?
Solved

Using CryptUnprotectData

Posted on 2008-06-24
3
Medium Priority
?
1,234 Views
Last Modified: 2010-10-26
Hi,

I am using CryptprotectData and CryptUnprotectData to store user credentials in the registry. The CryptprotectData & CryptUnprotectData work fine when I pass the OUT datablob from the CryptprotectData to the CryptUnprotectData API immediately.
Things are different when I save the result of the CryptprotectData into a registry and read it later to decrypt it.  I think it has something to do with string format (WCHAR to BYTE*) but I seem to be converting it before passing it to the CryptUnprotectData API.

Here is my code -
WRReg.GetUserName(&szData);
			//LPCSTR lpData = W2A(szData);
			DATA_BLOB DataEncrypted;
			DataEncrypted.pbData = (BYTE*)(W2A(szData));
			DataEncrypted.cbData = 24;
			if(!CryptUnprotectData(&DataEncrypted,&pDescrOut,NULL,NULL,NULL,CRYPTPROTECT_UI_FORBIDDEN,&DataBlob) )
				return FALSE;

Open in new window

0
Comment
Question by:exchnerd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 375 total points
ID: 21864292
data blobs are binary and should not be stored directly into the registry as strings but either filtered though bin64 or stored as a byte field. I think really you need to do a data fidelity test for diagnostics - store the blob, then immediately read it back and do a byte-by-byte comparison on the array to ensure what you read back matches what you stored.

this won't be an issue with the crypt, but with storing and retrieving binary data from the registry.
0
 

Author Closing Comment

by:exchnerd
ID: 31470151
Thanks for the input! It now works as expected :-)
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question