[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: Creating SymetricKey using external key data
From: Terry Harding <betterh () PRIMENET ! COM>
Date: 1997-07-25 2:43:41
[Download RAW message or body]
John,
Thank you for the response, the key generation process takes two
different paths, depending upon the length of the key and is not
simply the hash of some data.
.
The process of key generation was devised by Netscape, when they created
their export facility, for exporting private keys and certificates in
communicator.
I need a way to use the key data i have generated outside of the CSP,
this not only includes symetric keys, but also a RSA private keyr.
If they is no way of importing externally created keys into the CSP, i
will have to look at other avenues, such
as using another cryptographic base for our product.
Thanks again.
Terry Harding
Cyclone Software.
John Banes wrote:
> I've never gotten around to reading the PKCS #12 spec, but maybe I can
>
> give you a couple of clues.
>
> First of all, it is not possible (when using the Microsoft CSPs) to
> import/export non-encrypted bulk encryption keys.
>
> Also, it is not possible (using Microsoft CSPs) to set a hash value
> (via
> CryptSetHashParam) and then derive a bulk encryption key from it.
>
> You might try using CryptHashData to hash the password etc, and then
> using CryptDeriveKey (and possibly CryptSetKeyParam) to generate the
> key. Of course, this will only work if the hash and key sizes are
> compatible. The appendix describing the internals of CryptDeriveKey
> might prove helpful here.
>
> The "simplified crypto" functions provided by CryptoAPI 2.0 might also
>
> prove useful, but I somehow haven't gotten around to reading that spec
>
> either.
>
> Good luck,
>
> John
>
["smime.p7s" (application/x-pkcs7-signature)]
----------------------------------------------------------------
Users Guide http://www.microsoft.com/sitebuilder/resource/mailfaq.asp
contains important info including how to unsubscribe. Save time, search
the archives at http://microsoft.ease.lsoft.com/archives/index.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic