Solved

Using CryptUnprotectData

Posted on 2008-06-24
3
1,214 Views
Last Modified: 2010-10-26
Hi,

I am using CryptprotectData and CryptUnprotectData to store user credentials in the registry. The CryptprotectData & CryptUnprotectData work fine when I pass the OUT datablob from the CryptprotectData to the CryptUnprotectData API immediately.
Things are different when I save the result of the CryptprotectData into a registry and read it later to decrypt it.  I think it has something to do with string format (WCHAR to BYTE*) but I seem to be converting it before passing it to the CryptUnprotectData API.

Here is my code -
WRReg.GetUserName(&szData);
			//LPCSTR lpData = W2A(szData);
			DATA_BLOB DataEncrypted;
			DataEncrypted.pbData = (BYTE*)(W2A(szData));
			DataEncrypted.cbData = 24;
			if(!CryptUnprotectData(&DataEncrypted,&pDescrOut,NULL,NULL,NULL,CRYPTPROTECT_UI_FORBIDDEN,&DataBlob) )
				return FALSE;

Open in new window

0
Comment
Question by:exchnerd
3 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 125 total points
ID: 21864292
data blobs are binary and should not be stored directly into the registry as strings but either filtered though bin64 or stored as a byte field. I think really you need to do a data fidelity test for diagnostics - store the blob, then immediately read it back and do a byte-by-byte comparison on the array to ensure what you read back matches what you stored.

this won't be an issue with the crypt, but with storing and retrieving binary data from the registry.
0
 

Author Closing Comment

by:exchnerd
ID: 31470151
Thanks for the input! It now works as expected :-)
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port 808 is being blocked 9 140
Setting up new vpn 15 73
URL to download Engenius BH-ENS202 firmware update 4 40
2950 switch not prompting username and password 4 28
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question