &pubKeyStruc, sizeof(PUBLICKEYSTRUC));
    index = sizeof(PUBLICKEYSTRUC);

    dssPubKey.magic = 0x32535344; //Version 2.
    dssPubKey.bitlen = 1024;
    memcpy(keyBlob + index, &dssPubKey, sizeof(DSSPUBKEY));
    index += sizeof(DSSPUBKEY);

    memcpy(keyBlob + index, P, sizeof(P));
    index += sizeof(P);
    memcpy(keyBlob + index, Q, sizeof(Q));
    index += sizeof(Q);
    memcpy(keyBlob + index, G, sizeof(G));
    index += sizeof(G);
    memcpy(keyBlob + index, X, sizeof(X));
    index += sizeof(X);

    dssSeed.counter = 0xFFFFFFFF;
    memcpy(keyBlob + index, &dssSeed, sizeof(DSSSEED));

    if(!CryptAcquireContext(&cspHandle, NULL, L"Microsoft Enhanced
    and Diffie-Hellman Cryptographic Provider", PROV_DSS_DH,
    printf("Error, failed to acquire context. Error code:
    if(!CryptImportKey(cspHandle, keyBlob, keyBlobSize, 0,
    CRYPT_EXPORTABLE, &keyHandle))
    printf("Error, failed to import DSA key. Error code: %d
    printf("Test was successful.\n");

    Hope to hear from you soon. I would really apprecaite a solution to
    this one.

    Eric Cobber, Nov 8, 2010
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.