Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 7 of 7

Thread: Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

  1. #1
    Join Date
    Mar 2013
    Posts
    4

    Question Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

    Hi,

    I want to decrypt an document with the matching private key under Windows high security conditions. But everytime the CSP asks for the password to grant access.

    I need to suppress the password dialog and insert the password programmatically.

    Spoiler:
    I have installed the X509 software certificate in certificate store under high security conditions. I fetched it as X509Certificates2 from store, encryption works, decryption works but password dialog appears. How can I set the password beforehand, so that it is already known by CSP and the access to private key operations will be granted, without password dialog?

    Full story:

    I tried following steps:
    1. Encryption with x509 software certificate (public key)
    The x509 certificate (cert) has been importet from the certificate store
    Code:
        Public Function EncryptWithCertPubKey(cert As System.Security.Cryptography.X509Certificates.X509Certificate2, data As Byte()) As Byte()
            Dim rsa As System.Security.Cryptography.RSACryptoServiceProvider = TryCast(cert.PublicKey.Key, System.Security.Cryptography.RSACryptoServiceProvider)
            Return rsa.Encrypt(data, True)
        End Function
    2. Decryption with x509 software certificate (private key)
    The password (certPass) was set when installing the certificate into the certificate store under high security conditions.
    The export to raw data seemed to be a way to do this and simutanously put in the password for suppressing the dialog.
    Code:
        Public Function DecryptWithCertKey(cert As System.Security.Cryptography.X509Certificates.X509Certificate2, certPass As String, data As Byte()) As Byte()
            Dim rawdata As Byte() = cert.Export(Security.Cryptography.X509Certificates.X509ContentType.Pkcs12, certPass)
            Dim cert2 As New System.Security.Cryptography.X509Certificates.X509Certificate2(rawdata, certPass)
            Dim rsa2 As System.Security.Cryptography.RSACryptoServiceProvider = TryCast(cert2.PrivateKey, System.Security.Cryptography.RSACryptoServiceProvider)
            Return rsa2.Decrypt(data, True)
        End Function
    But again the password dialog appears while accessing the private key when exporting, event though the pass is given already.
    Code:
    cert.Export(Security.Cryptography.X509Certificates.X509ContentType.Pkcs12, certPass)
    I found out that there is a Function in CSP-Parameters to preset the Password, so it should be already known for the CSP, and no dialog might appear if it works.
    i.e.:
    Code:
    Dim certPass As New System.Security.SecureString
    Dim cspp As New System.Security.Cryptography.CspParameters(1, "Microsoft Strong Cryptographic Provider")
    cspp.KeyPassword = certPass
    But I don't know how to handle it, because I have'nt found a way to insert CSP-Parameters to X509Certificates2, neither to RSACryptoprovider (while using X509Certificates2).

    Any help is appreciated.

  2. #2
    Join Date
    Jan 2006
    Location
    Chicago, IL
    Posts
    14,874

    Re: Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

    Hasn't worked since they reworked security certs, and the OS. You didn't specify, but, unless it's XP, it's understandable.
    David

    CodeGuru Article: Bound Controls are Evil-VB6
    2013 Samples: MS CODE Samples

    CodeGuru Reviewer
    2006 Dell CSP
    2006, 2007 & 2008 MVP Visual Basic
    If your question has been answered satisfactorily, and it has been helpful, then, please, Rate this Post!

  3. #3
    Join Date
    Mar 2013
    Posts
    4

    Re: Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

    Quote Originally Posted by dglienna View Post
    Hasn't worked since they reworked security certs, and the OS. You didn't specify, but, unless it's XP, it's understandable.
    Hi dglienna,

    thx for your answer. If I understand you right, there might be no way without Microsofts action?

    Is this function ([...].KeyPassword) really not implemented, but never the less listed in msdn?
    http://msdn.microsoft.com/de-de/libr...ypassword.aspx

    I'm using XP and Win7 64Bit, but on both platforms the password dialog appears.

    Kind regards,

    simplyaskin

  4. #4
    Join Date
    Jan 2006
    Location
    Chicago, IL
    Posts
    14,874

    Re: Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

    Did you see this? From your page

    Use the KeyPassword property to supply a password for a smart card key. When you specify a password using this property, a password dialog will not be presented to the user.
    David

    CodeGuru Article: Bound Controls are Evil-VB6
    2013 Samples: MS CODE Samples

    CodeGuru Reviewer
    2006 Dell CSP
    2006, 2007 & 2008 MVP Visual Basic
    If your question has been answered satisfactorily, and it has been helpful, then, please, Rate this Post!

  5. #5
    Join Date
    Mar 2013
    Posts
    4

    Re: Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

    Hi David,

    sorry, I quoted the wrong function. The function I already tried was:
    System.Security.Cryptography.X509Certificates.X509Certificate2.Export(Security.Cryptography.X509Certificates.X509ContentType.Pkcs12, <password>)
    This function is likewise mend to put in the password beforehand, but seems not to do the job. The password dialog appears nevertheless.

    The function I want to use is this function:
    System.Security.Cryptography.CspParameters.KeyPassword()
    But how to use it? I'd found no connection between CspParameters and X509Certificate2.

    It should be simple, but I do'nt know how to do it.

    Any idea?
    Attached Images Attached Images  
    Last edited by simplyaskin; March 26th, 2013 at 04:15 AM. Reason: formatting

  6. #6
    Join Date
    Jan 2006
    Location
    Chicago, IL
    Posts
    14,874

    Re: Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

    XP with SP3 is secure, as is Win7 x64 ( times TWO I'd guess)
    David

    CodeGuru Article: Bound Controls are Evil-VB6
    2013 Samples: MS CODE Samples

    CodeGuru Reviewer
    2006 Dell CSP
    2006, 2007 & 2008 MVP Visual Basic
    If your question has been answered satisfactorily, and it has been helpful, then, please, Rate this Post!

  7. #7
    Join Date
    Mar 2013
    Posts
    4

    Re: Decrypt docum. with x509Certificate2, preset passw. to suppress passw. dialog

    Maybe, but that's not the point.

    Does anybody know how to use an X509Certificate2 in conjunction with CspParameters, to use the KeyPassword property and suppress the password dialog?

    Help is appreciated.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Azure Activities Information Page

Windows Mobile Development Center


Click Here to Expand Forum to Full Width

This is a CodeGuru survey question.


Featured


HTML5 Development Center