capicom

Capicom 3des: 2 key or 3 key?

Much searching and reading has not told me whether the capicom.encrypteddata class module (it's VB6, but that shouldn't matter in answering this question) is using 2-key 3DES or 3-key 3DES. (.Algorithm.Name = CAPICOM_ENCRYPTION_ALGORITHM_3DES) Anyone know which one it is using? A source of this information would also be helpful. I sus...

VB6: Capicom Crashes on WinXP

Any suggestions on figuring out this crash? The below code intermittently crashes between logging <part>14 and logging <part>15. Plaintext is a path string (in this case it is "C:\Documents and Settings\Brian\Desktop\Joy\", despite a clear lack of such joy. I have a sinking feeling this is a symptom of some sort of evil memory issue. ...

How to verify an exe/dll/sys is original from Microsoft?

I need some easy API to verify that a PE file is valid & Microsoft signed just like SignTool. Where should I start? Could this be done with CAPICOM? ...

How can I access Certificate ExtendedProperties using powershell?

If you open the properties window of a certificate in the certificate manager in windows you will see both a friendlyname and description field. I'm trying to get to the description field programatically via powershell. When accessing the certificates via powershell's certificate provider cert: you get an object that only exposes the F...

CAPICOM - Verify SignedCode is from a Trusted Publisher without UI

I'm using CAPICOM in a .NET 3.0 C# app to check an Authenticode signature on an exe file. I need to make sure that the certificate is listed as a Trusted Publisher. Using signedCode.Verify(true) will show a dialog if the certificate is not already trusted, so the user can choose whether or not to do so. However, signedCode.Verify(false) ...

Capicom Decryption in Linux.

I have a database that encrypted with windows CAPICOM library with RC4. Following PHP script works fine on windows server. ... $oCapiCapi = new COM("CAPICOM.EncryptedData"); $oCapiCapi -> Algorithm = 1; $oCapiCapi -> Algorithm -> KeyLength = 3; $oCapiCapi -> SetSecret('OURveRYSecretKey'); ... $oCapiCapi -> Decrypt($orsd[1]); $...

CAPICOM, sign document stored in DB

Is it possible to sign a document stored in DB on server using CAPICOM+javascript on client ? I´m developing web/intranet application. User need to attach his signature to document stored in server database - detached signature (p7s file) and upload this signature back on server. How to get document on client ? Is it possible to hash d...

How to use Microsoft PKCS#9 SignerInfo attributes in a Java application?

In http://msdn.microsoft.com/en-us/library/system.security.cryptography.pkcs(VS.85).aspx we can see that the following digital signature attributes are defined: Pkcs9ContentType Pkcs9DocumentDescription Pkcs9DocumentName Pkcs9MessageDigest Pkcs9SigningTime Of those, Pkcs9DocumentDescription and Pkcs9DocumentName are not present in th...

CAPICOM Decrypt() errors with "ASN1 bad tag value met"

I have a large amount of data encrypted with the CAPICOM library through our legacy VB6 applications. I need to access this data from a .Net 3.5 app but am getting the error: "ASN1 bad tag value met" when I call the Decrypt method. Google has been little help in tracking down decent code samples or explanations as to what this error me...

Replace CAPICOM with .NET, validate certificate

Hi My component is responsible for downloading files from the server. As part of file validation I have used CAPICOM (SignedCode object) to validate if a certificate contains a specific string and call to Validate method of the SignedCode object. In case the file contains certificate without a requested string in the name, user was prom...

Digital Signature using CAPICOM needs to be 1024 bits long

We are trying to sign documents using RSA-SHA1 hash. We have tried using the Crypt32 lib and we are getting signature (DS) length of 1024 bits (172 bytes after BASE-64) which is proper. When we try to do the same with CAPICOM, the length comes to be 2292 bytes (BASE-64). How can we have DS length of 172 while using CAPICOM? ...

Java MSCAPI Load KeyStore for only a specific Certificate

I am trying to grab a private key out of my Windows-MY keystore via MSCAPI. My keystore is protected by Entrust's ESP. Whenever i call keyStore.load(null,null); Entrust will prompt me to login to EVERY profile that is on my system. Does anyone know if it is possible to specify which KeyStore i would like to log into? I have tried specify...

Replacement for CAPICOM

Hi, all! Now CAPICOM is deprecated, and MSDN recommends to use .net classes from System.Security.Cryptography. But I have one Lotus Notes application, which using CAPICOM from LotusScript code (very similar to VisualBasic) for displaying certificates to users, and get some cert info (Subject and ValidToDate fields). How can I replace ...

Classic ASP vs. ASP.NET encryption options

I'm working on a web site where the new pages are ASP.NET and the legacy pages are Classic ASP. Being new to development in the Windows env, I've been studying the latest technology, i.e. .NET and I become like a deer in headlights when ever legacy issues come up regarding COM objects. Security on the website is an abomination, but I've...

Differences between CAPICOM TripleDES and System.Security.Cryptography TripleDES

I'm trying to move away from using CAPICOM since I can no longer use it (64-bit Windows 7 machine). The existing code for using TripleDES is like this: EncryptedDataClass cryptic = new EncryptedDataClass(); cryptic.Algorithm.Name = CAPICOM_ENCRYPTION_ALGORITHM.CAPICOM_ENCRYPTION_ALGORITHM_3DES; cryptic.SetSecret(secretKey, CAPICOM_SECR...

Get access to specific ADPU functions from cryptoApi or CAPICOM using 3rd party CSP

I have tried for the last 2 months without success and I think it's time I ask here. I have a smart card and got a CSP from my client. I have documents that describe APDU commands that I can (and know how to) run. I need to save small files (data) to the card like name, address, photo etc. And later on save certificates. In the docume...

.net parsing web page (ssl,capicom)

Here is the deal, i have key token on flash drive, i can access web page i need via browser, now i need to parse page from my winforms application on c#. By httpresponse and request i get error page. Webpage is using capicom for authentification. How can i parse such page? ...

What is CAPICOM DES doing under the hood?

I found a link that explains what CAPICOM does for 3DES (Understanding Capicom), but I'm not sure if this is directly applicable to the single DES algorithm that CAPICOM does. It seems that CAPICOM does some proprietary stuff to derive the actual key it uses to encrypt. It also puts a lot of header information in front of the encrypted ...