CryptAcquireContext fails with ERROR_FILE_NOT_FOUND

Hi all, welcome back,

CryptAcquireContext API will fail with error #2 or ERROR_FILE_NOT_FOUND if:

1) the user's profile is not loaded, as we saw in my post RSACryptoServiceProvider fails when used with ASP.NET.

2) AppData registry value in the following registry key is not present or is misconfigured:

 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

As we saw in the other post I mentioned above, private keys are protected by DPAPI (Data Protection API). DPAPI needs to find the Application Data directory where the Master Key is stored. DPAPI will read the directory from AppData value and will use the Master Key to protect CryptoAPI private keys or EFS private keys, for instance.

 

Note that similar errors may occur for the same reasons:

1. CryptProtectData API fails with ERROR_FILE_NOT_FOUND.

2. Encrypting a file/folder with EFS via Windows Explorer fails with "The system cannot find the file file specified" .

 

Note that Security Bulletin MS04-011 changed the registry key where the path could be found. Previous one was in here:

 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders

 

I hope this helps.

Regards,

 

Alex (Alejandro Campos Magencio)