Re: CryptAPI(encryption/decryption)


Hi DSilva,
Thanks for your valid information.
I'm a newbie in Crypto, hence the msdn document is confusing me.
As you told I got a tool from net "pvktool" which converts the .PEM format
to .pvk format. But this blob is also not getting imported to the CSP.
Actually my scenario is for each user there will be Public/Private keys in
the server. To decrypt the encrypted data I need to import the Private key
blob that I'm getting from server. Since this key is in .PEM format CryptoAPI
is not supporting it. Is there any other way I can proceed with this. Do I
need to convert the PEM format to .pfx files in the server. I tried using
openssl libraries but its showing compilation problem in Windows mobile.
Looking for your advice.

Thanks
S.Kumar

"Dylan DSilva (MS)" wrote:

To answer your question - Yes, a PFX file will allow you to import both the
certificate and the associated private key.

To get a handle to the private key after importing the PFX file you will
need to locate the certificate in the store using the
CertFindCertificateInStore API and then get access to the private key by
calling the CryptAcquireCertificatePrivateKey API followed by the
CryptGetUserKey API.
--
Dylan DSilva
Software Development Engineer
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use. © Microsoft Corporation. All rights
reserved.

"S.Kumar" <SKumar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:426E69EC-624C-4DF7-941E-4E2C6850301C@xxxxxxxxxxxxxxxx
Hi Dsilva,
Thanks again. Thanks for your valid information.
I got one tool but its in JAVA. I don't have any idea about it.
I'm trying to understand the basics of these public key and Certificate.
I tried using the openssl library, tried to import the .pvk file after
converitn with pvktool but noting is working for me. I'm in total mess. I
understood your reply to make the blob in the format given. I'm in the R&D
of
how to make it.

One another doubt. If I use a PFX file instead of PEM can I import the
private key?
I can import the PFX file using PFXImportCertStore(). Now I don't know how
to proceed. Can you give some suggestion

Thanks
S.Kumar

"Dylan DSilva (MS)" wrote:

Yes, the PEM format is Base64 encoded and may additionally be encrypted
with
a symmetric cipher (AES, 3DES etc.). In addition to decoding it to
unencrypted binary, you would need to create the PRIVATEKEYBLOB structure
with the fields described in
http://msdn2.microsoft.com:80/en-us/library/ms884374.aspx. Only a
PRIVATEKEYBLOB can be imported into a Microsoft CSP. As I mentioned in my
earlier post, you should be able to find tools that support this
conversion.

--
Dylan DSilva
Software Development Engineer
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no
rights.
You assume all risk for your use. © Microsoft Corporation. All rights
reserved.

"S.Kumar" <SKumar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B8B841E0-5299-4D5F-B619-EE6F7FF02B2D@xxxxxxxxxxxxxxxx

Thanks DSilva,
I like to get little more details.
Is the PEM format is in base64 coded? If I convert the PEM to binary,
can
I
load it into Microsoft CSP's?

Thanks in advance

S.Kumar.

"Dylan DSilva (MS)" wrote:

Unfortunately the Microsoft CSPs do not support importing keys in pem
format. You would need to convert your key to the blob format
described
in
http://msdn2.microsoft.com/en-us/library/ms884374.aspx (I believe
there
are
tools out on the internet that let you do this) or use a custom CSP
that
supports keys in pem format.

--
Dylan DSilva
Software Development Engineer
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no
rights.
You assume all risk for your use. © Microsoft Corporation. All rights
reserved.

"S.Kumar" <SKumar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D1B60822-0411-4666-8263-B58B2ECAF340@xxxxxxxxxxxxxxxx
Hi All,

I'm facing a problem in encryption decryption.
I have the privatekey in pem format.
How can I import this into CSP and decrypt the data which is
encrypted
using
public key.

I tried using CryptImportKey () but no success.

Thanks










.

Relevant Pages

  • Re: CryptAPI(encryption/decryption)
    ... "Dylan DSilva " wrote: ... This posting is provided "AS IS" with no warranties, and confers no rights. ... © Microsoft Corporation. ... Is the PEM format is in base64 coded? ...
    (microsoft.public.pocketpc.developer)
  • Re: CryptAPI(encryption/decryption)
    ... To answer your question - Yes, a PFX file will allow you to import both the ... To get a handle to the private key after importing the PFX file you will ... This posting is provided "AS IS" with no warranties, and confers no rights. ... Is the PEM format is in base64 coded? ...
    (microsoft.public.pocketpc.developer)
  • Re: Use a private key file generated from Linux for digital signature in .NET
    ... Convert the Linux private key file in PEM format to the PVK format using ... Import the certificate along with the converted private key in PVK format ...
    (microsoft.public.dotnet.security)
  • Re: Use a private key file generated from Linux for digital signature in .NET
    ... Convert the Linux private key file in PEM format to the PVK format using ... Import the certificate along with the converted private key in PVK format ...
    (microsoft.public.platformsdk.security)
  • Re: CryptAPI(encryption/decryption)
    ... PRIVATEKEYBLOB can be imported into a Microsoft CSP. ... This posting is provided "AS IS" with no warranties, and confers no rights. ... Is the PEM format is in base64 coded? ... I'm facing a problem in encryption decryption. ...
    (microsoft.public.pocketpc.developer)
Loading