Stack Overflow
Stack Overflow

Questions tagged [cng]

CryptoAPI Next Generation (CNG) is the next version of the Windows CryptoAPI available since Vista. It adds NSA Suite B algoritms (including elliptic-curve cryptography) and is FIPS 140-2 certified.

256 questions
6
votes
2 answers

CNG Import ECC Pub/Priv Keyfrom file

I've been trying to find how to import an ECC key from a file by ANY MEANS for ages. I have tried accessing an ECC cert from the Windows certificate store, from a .p12 file, and from a PKCS#8 OpenSSL key file with no success. Just one of the many…
Jim
  • 587
  • 2
  • 6
  • 19
5
votes
2 answers

Straight forward example using CryptoAPI Next Generation (CNG) to encrypt data

I'd like to implement data encryption and decryption in a C++ application running on Windows. I've spent considerable time looking around the Web and am thinking I should probably use the Windows Cryptography API: Next Generation (CNG) functions…
Jonathan Wood
  • 65,341
  • 71
  • 269
  • 466
5
votes
1 answer

How can I get a NCRYPT_KEY_HANDLE for the private key of a PCCERT_CONTEXT?

How can I get a NCRYPT_KEY_HANDLE for encryption/decryption with CNG from the private key of a PCCERT_CONTEXT from the windows certificate store? The CryptEncrypt function has been superceded by the NCryptEncrypt and BCryptEncrypt functions, but…
jorgen
  • 535
  • 1
  • 5
  • 12
5
votes
2 answers

How do I import a CNG Key to the key store?

I would like to import a key that was exported using CngKey.Export(CngKeyBlobFormat.EccPrivateBlob), give the key a name, and have it persisted in the key store. This should be so simple, but I have not found any way to do it. I can use…
babackman
  • 155
  • 1
  • 8
5
votes
2 answers

How to Export Private Key For ECDiffieHellmanCng

I am trying to export the keys from a new instance of a ECDiffieHellmanCng object so I can create an instance of it later with the same keys. But I am getting an error when trying to export it. //Create new ECDiffieHellmanCng which automatically…
Kevin Junghans
  • 17,475
  • 4
  • 45
  • 62
4
votes
1 answer

RSA SHA512 signature generated by Windows CNG(Cryptography Next generation ) NCryptSignHash not matching with signature generated by openssl RSA_sign

We are trying to generate RSA SHA512 signature with CNG, we wrote code and generated hash value not matching with OpenSSL. Private key used for signing we generated with OpenSSL command in DER format as below. openssl genpkey -out privkey.pem…
Navas Valapra
  • 43
  • 3
4
votes
1 answer

BCryptEncrypt returns STATUS_INVALID_PARAMETER on AES-GCM

I'm trying to implement AES GCM using CNG Windows API and stuck on last step. Disclaimer: Do not be afraid with that amount of code, most of it is just WinAPI functions and structures declaration, scroll down to actual question text.…
Olvin Roght
  • 7,677
  • 2
  • 16
  • 35
4
votes
3 answers

Bug in RSA encryption/decryption using CryptoAPI Next Generation (CNG) in Windows?

I have written a code to encrypt and decrypt data with a hardcoded RSA key pair that was previously generated using the CNG. It is a simple program that simply generates some random input data, encrypts it with the public key, and then decrypts the…
Dhirendra
  • 41
  • 1
  • 2
4
votes
1 answer

key not valid for use in specified state

we are using CNG for encrypting some of our sensitive data. As a standard, we implement the SQL Integrated Security instead of using a SQL user with DB permissions. To implement this, we define the application Pool Identity as the same Active…
Vikram
  • 6,865
  • 9
  • 50
  • 61
4
votes
1 answer

HSM decryption + encryption chaining

My application is acting as a switchboard to transfer very sensitive messages between two parties and I'm trying to figure out how I can do this without "looking" at the message they're trying to send. I have a HSM, and I've generated a keypair for…
Sudhir Jonathan
  • 16,998
  • 13
  • 66
  • 90
4
votes
1 answer

How to get a certificate store from a smart card (USB Token) using CNG?

I'm using Crypto API's CryptAcquireContext function (https://learn.microsoft.com/en-us/windows/desktop/api/Wincrypt/nf-wincrypt-cryptacquirecontexta) to get access to my Certificate Store contained on my USB Token, and this is working like a…
Carlos B. Feitoza Filho
  • 704
  • 7
  • 23
4
votes
1 answer

Use AES CBC with NCrypt in windows

I'm trying to use the NCrypt.dll to encrypt some data, in C++, and I'm having trouble handling keys and algorithms. I would like to use AES with the CBC chainging method but, can't get the NCryptEncrypt function to work (I keep getting an invalid…
PMARSH
  • 167
  • 3
  • 14
4
votes
0 answers

Import an ECDSA public key from CngKey to BouncyCastle

I am trying to generate an x509 certificate from a pair of keys generated with CngKey. I create the keys with: var parameters = new CngKeyCreationParameters { Provider =…
santiPipes
  • 61
  • 8
4
votes
1 answer

What kind of RSASignaturePadding use with PKCS#8 key?

I am trying to sign a string with a PKCS#8 key using SHA-256 with RSA. The RSACng.SignData() method requires a RSASignaturePadding, of which the options are Pkcs1 and Pss. I can't find anything definitive to tell me which would be used for PKCS#8. …
dbJones
  • 762
  • 1
  • 10
  • 31
4
votes
1 answer

How to deal with plaintext keys using CNG?

I have a set of predefined plaintext keys that I use for symmetric encryption/decryption. These keys are used for encrypted communication with hardware devices connected to a PC. I would like to use a CNG key storage provider to securely store these…
Gugl Andi
  • 41
  • 3
1
2
3
17 18