I have an webservice that performs many RSA-signature operations. I use the CryptograhyProvider from .net. This uses the unmanaged CyptoAPI from Windows.
I often have this error:
System.Security.Cryptography.CryptographicException: Der RPC-Server
ist für diesen Vorgang zu stark ausgelastet. [=The rpc server is too
busy to complete the transaction]
bei
System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32
hr) bei
System.Security.Cryptography.Utils._ImportKey(SafeProvHandle hCSP,
Int32 keyNumber, CspProviderFlags flags, Object cspObject,
SafeKeyHandle& hKey) bei
System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters
parameters)
Instead of trying to fix this, I'd rather replace my RSA-signing operation with an DLLImport to a high performance RSA C implementation.
Does someone know one or can recommend one?
Is OpenSSL faster than MS CryptoApi?
I also suspect that loading the key might cause serious overhead.
Thanks!
I would recommend OpenSSL but i dont know the comparison with MS CryptoAPI. Its simple to use and documentation is extensive along with sample source code.
Check the detailed description of the APIs here.
You may also want to consider NSS. This is 2 years old, but could still be worth perusing.
http://www.cryptopp.com/
might be a good library.
It was used in this speed test:
http://www.cryptopp.com/benchmarks.html
Unfortunately there is no comparison with OpenSSL available
Related
Derivatives of this question have surely been asked, however I have yet to find one that matches my case.
I created a library that is wrapping up a third party C++ library and supplying it to some in-house systems. The created library uses C++/CLI to allows users to access it via C#. The library builds and can be launched using our internal continuous integration NuGet server, therefore it's available for use.
There is no problem using this library within some other application/system when running a program with "Start Debugging" (F5), but whenever it's run with "Start Without Debugging" (Ctrl+F5) or via an executable the following exception is raised:
Unhandled Exception: System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
at TheirLib.func(Int32 , Int32 , Double* , Int32 , Int32* , Int32* , Double* , Int32 , TheirLibError* )
at MyLib.Func(Int32 n, Int32 m, Double[] x, Int32 tdx, Int32[] svar, Int32[] sobs, Double[] corr, Int32 tdc)
at SomeApplication.Program.Main(String[] args) in d:\SomeApplication\SomeApplication\Program.cs:line 67
I read here (https://connect.microsoft.com/VisualStudio/feedback/details/819552/visual-studio-debugger-throws-accessviolationexception) that it could be that one needs .NET 4.5.2, but this didn't change anything. I also thought that there might be some setting in my C++/CLI library that would allow me to circumvent this issue, but I haven't been able to find anything and I feel like I've looked everywhere. I also looked at the C++/CLI code preparing the pin_ptr objects that are used when calling the third party library, but everything looks fine (see below).
void MyLib::Func(int n, int m, array<double>^ x, int tdx, array<int>^ svar, array<int>^ sobs,
array<double>^ corr, int tdc)
{
// Setup input parameters
pin_ptr<double> xPtr = &(x[0]);
pin_ptr<int> svarPtr = &(svar[0]);
pin_ptr<int> sobsPtr = &(sobs[0]);
pin_ptr<double> corrPtr = &(corr[0]);
TheirLibError fail;
// Call their library's function
func(n, m, xPtr, tdx, svarPtr, sobsPtr, corrPtr, tdc, &fail);
}
Again, the library works exactly as expected with "Start Debugging" and passes an exhaustive set of tests, but I just cannot understand why this wouldn't work standalone... I will literally try anything at this point to get it working. Help me SO, you're my only hope...
After contacting the library owner, the issue was that TheirLibError was not being initialized properly, and the pointers contained within this structure were not being handled properly within the library. After properly initializing it, everything worked as expected.
Moral of the story, inquire with the library owner regarding whether or not their library holds onto pointers or any other pointer behavior when approached with an AccessViolationException.
I use a dongle to protect my executable. The dongle protects the software in two ways:
inside the code with calls to read/write the dongle memory (for example to store functional data), to encrypt/decrypt data with an algorithm resident in the dongle. The encryption key is writable only.
Encrypting the EXE file and using a loader that decrypts it through the dongle. If any debugger like softice is running, the software either terminates or does not start.
It would work well and make cheaper to buy the license than to crack my software and this is my only goal.
The problem is that I cannot serialize anymore! If I try, I get the following exception:
SerializationException
Source = mscorlib
Message = Unable to find assembly 'MyApp, Version=1.0.0.3, Culture=neutral, PublicKeyToken=null'.
TargetSite = System.Reflection.Assembly GetAssembly()
Stack =
System.Runtime.Serialization.Formatters.Binary.BinaryAssemblyInfo.GetAssembly()
System.Runtime.Serialization.Formatters.Binary.ObjectReader.GetType(BinaryAssemblyInfo assemblyInfo, String name)
System.Runtime.Serialization.Formatters.Binary.ObjectMap..ctor(String objectName, String[] memberNames, BinaryTypeEnum[] binaryTypeEnumA, Object[] typeInformationA, Int32[] memberAssemIds, ObjectReader objectReader, Int32 objectId, BinaryAssemblyInfo assemblyInfo, SizedArray assemIdToAssemblyTable)
System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryObjectWithMapTyped record)
System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryHeaderEnum binaryHeaderEnum)
System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run()
System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
I must use Binary Serialization due to the nature of the data to be persistent.
How can a solve this problem?
I dedicate an enormous amount of time to this problem and I got to a workaround, more than a true solution.
I share what I learned. The serialization needs to load the assembly that generated the permanent stream in order to know exactly the structure of the saved data. With "black-box" EXE encryption systems, the assembly is not available. One possible solution could be to write a custom BynaryFormatter: for sure it's not worth the effort.
The workaround is to put the classes to be serialized in a DLL that is not encrypted and then decrypted in memory at run time by the dongle. This idea derive from the suggestions that I have found for a similar problem: one wants to deserialize in application A data written from application B.
The short version: CngKey.Import throws an exception, even though new ECDsaCng() doesn't.
(EDIT: More narrowed-down question: CngKey.Import(...); succeeds on PC but fails on Web host .)
The long version:
In some scenarios there are permission restrictions and CngKey.Import (which is used to "load" the CngKeyBlobFormat.EccPrivateBlob into the ECDsaCng) throws a CryptographicException.
On the other hand the following does work:
ECDsaCng dsa = new ECDsaCng();
So I assume the problem lies in the attempt to import the key into the KSP.
So far I haven't found a way to transform the EccPrivateBlob into an ECDsaCng, not by the CngKey.Create method, nor by the CngKey.Open method, or any other way.
So how can it be done (without the KSP)?
The error itself:
System.Security.Cryptography.CryptographicException: An internal error
occurred. at
System.Security.Cryptography.NCryptNative.OpenStorageProvider(String
providerName) at System.Security.Cryptography.CngKey.Import(Byte[]
keyBlob, CngKeyBlobFormat format, CngProvider provider) at ...
What's the correct syntax to invoke a HTTP Get using the LoadRunner API (VUGEN 9.52.0.0) in C#? The following generates an AccessViolationException:
LoadRunner.WebApi web = new LoadRunner.WebApi();
web.url("GoToMyService", "http://path/to/my/service/", new string[0], "LAST");
Exception thrown by call to web.url:
Error: Action.cs(25): System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
at LoadRunner.WebApiClass.url(String name, String urladdr, Object options, Object extrares)
at Script.VuserClass.Action() in h:\Personal\_projects\LoadTest\Action.cs:line 25
One option, which isn't really in the spirit of LoadRunner, is to skip using the LoadRunner API and just use the System.Net APIs:
WebResponse response = HttpWebRequest.Create("http://path/to/my/service/").GetResponse();
You are engaging in an ethically problematic activity for a performance tester: You do not point a loaded gun at something that you do not own, manage or control. LoadRunner is a loaded gun and I am ~~~assuming~~ you don't work for google. So, just don't
I want to read data into RSAParameters structure ( RSAParameters ) and did check twice, that the data is correct. But still, I get an error "invalid data" exception for this:
bei System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32 hr)
bei System.Security.Cryptography.Utils._ImportKey(SafeProvHandle hCSP, Int32 keyNumber, CspProviderFlags flags, Object cspObject, SafeKeyHandle& hKey)
bei System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters)
How can I take a look into the source code to check why _ImportKeys is throwing an exception? I have no experience with .dll 'decryption'..are there any symbols to reference somewhere for visual studio 8.0? Thank you.
Use .NET Reflector to disassemble the DLL you want to examine.
You can also use JetBrains dotPeek. It is 100% free.