2,790 questions
How to Import 3rd party generated AES private key ( openssl ) into CNG storage
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 92%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBP%3C/text%3E%3C/svg%3E)
Bingi Prasanthi
0
Reputation points
Hi,
We are trying out the below scenario using CNG with Microsoft key storage provider in C++ builder 2007 IDE
Server side :
create openssl aes-256-cbc key and perform encryption on a secure file and share with the crypto container ( key id + AES key).
Client side :
Application will take the crypto container and store the AES key based on keyid into CNG storage .
In order to implement above, we have used NcryptImportKey with BCRYPT_KEY_DATA_BLOB as BLOB type on AES key provided by server ( which is generated using OPENSSL ), but the NcryptImportKey operation is failing with 0x80090009 , 0x80090029, 0x80090026 with different blob types.
can you please give us clarity on below aspects
- Is it possible to import/store 3rd party Linux (OPENSSL)based key into CNG storage?
- Is CNG support import operation in c++ builder 2006 IDE ( with default ncrypt.h, bcrypt.h, ncrypt.dll, bcrypt.dll which will come along with c++ builder 2006 installation )?
- If the above are feasible, can you please help us with which blob type we may need to use for importing openssl key to Microsoft KSP
Windows development | Windows API - Win32
Windows for business | Windows Client for IT Pros | Devices and deployment | Configure application groups
Windows for business | Windows Server | Storage high availability | Other
Windows for business | Windows Client for IT Pros | User experience | Other
Developer technologies | C++
3,977 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 34%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXY%3C/text%3E%3C/svg%3E)
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff2023-09-13T01:49:34.6666667+00:00 -
Bingi Prasanthi 0 Reputation points
2023-09-13T05:25:47.48+00:00 Thanks for the response.
We have checked the links shared in the above comment but it seems our requirement is different.
We are searching for the below
How to import a key to CNG which is generated from a Linux device ? key type : AES
Sign in to comment
Sign in to answer