SignTool fails with error 0x80092006 on Windows Server 2008

Hi all,   The other day a customer of mine was trying to sign a binary with SignTool.exe using the following command line on Windows Server 2008 SP2:   Signtool.exe sign /a /f “c:\mycert.pfx” /p  “password” /t “http://timestamp.verisign.com/scripts/timstamp.dll” “c:\temp\myFile.exe”   And SignTool failed with the following error:   SignTool Error: ISignedCode::Sign returned error: 0x80092006 No…

3

More on .NET CMS classes and SHA-2 algorithms

Hi all,   We don’t officially support the .NET CMS classes with SHA-2 algorithms. This won’t work on Vista and later with third-party CSPs, for instance: “An internal error ocurred” when using SHA-2 algorithms with SignedCMS “Invalid provider type specified” when using CNG providers with .NET CMS classes   But it will work on Vista…


"Invalid provider type specified" when using CNG providers with .NET CMS classes

Hi all, The other day a customer of mine got this exception when trying to use SignedCms and EnvelopedCms class with a CNG provider in their .NET 3.5 application: Exception type: System.Security.Cryptography.CryptographicExceptionMessage: Invalid provider type specified. They needed to use SHA-2 and AES algorithms with those CMS classes, and we already saw that we need a CNG…


"An internal error ocurred" when using AES algorithms with EnvelopedCms

Hi all, The other day a customer of mine got this exception when trying to use AES algorithms with EnvelopedCms class in their .NET 3.5 application: Exception type: System.Security.Cryptography.CryptographicExceptionMessage: An internal error occurred. They got the exception on Windows Vista SP2/Server 2008 SP2 and later versions when using using a third-party CSP. Why? EnvelopedCms class uses…

1

"An internal error ocurred" when using SHA-2 algorithms with SignedCMS

Hi all, The other day a customer of mine got this exception when trying to use SHA-2 algorithms with SignedCms class in their .NET 3.5 application: Exception type: System.Security.Cryptography.CryptographicExceptionMessage: An internal error occurred. They got the exception on Windows Vista SP2/Server 2008 SP2 and later versions when using using a third-party CSP. Why? SignedCMS class…

6

Do CNG certificates work on Windows XP?

Hi all, I posted some time ago about some issues that .NET 2.0/3.0/3.5 had with CNG certificates: “Invalid provider type specified” error when accessing X509Certificate2.PrivateKey on CNG certificates. This issue happened to us on Windows Vista/Server 2008 and later. But the weird thing is that if we tried the very same .NET code with the very same…

1

"Invalid provider type specified" error when accessing X509Certificate2.PrivateKey on CNG certificates

Hi all,  You may get the following exception when trying to access X509Certificate2.PrivateKey on a .NET 3.5 (or older) app: “System.Security.Cryptography.CryptographicException: Invalid provider type specified. at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()” When this happened to me,…

7

Working with CNG in .NET 3.5

Hi all,   Do you want to work with CNG and .NET 3.5 and don’t want to P/Invoke into CryptoAPI & CNG API? Check out Security.Cryptography.dll library at CLR Security: “Security.Cryptography.dll provides a new set of algorithm implementations to augment the built in .NET framework supported algorithms. It also provides some APIs to extend the existing framework…

1