Archived from groups: microsoft.public.win2000.security (More info?)
Hello there
I generated two certificate (from MS CA) with keys on my machine.
One cert has the AT_SIGNATURE usage in it and the other cert has the
AT_KEYEXCHANGE in it (and it is limited to Data/Key Encipherment
only). So basically the latter is for Data/Key Encipherment and the
former is for Signing/Verification.
As part of my project Requirments, I need to encrypt data with the
cert that has the AT_SIGNATURE key usage (ie the signing cert). I can
encrypt with this cert using the CAPI function CryptEncryptMessage.
When I try to decrypt using the CryptDecryptMessage I get a bad key
error message. Is this due to a limitation of the CSP that it will not
allow me to encrypt/decrypt using a certificate with Digital Signature
key usage only in it ? Is there an alternative to this using other
CAPI functions ?
thanks a lot for the help.
Ron.
Hello there
I generated two certificate (from MS CA) with keys on my machine.
One cert has the AT_SIGNATURE usage in it and the other cert has the
AT_KEYEXCHANGE in it (and it is limited to Data/Key Encipherment
only). So basically the latter is for Data/Key Encipherment and the
former is for Signing/Verification.
As part of my project Requirments, I need to encrypt data with the
cert that has the AT_SIGNATURE key usage (ie the signing cert). I can
encrypt with this cert using the CAPI function CryptEncryptMessage.
When I try to decrypt using the CryptDecryptMessage I get a bad key
error message. Is this due to a limitation of the CSP that it will not
allow me to encrypt/decrypt using a certificate with Digital Signature
key usage only in it ? Is there an alternative to this using other
CAPI functions ?
thanks a lot for the help.
Ron.
Facebook
Twitter
Instagram