RE: Encrypt with private key in CAPI

From: Ryan Menezes [MSFT] (anonymous_at_discussions.microsoft.com)
Date: 05/21/04

• Next message: Vishal Mishra [MSFT]: "Re: acceptable certificate authorities from SSL connection in wininet or schannel"
• Previous message: Jonathan: "RE: How to publish a S/MIME Certificate through MAPI? (PR_USER_X509_CERTIFICATE)"
• In reply to: Tommy: "Encrypt with private key in CAPI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 21 May 2004 13:21:02 -0700

     Are you decrypting on the same machine ? Which platform are you using ? Some code might help.

Thanks,
Ryan Menezes [MS]
This posting is provided "AS IS" with no warranties, and confers no rights.

     ----- Tommy wrote: -----
     
     Hello,
     
     I have to encrypt a piece of data using a private RSA key (please
     don't ask why). I've tried to use CryptEncrypt() using a handle to a
     private key, but the decryption process of the encrypted data fails.
     
     I've read some posts about this and tried the following mentioned
     strategy:
     1. Create a hash object by using CryptCreateHash().
     2. Set the HP_HASHVAL value in CryptSetHashParam().
     3. Sign the hash value by using CryptSignHash().
     
     The problem is that when I create the handle to the hash in
     CryptCreateHash(), I have to specify a known hash alogrithm (e.g.
     CALG_MD5) to be used. These hash algorithms produce data of known
     lengths, but the length of my data may vary.
     
     So, my questions are:
     1. Can I use CryptEncrypt() to encrypt data using a private key. If
     yes, what am I doing wrong?
     2. If question 1 fails and I have to use the second strategy (using
     CryptCreateHash()), then what algorithm shall I specify?
     3. Is there a more simple way of achieving what I want to do (the
     private key might not be exportable so I cannot encrypt manually)?
     
     Thanks in advance.
     /Tommy
     

---

• Next message: Vishal Mishra [MSFT]: "Re: acceptable certificate authorities from SSL connection in wininet or schannel"
• Previous message: Jonathan: "RE: How to publish a S/MIME Certificate through MAPI? (PR_USER_X509_CERTIFICATE)"
• In reply to: Tommy: "Encrypt with private key in CAPI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Problems with public key decryption with RSA ... with securing the "Private key" at the clients. ... Encrypt key / IV with public RSA key of server. ... Sign hash and sign data elements with HMAC-SHA1 using symmetric key. ... (microsoft.public.dotnet.framework) Re: Problems with public key decryption with RSA ... with securing the "Private key" at the clients. ... Encrypt key / IV with public RSA key of server. ... Sign hash and sign data elements with HMAC-SHA1 using symmetric key. ... (microsoft.public.platformsdk.security) Re: Problems with public key decryption with RSA ... with securing the "Private key" at the clients. ... Encrypt key / IV with public RSA key of server. ... Sign hash and sign data elements with HMAC-SHA1 using symmetric key. ... (microsoft.public.dotnet.security) Re: Digital signature Question ... When I hash a message to authenticate it, ... > private key I'm using at that point a shared symmetric private ... > to encrypt the hash result. ... mail, and then, encrypt that symetric key with the public key of the ... (Security-Basics) RE: Can Kerberos be cracked?? ... Subject: Can Kerberos be cracked?? ... If you were able to decrypt the timestamp ... As for your assumption about the hash being as good as the password, ... > encrypt the timestamp) still be susceptible to brute-force> using dictionary ... (Focus-Microsoft)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2004-05