Re: Usage of CRYPT_VERIFYCONTEXT

From: Rayees (rayees_at_yahoo.com)
Date: 10/30/04

• Next message: Craig: "Handles to CSPs"
• Next in thread: Doug Barlow: "Re: Usage of CRYPT_VERIFYCONTEXT"
• Reply: Doug Barlow: "Re: Usage of CRYPT_VERIFYCONTEXT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 30 Oct 2004 11:58:33 -0700

Laszlo,

MS allows you to generate a public/private key pair with
CRYPT_VERIFYCONTEXT. I do not know if they allow import of
PRIVATEKEYBLOB.

"When this flag is used and a public/private key pair is created or
imported, that pair of keys is treated as treated as ephemeral; that
is, the keys are kept only in memory and are automatically destroyed
when CPReleaseContext is called"
(from MSDN)

The way I understand it is that you are allowed to create a
public/private keypair but you can only do public key operations.
Private key operations are not allowed.

-rayees

lelteto wrote:
> CRYPT_VERIFYCONTEXT is used when you don't have private keys only
symmetric
> key crypto or (imported) public keys are used. There is NO container
so there
> is no container name at all.
>
> Laszlo Elteto
> SafeNet, Inc.
>
> "rayees@yahoo.com" wrote:
>
> > Hi,
> >
> > I am not clear on how CRYPT_VERIFYCONTEXT is used.
> > >From MSDN
> > "When dwFlags is set to CRYPT_VERIFYCONTEXT, pszContainer must be
set
> > to NULL."
> > "When pszContainer is NULL, a default key container name is used.
For
> > example, the Microsoft Base Cryptographic Provider uses the logon
name
> > of the user currently logged on as the key container name."
> >
> > Does this mean that when the dwFlags is CRYPT_VERIFYCONTEXT, the
> > container name is <LogonName> for MS Base CSP?
> >
> > If this is the case, then for the container <LogonName>, there
should
> > be no persisted private key components. Also what happens if the
> > pszContainer passed in is <LogonName>?
> >
> > regards
> > Rayees
> >
> >

---

• Next message: Craig: "Handles to CSPs"
• Next in thread: Doug Barlow: "Re: Usage of CRYPT_VERIFYCONTEXT"
• Reply: Doug Barlow: "Re: Usage of CRYPT_VERIFYCONTEXT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Problem with cryptoapi ... private key of a public/private key pair. ... Here you obtain the current user's public/private key pair. ... CryptExportKey encrypts the session key with the public key of the key ... (microsoft.public.vc.language) Re: ssh issue ... > PubkeyAuthentication yes ... > PasswordAuthentication no ... You have a public/private key pair on system A. You will be using ... (freebsd-questions) CryptExport private key only ... that when using RSA public/private key pair ... from conventional use of Public/Private key pairs, ... supposed to use the public key to encrypt data and private key to always ... (microsoft.public.dotnet.security) CryptExport private key only ... that when using RSA public/private key pair ... from conventional use of Public/Private key pairs, ... supposed to use the public key to encrypt data and private key to always ... (microsoft.public.platformsdk.security) Re: secure file transfer - suggestions? ... > file transfer (for scripting): ... You can automate sftp of scp transfer by using public/private key ... load the private key into ssh-agent with ssh-add once after each reboot. ... (comp.unix.solaris)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2004-11