cng

问题 Windows Phone 7 had a anonymous user ID property called ANID. Windows Phone 8 has replaced that with ANID2. The difference is that ANID2 is dependent on the app's publisher ID. It's possible to convert ANID to ANID2 as the following code sample on MSDN shows. Only things you need are the original WP7 ANID and the publisher ID (guid). The problem is that the example is in C++. I've been trying to port it to C# but with no success. The algorithm itself is quite easy: var data = HMAC(ANID,

问题 I am writing a CNG provider. Specifically, stuck on implementing NCryptExportKey API. I am trying to convert an EC key (for signing, ECDSA256) from a hardware key manager. The h/w keymanager provides key in ASN format. I referred to MSDN documentation, it's mentioned that public key X and Y values(of BCRYPT_ECCKEY_BLOB structure) are in big-endian format. But in another post on stackoverflow (Import a Public key from somewhere else to CngKey?), the Magic value also seems to be in big-endian

问题 (Note: IMO the question is mainly about WinAPI and DACL and not about CNG, so please read on!) I'm currently trying to modify the sample CNG key storage provider of Microsoft's Cryptographic Provider Development Kit in such a way that it does not store the keys in single files. However, I'm in trouble with the security descriptors that can be assigned to the private keys. In the Certificates Snap-in of the Windows Server Management Console, private keys of certificates can be managed, i.e.

问题 I'm trying to use BCryptEncrypt to authenticate some AAD but the function is failing with STATUS_INVALID_PARAMETER . BCryptEncrypt takes 10 parameters. One of the parameters is BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO . BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO takes another 13 parameters. Running my test program results in: >.\bcrypt-gmac.exe BCryptEncrypt error, 0xc000000d (STATUS_INVALID_PARAMETER) STATUS_INVALID_PARAMETER is not very helpful in this case. My question is, how do I determine which

问题 I develop Xamarin.Forms Application and right now I'm debugging it on my Android device (it's 4.4 ver. of Android, if it matters). I need to use cryptography with ECDsa, so I've found that System.Security.Cryptography.Cng is needed for System.Security.Cryptography to support it. I've downloaded System.Security.Cryptography.Cng ver. 4.5.0 in Nuget Packages for all my projects. So I need to create a new pair of keys to sign some data, and when I try do it like this var p = new

问题 I've created a machine wide CngKey (MachineKey=true), but my applications aren't able to access it. How to I assign permissions to so that my App Pool can access the key? Preferably pragmatically so that I can build it into the installer. Powershell create script: [System.Security.Cryptography.CngKeyCreationParameters] $cngKeyParameter = [System.Security.Cryptography.CngKeyCreationParameters]::new() $cngKeyParameter.KeyUsage = [System.Security.Cryptography.CngKeyUsages]::AllUsages

问题 From a legacy program: bye[] rsaPrivateKeyExport = RSACryptoProvider.ExportCspBlob(true); These keys are stored in a file. As part of a legacy refresh, I need to use CNG RSA keys. So something like reading the old blob and then converting: CngKey cngPrv = CngKey.Import(rsaPrvKeyExport, CngKeyBlobFormat.GenericPrivateBlob); But I cannot get this to work? How do I convert the old blob type to the new one? Do I only use parts of the old blob? The key length is 2048. 回答1: GenericPrivateBlob is a

问题 I'm trying to test Windows Bcrypt. I have a test program: #include <bcrypt.h> #include <iostream> #include <string> #pragma comment (lib, "bcrypt.lib") int main(int argc, char* argv[]) { return 0; } Attempting to compile it: >cl.exe /DWINVER=0x0600 /TP /GR /EHsc bcrypt-test.cpp /link /out:bcrypt-test.exe Microsoft (R) C/C++ Optimizing Compiler Version 19.00.24210 for x64 Copyright (C) Microsoft Corporation. All rights reserved. bcrypt-test.cpp C:\Program Files (x86)\Windows Kits\10\include\10

问题 I have signed a hash value in windows using BCryptSignHash with ECDSA algorithm. The output signature buffer is of length 64 bytes. I also generated the public and private key blobs using BCryptGenerateKeyPair function (BCRYPT_ECDSA_P256_ALGORITHM algorithm) with which i signed the hash. I have to verify this signature with this key pair in linux. I am able to decipher the public-private key pair that got generated, using the link "http://msdn.microsoft.com/en-us/library/windows/desktop

问题 I need to convert a EC private key generated by BouncyCastle to a CngKey in C#. Ultimately, I'm trying to create a PKCS12 that can be imported into the Windows Key Store and am following the information and code example found here. The EC key pair is generated as follows: var ecKeyPairGenerator = new ECKeyPairGenerator("ECDSA"); ECKeyGenerationParameters ecKeyGenParams = new ECKeyGenerationParameters(SecObjectIdentifiers.SecP384r1, new SecureRandom()); AsymmetricCipherKeyPair pair =