Re: Usage of CRYPT_VERIFYCONTEXT
From: Rayees (rayees_at_yahoo.com)
Date: 30 Oct 2004 11:58:33 -0700
MS allows you to generate a public/private key pair with
CRYPT_VERIFYCONTEXT. I do not know if they allow import of
"When this flag is used and a public/private key pair is created or
imported, that pair of keys is treated as treated as ephemeral; that
is, the keys are kept only in memory and are automatically destroyed
when CPReleaseContext is called"
The way I understand it is that you are allowed to create a
public/private keypair but you can only do public key operations.
Private key operations are not allowed.
> CRYPT_VERIFYCONTEXT is used when you don't have private keys only
> key crypto or (imported) public keys are used. There is NO container
> is no container name at all.
> Laszlo Elteto
> SafeNet, Inc.
> "firstname.lastname@example.org" wrote:
> > Hi,
> > I am not clear on how CRYPT_VERIFYCONTEXT is used.
> > >From MSDN
> > "When dwFlags is set to CRYPT_VERIFYCONTEXT, pszContainer must be
> > to NULL."
> > "When pszContainer is NULL, a default key container name is used.
> > example, the Microsoft Base Cryptographic Provider uses the logon
> > of the user currently logged on as the key container name."
> > Does this mean that when the dwFlags is CRYPT_VERIFYCONTEXT, the
> > container name is <LogonName> for MS Base CSP?
> > If this is the case, then for the container <LogonName>, there
> > be no persisted private key components. Also what happens if the
> > pszContainer passed in is <LogonName>?
> > regards
> > Rayees