SignTool fails with error 0x80092006 on Windows Server 2008

Hi all,   The other day a customer of mine was trying to sign a binary with SignTool.exe using the following command line on Windows Server 2008 SP2:   Signtool.exe sign /a /f “c:\mycert.pfx” /p  “password” /t “http://timestamp.verisign.com/scripts/timstamp.dll” “c:\temp\myFile.exe”   And SignTool failed with the following error:   SignTool Error: ISignedCode::Sign returned error: 0x80092006 No…

3

More on .NET CMS classes and SHA-2 algorithms

Hi all,   We don’t officially support the .NET CMS classes with SHA-2 algorithms. This won’t work on Vista and later with third-party CSPs, for instance: “An internal error ocurred” when using SHA-2 algorithms with SignedCMS “Invalid provider type specified” when using CNG providers with .NET CMS classes   But it will work on Vista…

0

"Invalid provider type specified" when using CNG providers with .NET CMS classes

Hi all, The other day a customer of mine got this exception when trying to use SignedCms and EnvelopedCms class with a CNG provider in their .NET 3.5 application: Exception type: System.Security.Cryptography.CryptographicExceptionMessage: Invalid provider type specified. They needed to use SHA-2 and AES algorithms with those CMS classes, and we already saw that we need a CNG…

0

"An internal error ocurred" when using AES algorithms with EnvelopedCms

Hi all, The other day a customer of mine got this exception when trying to use AES algorithms with EnvelopedCms class in their .NET 3.5 application: Exception type: System.Security.Cryptography.CryptographicExceptionMessage: An internal error occurred. They got the exception on Windows Vista SP2/Server 2008 SP2 and later versions when using using a third-party CSP. Why? EnvelopedCms class uses…

1

"An internal error ocurred" when using SHA-2 algorithms with SignedCMS

Hi all, The other day a customer of mine got this exception when trying to use SHA-2 algorithms with SignedCms class in their .NET 3.5 application: Exception type: System.Security.Cryptography.CryptographicExceptionMessage: An internal error occurred. They got the exception on Windows Vista SP2/Server 2008 SP2 and later versions when using using a third-party CSP. Why? SignedCMS class…

6

Do CNG certificates work on Windows XP?

Hi all, I posted some time ago about some issues that .NET 2.0/3.0/3.5 had with CNG certificates: “Invalid provider type specified” error when accessing X509Certificate2.PrivateKey on CNG certificates. This issue happened to us on Windows Vista/Server 2008 and later. But the weird thing is that if we tried the very same .NET code with the very same…

1

"Invalid provider type specified" error when accessing X509Certificate2.PrivateKey on CNG certificates

Hi all,  You may get the following exception when trying to access X509Certificate2.PrivateKey on a .NET 3.5 (or older) app: “System.Security.Cryptography.CryptographicException: Invalid provider type specified. at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()” When this happened to me,…

7

Working with CNG in .NET 3.5

Hi all,   Do you want to work with CNG and .NET 3.5 and don’t want to P/Invoke into CryptoAPI & CNG API? Check out Security.Cryptography.dll library at CLR Security: “Security.Cryptography.dll provides a new set of algorithm implementations to augment the built in .NET framework supported algorithms. It also provides some APIs to extend the existing framework…

1