8

I am trying to port a UNIX code using OpenSSL (PKCS#5 & PKCS#7) to windows.

In the case of OpenSSL, all the encoding/decoding (certificates or passwords) is done transparently to the caller in the function CMS_Encrypt, as it should be.

CAPI does the same thing in the case of certificate based encryption inside the function CryptEncryptMessage (no ASN details are revealed to the caller). After some googling, I found out the following key generation implementation. Now how am I supposed to use it in CAPI ?

Because CAPI does not support PBE encryption at the high level (PBKDF2) my guess is that the encoding has to be done (somehow?) manually. And by manually I mean writing (and reading) the binary representations of various ASN tags. How am I supposed to do this ?

I cannot access the msasn1.h API since msasn1.lib is never distributed. Has anyone been able to use CAPI interface for doing anything else other than certificates based encryption ?

malat
  • 12,152
  • 13
  • 89
  • 158
  • Not sure what you are asking. Are you trying to do PBE using an interface that doesn't support it, or are you asking how to generate a certificate and use CBE? – stark Jul 29 '12 at 21:39
  • Trying to figure out how to do PBE using Microsoft CAPI interchangeably with OpenSSL, I believe. – mmr Jul 30 '12 at 00:06
  • A lot of applications are using OpenSSL in MS Windows. Why not just to use them? – Pavel Ognev Oct 16 '12 at 05:55
  • Are you looking for this function? `BCryptDeriveKeyPBKDF2`, https://msdn.microsoft.com/en-us/library/windows/desktop/dd433795.aspx – Simon Mourier Oct 10 '15 at 16:41

0 Answers0