Pocket PC CryptoAPI and private keys

Hi.

I'm trying to figure out the way Windows Mobile stores private keys in the
device. The API exposed with CryptoApi for Pocket PC doesn't work the same
way as Win32 does. "CryptImportKey" and "CryptGenKey" calls don't support
"CRYPT_USER_PROTECTED" flag for encrypting private keys. Does it mean that
private keys are stored in "raw" mode? Documentation about Protected Store
states that "CryptoAPI also uses the protected store functions to store
certificates, keys, and user credentials". But, what kind of protection is
used? Does anyone have any ideas about this issue?

Thanks in advance.

--


.

Relevant Pages

  • RE: EAP-TLS Client enrollment recovery.
    ... the private keys are not restored when you ... only restore the certificates. ... store in order to extract certificates and keys from it and then putting them ...
    (microsoft.public.platformsdk.security)
  • Re: Private key store
    ... normally they are only in the user MY store. ... archival with windows server 2003, you may have them in the CA... ... > I just want to clarify one item about Windows Certificate Services: ... > copies of users' private keys stored in Certificate Services store or ...
    (microsoft.public.windows.server.security)
  • Re: EFS
    ... Personally I like to export private keys and burn them on a CD and store it ... in a safe place ... Check the 'encrypt ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Encryption in .NET and CryptoAPI Certificate Stores
    ... > envelop symmetric keys used for encryption is available: ... > Briefly, it demonstrates how to use CryptoAPI store certificates, or X509 ...
    (microsoft.public.platformsdk.security)
  • AES Symmetric Key Secure Storage
    ... as most of our customers have not yet upgraded to Windows 2003. ... This essentially ruled out using CryptoAPI, as there does not exist a CSP ... Source version of the AES in our libraries, ... We want a secure location to store the ...
    (microsoft.public.platformsdk.security)