Crypt API (keylength under Windows 2000)

Crypt API (keylength under Windows 2000): Posted by T-Online on October 22nd, 2003; Hi!

During some experimental programming with the Crypt API under Win XP / 2000
I found some strange effect that I can't quite understand. I am using
CryptDeriveKey in order to get a key based on a fixed password for some
encryption operation. See the following snipped from my source code:

if(!CryptDeriveKey(hProv, CALG_RC2, hHash, 0x00800000 | CRYPT_NO_SALT,
&hKey)) {
ShowError();
return "";
}

While this works perfectly fine under Win XP, if I run it under Win 2000 I
will get an effective key size of only 40 (128 under XP - as expected). Same
results with 0x00380000 (56 bit under XP but only 40 bit under Win 2000).
Thats strange because with CryptGetProvParam (....PP_ENUMALGS_EX...) I get
the information that in both cases for RC2 there are key length of min = 40
and max = 128 bit supported. The default key size is 40 bit under Win 2000,
however, but I thought I would fix that by specifying the key length in the
call to CryptDeriveKey. Whats even stranger still is, that CryptDeriveKey
will return 'true' in both cases. Shouldn't it give me a hint if it does not
use the key size I've requested?

Could anybody clear that out, please?

Best Regards,

Tino Uhlig

Similar Posts

True Crypt Question (Software & Applications) by Elmira
Can't de-crypt using same login and machine (Security & Administration) by Jason
dirdisc.exe and crypt.exe (Virus & Worms) by Turan Fettahoglu
Archiving encrypted containers (Best Crypt) (Computers & Technology) by Use.Netuser.de
crypt Program in Java (Computer Security) by wonderer