View previous topic :: View next topic |
Author |
Message |
jcwiese Guest
|
Posted: Mon Dec 12, 2005 5:19 pm Post subject: License error with registry access |
|
|
Currently, in our application, we have the user login to our application as them selves, but based on the configuration, the application may call CreateProcessAsUser() (via the Win32 API funtion). When the new process lauches, the EvalMonitor (?) class reports that the license has expired (note: this is our translation of the 'license is invalid'). I believe that this is due to the fact that it has a problem accessing certain registry keys as UserB while logged in as UserA.
Any ideas / suggestions on how to solve this? |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Mon Dec 12, 2005 10:02 pm Post subject: |
|
|
As a minimum the evaluation monitor class requires permission to access the HKEY_CURRENT_USER hive of the registry. You will get more obscurity if it has access to the KEY_CLASSES_ROOT - but it is not required. _________________ Infralution Support |
|
Back to top |
|
|
jcwiese@yahoo.com Guest
|
Posted: Mon Dec 12, 2005 11:49 pm Post subject: EncryptedLicenseProvider.ValidateLicenseKey() |
|
|
It seems that EncryptedLicenseProvider.ValidateLicenseKey() is returning null even though it is passed a valid key (I put in a Trace statement to verify this). Do you have any ideas why this would return null? |
|
Back to top |
|
|
jcwiese@yahoo.com Guest
|
Posted: Mon Dec 12, 2005 11:50 pm Post subject: |
|
|
NOTE: I called
EncryptedLicenseProvider.SetParameters(LICENSE_PARAMETERS);
... right before the ValidateLicenseKey(), so I know that this value is passed each time. |
|
Back to top |
|
|
jcwiese Guest
|
Posted: Mon Dec 12, 2005 11:58 pm Post subject: Error: CryptoAPI cryptographic service provider (CSP) for th |
|
|
Ok, it seems that I've tracked it down, the following error is occurring:
Error: CryptoAPI cryptographic service provider (CSP) for this implementation could not be acquired.
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
at System.Security.Cryptography.RSACryptoServiceProvider..ctor()
at Infralution.Licensing.EncryptedLicenseProvider.LoadLicense(LicenseContext context, Type type, String licenseKey) in c:\src\infralution 2.1.2\source\infralution.licensing\encryptedlicenseprovider.cs:line 618 |
|
Back to top |
|
|
Guest
|
Posted: Tue Dec 13, 2005 12:10 am Post subject: |
|
|
Ok, I figured it out. The whole problem is because Infralution is desinged to use the USER's profile for the RSA keys as noted in :
http://support.microsoft.com/kb/q322371/
However, if I change lines 616 - 621 in EncryptedLicenseProvider.cs to the following, it works just fine:
// validate that the password matches what the client is expecting
//
CspParameters cspParams = new CspParameters();
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider( cspParams );
rsa.FromXmlString(_rsaParameters); |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Tue Dec 13, 2005 6:05 am Post subject: |
|
|
The latest version of the code actually does set the UseMachineKeyStore flag in Environment.Interactive is false which is generally when you can't use the users profile. You should have received this by email if you are a customer. _________________ Infralution Support |
|
Back to top |
|
|
jcwiese@yahoo.com Guest
|
Posted: Tue Dec 13, 2005 2:58 pm Post subject: Change to API? |
|
|
I can understand why you might want to use this value when the Environment.Interactive is false, but in my case, this value is true and I want to login as one user but run a process as another user in the same session (ie CreateProcessAsUser http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/createprocessasuser.asp)
Can you supply a modification to the API to use the machine flag in all cases when the RSACryptoServiceProvider class is used?
By the way, I am a paid customer, but I forgot my login for this site. |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Tue Dec 13, 2005 9:24 pm Post subject: |
|
|
We will look at this for the next release. In the meantime your mod should work fine. _________________ Infralution Support |
|
Back to top |
|
|
|