[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: About key generation scheme from CryptDeriveKey function
From:       Dan Griffin <dangriff () WINDOWS ! MICROSOFT ! COM>
Date:       2003-04-29 18:55:48
[Download RAW message or body]

Can you please do a quick sanity check?  What is the blob produced when exporting the \
derived AES key from the Microsoft CSP as a PLAINTEXTKEYBLOB?  
Dan Griffin [MS]

-----Original Message-----
From: sidus@AHOPE.CO.KR [mailto:sidus@AHOPE.CO.KR] 
Sent: Tuesday, April 29, 2003 4:47 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: About key generation scheme from CryptDeriveKey function


Hi,

I'm making a CSP and i want it to be as compatible to Microsoft AES Cryptographic \
Provider  as possible, but i found a problem.

I want to derive AES_128 session Key from CPDeriveKey function with CALG_MD5, but 
the key of Microsoft AES Cryptographic Provider generated is not a same the key was \
my CSP generated.

Of couse I did use a "PrivateKeyWithExponentOfOne" and saw it different between two \
keys.

In detail, I use a Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype) \
in Windows XP and my CSP (PROV_RSA_AES).

Hash value was the same between MS's and Mine.
HashValue : [16] - MS's
6b a4 9b 11 2e b4 29 b5 9a 85 ee 94 da 9c 2c cb

HashValue : [16] - Mine
6b a4 9b 11 2e b4 29 b5 9a 85 ee 94 da 9c 2c cb

But Keyblob generated by CryptDeriveKey function was different.

MS's Key Blob : 
01 02 00 00 0e 66 00 00 00 a4 00 00 15 65 02 9d
fb 4e 5a 29 85 dd 4f 83 6e 89 df e5 00 68 27 d9
ab 75 49 48 d4 72 19 72 d9 fe 57 6b f6 4b d4 d7
16 d0 e1 7f 76 fa eb 55 ba 97 45 f9 a9 71 9b 57
ac c9 06 36 c1 37 d7 c7 c5 b2 02 00

My CSP's Key Blob :
01 02 00 00 0e 66 00 00 00 a4 00 00 cb 2c 9c da
94 ee 85 9a b5 29 b4 2e 11 9b a4 6b 00 5e 14 c4
b0 68 c8 14 08 27 92 db fd f9 4e 31 05 20 9d 54
24 6e 0f 04 88 24 cc 63 6b 44 95 df 9d ba 11 13
88 72 67 20 c0 b4 7e 94 f7 42 02 00


What my problem is any other algorithms generate the same key blob except \
CALG_AES(also, CALG_AES_128, CALG_AES_192  and CALG_AES_256) from CryptDeriveKey \
Function with CALG_MD5 in same provider.

How was it going? I'm very confused.


Thanks in advance.

¼Ò¸®¿¡ ³î¶óÁö ¾Ê´  »çÀÚó·³, 
±×¹°¿¡ °É¸®Áö ¾Ê´  ¹Ù¶÷ó·³,
ÁøÈë¿¡ ´õ·´È÷Áö ¾Ê´  ¿¬²Éó·³,
¹«¼ÒÀÇ »Ôó·³ È¥ÀÚ¼­ °¡¶ó...

- ¼ýŸ´ÏÆÄŸ ñé¿¡¼­





----------------------------------------------
iMate Free Mail Server   http://www.imate.net/
----------------------------------------------

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM


[prev in list] [next in list] [prev in thread] [next in thread]