Differences between CAPICOM TripleDES and System.Security.Cryptography TripleDES

Question

I'm trying to move away from using CAPICOM since I can no longer use it (64-bit Windows 7 machine).

The existing code for using TripleDES is like this:

EncryptedDataClass cryptic = new EncryptedDataClass();
cryptic.Algorithm.Name = CAPICOM_ENCRYPTION_ALGORITHM.CAPICOM_ENCRYPTION_ALGORITHM_3DES;
cryptic.SetSecret(secretKey, CAPICOM_SECRET_TYPE.CAPICOM_SECRET_PASSWORD);
cryptic.Content = stringToEncrypt;
encryptedString = cryptic.Encrypt(CAPICOM_ENCODING_TYPE.CAPICOM_ENCODE_ANY);

The only information supplied for the encryption is the secretKey. And the secretKey comes out to be about ten bytes. Is there a way use the .NET class to do the same encryption. Note: this is used to verify connection to a web service that will still be using CAPICOM. Any help or ideas are greatly appreciated.

Was never able to resolve this. Client decided to keep the old black box dll in place. — Posthuma, Jul 05 '11 at 14:57
If any answer is correct or helpful please accept or upvote it. — Ben, Feb 11 '12 at 21:18
Unfortunately, none have been the answer or helpful. The crux of the question is how to have the .NET encryption to work with the legacy CAPICOM dll on the other end. — Posthuma, Mar 29 '12 at 16:43

score 1 · Answer 1 · answered Apr 18 '12 at 07:51

SetSecret is not a key!!

from MSDN:

CAPICOM_SECRET_TYPE Enumeration

The CAPICOM_SECRET_TYPE enumeration indicates the kind of secret used to derive a key to be used for encryption/decryption of data.

Constants CAPICOM_SECRET_PASSWORD The encryption key is to be derived from a password.

score 0 · Answer 2 · answered Oct 17 '11 at 09:28

0

Not exactly the answer to your question and nor is it ideal, but we hit the same issue with CAPICOM and got it to work in the 64bit world by:

Copy the binary to [windows]\syswow64
Register the service (run from within that path, regsvr32 capicon.dll)

answered Oct 17 '11 at 09:28

Sam

535
5
14

That would work. But, I was trying to implement with the .NET encryption tools and work with the old CAPICOM dll. – Posthuma Oct 17 '11 at 15:53

score 0 · Answer 3 · edited May 23 '17 at 10:34

You can use CAPICOM from a 32-bit process on a 64-bit machine (obviously). If you are using it from script, you have to use the 32-bit versions of cscript.exe and wscript.exe. I.e:

c:\windows\sysWOW64\cscript.exe "c:\path\to\script.wsf"

c:\windows\sysWOW64\cscript.exe "c:\path\to\another\vbscript.vbs"

This works fine, I am doing it in production right now.

Also, this answer has a walkthrough of how to register a surrogate for CAPICOM so it can be used from 64-bit processes (including 64-bit script).

64 bit C# with a 32 bit VB6 COM object

I have actually done this to use CAPICOM from 64-bit SQL Server and it works fine.

Differences between CAPICOM TripleDES and System.Security.Cryptography TripleDES

3 Answers3