?
Solved

Inserting Encrypted String in Registry

Posted on 2003-03-25
4
Medium Priority
?
240 Views
Last Modified: 2008-02-26
Hello Everybody,

I am using CryptoAPI in VB to encrypt a string. The encryption is working very perfectly (Thanks to Davis Chapman's book).

Now the problem is to insert this string into Registry. I am using the API RegSetKeyValueEx to set the string. For eg. I want to set the String value EDate as the encrypted string. This EDate is in HKEY_LOCAL_MACHINE\SOFTWARE\Synx\ExpiryDate. The encrypted string is actually the expiry date for my activex control. In every initialize I read and decrypt this string to check the expiry date. If it has expired, my activex control locks itself and does not work untill the customer pays me for renewal. The API is not allowing me to write the Encrypted String. The .reg file is also not working. It writes simple string not the string with special characters. According to WinError.h the Error Code that returns is Access Denied (Error no 5).

Please tell me what I am doing is proper or is there a better way to do it?

Regards
Madhur
0
Comment
Question by:hmadhur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 28

Expert Comment

by:vinnyd79
ID: 8202764
It sounds like a permissions issue.Does it work if the user is logged in as administrator?
0
 
LVL 3

Expert Comment

by:Jonyv
ID: 8202795
Perhaps you should try to store the string as binary data (REG_BINARY) instead. This might work better if the encrypted string contains non-printable characters
0
 
LVL 3

Accepted Solution

by:
emadat earned 1000 total points
ID: 8203352
First:
When you encrypt data; you might get a character with ASCII value of 0 in your encrypted string. Although the string will be fully accessible from VB; when you try to pass this string to an API call it will ignore all the characters starting from that character till the end. This is because API functions expects ASCIZ which is simply a string terminated by character #0.

Their is a simple and nice solution for this:
We convert each character of the string into its 2 character hexadecimal representation.
Example:
Imagine an encrypted string containing two characters:
S = Chr(0) & "A"
The hexadecimal representation for this string will be "0041" which is a fully qualified string.

Here are two functions to convert to and from HexaDecimal Representation:
'=====================================================
Function ToHex(strIn As String) As String
Dim I%, sTemp, sResult
    If Len(strIn) = 0 Then
        ToHex = ""
        Exit Function
    End If
    sResult = ""
    For I = 1 To Len(strIn)
        sTemp = Hex(Asc(Mid(strIn, I, 1)))
        If Len(sTemp) < 2 Then sTemp = "0" & sTemp
        sResult = sResult & sTemp
    Next I
    ToHex = sResult
End Function
'=====================================================
Function FromHex(strIn As String) As String
Dim I%, sTemp, sResult
    If Len(strIn) = 0 Then
        FromHex = ""
        Exit Function
    End If
    sResult = ""
    For I = 1 To Len(strIn) Step 2
        sTemp = "&H0" & Mid(strIn, I, 2)
        sResult = sResult & Chr(CInt(sTemp))
    Next I
    FromHex = sResult
End Function
'=====================================================

Second, "Access Denied" may be caused by access rights of the user accessing the registery.

Some parts of the registery are restricted to users with Administrator privilege only. Others are available for all users.
Check the following link for more information: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/registry_key_security_and_access_rights.asp

Regards
0
 
LVL 1

Author Comment

by:hmadhur
ID: 8208636
Hi emadat,
Thanks for the help. Even though the Access Denied is still there, the .reg merge file is working. I went through the MSDN articles. But they are a bit dangerous settings to play with because the user will have some previleges to access the registry and modify it. So better use the .reg merge file. :~)

Thanks and Regards
Madhur
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When designing a form there are several BorderStyles to choose from, all of which can be classified as either 'Fixed' or 'Sizable' and I'd guess that 'Fixed Single' or one of the other fixed types is the most popular choice. I assume it's the most p…
You can of course define an array to hold data that is of a particular type like an array of Strings to hold customer names or an array of Doubles to hold customer sales, but what do you do if you want to coordinate that data? This article describes…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…
Suggested Courses
Course of the Month12 days, 5 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question