Re: Usage of CRYPT_VERIFYCONTEXT

From: Rayees (rayees_at_yahoo.com)
Date: 10/30/04


Date: 30 Oct 2004 11:58:33 -0700

Laszlo,

MS allows you to generate a public/private key pair with
CRYPT_VERIFYCONTEXT. I do not know if they allow import of
PRIVATEKEYBLOB.

"When this flag is used and a public/private key pair is created or
imported, that pair of keys is treated as treated as ephemeral; that
is, the keys are kept only in memory and are automatically destroyed
when CPReleaseContext is called"
(from MSDN)

The way I understand it is that you are allowed to create a
public/private keypair but you can only do public key operations.
Private key operations are not allowed.

-rayees

lelteto wrote:
> CRYPT_VERIFYCONTEXT is used when you don't have private keys only
symmetric
> key crypto or (imported) public keys are used. There is NO container
so there
> is no container name at all.
>
> Laszlo Elteto
> SafeNet, Inc.
>
> "rayees@yahoo.com" wrote:
>
> > Hi,
> >
> > I am not clear on how CRYPT_VERIFYCONTEXT is used.
> > >From MSDN
> > "When dwFlags is set to CRYPT_VERIFYCONTEXT, pszContainer must be
set
> > to NULL."
> > "When pszContainer is NULL, a default key container name is used.
For
> > example, the Microsoft Base Cryptographic Provider uses the logon
name
> > of the user currently logged on as the key container name."
> >
> > Does this mean that when the dwFlags is CRYPT_VERIFYCONTEXT, the
> > container name is <LogonName> for MS Base CSP?
> >
> > If this is the case, then for the container <LogonName>, there
should
> > be no persisted private key components. Also what happens if the
> > pszContainer passed in is <LogonName>?
> >
> > regards
> > Rayees
> >
> >



Relevant Pages

  • Re: Problem with cryptoapi
    ... private key of a public/private key pair. ... Here you obtain the current user's public/private key pair. ... CryptExportKey encrypts the session key with the public key of the key ...
    (microsoft.public.vc.language)
  • Re: ssh issue
    ... > PubkeyAuthentication yes ... > PasswordAuthentication no ... You have a public/private key pair on system A. You will be using ...
    (freebsd-questions)
  • CryptExport private key only
    ... that when using RSA public/private key pair ... from conventional use of Public/Private key pairs, ... supposed to use the public key to encrypt data and private key to always ...
    (microsoft.public.platformsdk.security)
  • CryptExport private key only
    ... that when using RSA public/private key pair ... from conventional use of Public/Private key pairs, ... supposed to use the public key to encrypt data and private key to always ...
    (microsoft.public.dotnet.security)
  • Re: secure file transfer - suggestions?
    ... > file transfer (for scripting): ... You can automate sftp of scp transfer by using public/private key ... load the private key into ssh-agent with ssh-add once after each reboot. ...
    (comp.unix.solaris)