Stack Overflow
Stack Overflow

Questions tagged [cng]

CryptoAPI Next Generation (CNG) is the next version of the Windows CryptoAPI available since Vista. It adds NSA Suite B algoritms (including elliptic-curve cryptography) and is FIPS 140-2 certified.

256 questions
2
votes
1 answer

Signing data in c++ app using CNG and verifying in php api

I read a lot about asymmetric encryption and still can't understand how is the step by step process to achieve what I need. What I need: Create 1 Private and 1 Public key only once. Include the private key in my C++ app without the user being able…
roberto carlos
  • 83
  • 1
  • 9
2
votes
1 answer

How to persist public key created by RSACng to Local machine or Key Storage provider(KSP)?

I have a Public key and private key pair generated by RSACng class. I am able to persist private key into my KSP(MicrosoftSoftwareKeyStorageProvider) under local machine->(Program Data-> Crypto->RSA->Keys) .But, i am unable to persist public key…
sagar yadwad
  • 133
  • 1
  • 3
  • 11
2
votes
1 answer

How to decrypt data using RSACng that is previously encrypted with RSACryptoServiceProvider

I am migrating on RSACng for new version release from RSACryptoServiceProvider. However, as RSACryptoserviceProvider that is CAPI uses Little Endian Architecture and RSACng that is CNG API is using Big Endian Architecture, question is how can i…
sagar yadwad
  • 133
  • 1
  • 3
  • 11
2
votes
1 answer

Export private key (PKCS#8) of CNG RSA certificate with oldschool .NET

I have a PKCS #12 (PFX) file that is a certificate with CNG RSA key and want to export the private…
Daniel Fisher lennybacon
  • 3,865
  • 1
  • 30
  • 38
2
votes
0 answers

Wrapping/Unwrapping private keys with CNG

PKCS #11 Defines a procedure for wrapping/unwrapping of private keys using symmetric keys PKCS #11 v2.20 (Section 12.6). The unwrapping procedure simply reverses the wrapping procedure; so there is a C_UnwrapKey function to complement C_WrapKey. I…
Timothy Ghanem
  • 1,606
  • 11
  • 20
2
votes
2 answers

Verify a signature file (PKCS7) with WinCrypt or CNG

I need to verify a signed JAR file using Windows crypto API methods. I have only a basic understanding of encryption and signing matters. I'm also new to those crypto APIs (WinCrypt, Bcrypt, Ncrypt). Verifying the file hashes wasn't a problem, but…
Simpleton
  • 632
  • 5
  • 22
2
votes
1 answer

How to get a CNG key handle to a public certificate previously imported to windows Cert: store (in Delphi)?

I need to use CNG to verify a message signature (RSA). The only problem is how to get the CNG key handle (NCRYPT_KEY_HANDLE or BCRYPT_KEY_HANDLE) if I have the public certificate stored in windows certs (Cert:\CurrentUser\My). I am using a…
Babla
  • 53
  • 5
2
votes
1 answer

Microsoft MSCAPI-CSP and CNG compatibility

We have previously developed an RSA MSCAPI CSP for use with the classical Windows crypto API and this has worked fine for years. Unfortunately, newer versions of Outlook refuse to work with this CSP in the case of AES encryption. It still supports…
Morty
  • 1,706
  • 1
  • 12
  • 25
2
votes
2 answers

How to convert ECDSA DER encoded signature data to microsoft CNG supported format?

I am preparing a minidriver to perform sign in smartcard using NCryptSignHash function of Microsoft CNG. When I perform sign with an SECP521R1 EC key in smartcard it generates a sign data with length of 139 as ECC signed data format: ECDSASignature…
iOS-Developer84
  • 654
  • 8
  • 19
2
votes
1 answer

What is the GUID suffix on key container storage files in Windows?

I am wondering what are the GUID suffixes for the RSA key container files stored in the machine and user key container stores. I cannot identify some of these as key containers through CAPI/CNG, although I'll expose my case using command line tools…
kkm inactive - support strike
  • 5,190
  • 2
  • 32
  • 59
2
votes
1 answer

How to get CngKey without using GetCngPrivateKey in net core 2.0

I'm reading a certificate from a X509Store, that I want to get it's CngKey using GetCngPrivateKey. But all I'm getting is the following error. at Security.Cryptography.X509Certificates.X509Native.AcquireCngPrivateKey(SafeCertContextHandle…
Alberto López
  • 246
  • 6
  • 22
2
votes
0 answers

Add C# X509Certificate2 to X509Store with AllowPlaintextExport flag?

When I import a certificate into a store using CertUtil, e.g., certutil -f -v -user -privatekey -importPFX my mycert.p12, and then read it in in C#, I see that its export policy is AllowExport | AllowPlaintextExport. However, when importing the same…
hyongsop
  • 91
  • 2
  • 9
2
votes
1 answer

How to write a KSP to hook up into KERB_CERTIFICATE_LOGON

Hi all I've written a custom credentialprovider that works fine when using username/password as credential, the password is transferred via bluetooth. After all it was not that difficult as the documentation tells you what interfaces to…
Frank
  • 2,036
  • 1
  • 20
  • 32
2
votes
2 answers

Building a private CngKey(ECDH_P384) from a passphrase

Context: VS 2015 winforms, Windows 7, using SecurityDriven Inferno library. I'm coding an offline app which produces encrypted files to be sent as email attachments (thus not used in a client-server context). The files are first encrypted with…
Frank
  • 45
  • 1
  • 7
2
votes
1 answer

Permissions to create CNG key

When I try to create machine-scoped CNG key: CngKey.Create(CngAlgorithm2.Rsa, "TestKey", new CngKeyCreationParameters { KeyCreationOptions = CngKeyCreationOptions.MachineKey }); I…
SkyFx
  • 186
  • 10
1 2 3
17 18