![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 55.00000000000001%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBM%3C/text%3E%3C/svg%3E)
MS_PLATFORM_CRYPTO_PROVIDER fails to open for me too, and the 2 other coworkers I asked to try it.
BCryptOpenAlgorithmProvider
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 44%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Dev Bon
16
Reputation points
Hello,
I try to open TPM as algoritm provider for generate random numbers:
BCRYPT_ALG_HANDLE hAlgorithm;
NTSTATUS ntStat = BCryptOpenAlgorithmProvider ( &hAlgorithm, BCRYPT_RNG_ALGORITHM, MS_PLATFORM_CRYPTO_PROVIDER, NULL);
I get ntStat = STATUS_NOT_FOUND;
If I use MS_PRIMITIVE_PROVIDER instead of MS_PLATFORM_CRYPTO_PROVIDER everything is OK.
What I do wrong? TPM is enabled on the my computer, and I run the program as Administrator on Windows 10 Professional.
Windows development | Windows API - Win32
-
Rita Han - MSFT 2,171 Reputation points2021-02-01T03:29:20.11+00:00 Hello @Dev Bon , could you try other algorithm ID instead of
BCRYPT_RNG_ALGORITHMto see if it reproduces the same error? -
Dev Bon 16 Reputation points
2021-02-03T11:22:45.537+00:00 Yes. I tried all the possible algorithm IDs from documentation. The result is the same.
-
Rita Han - MSFT 2,171 Reputation points
2021-02-04T02:24:53.24+00:00 Thanks for confirmation. Could you run this PowerShell command and share the result? Get-Tpm
-
Dev Bon 16 Reputation points
2021-02-05T19:40:25.837+00:00 OK. Here is the result:
TpmPresent: True
TpmReady: True
ManufacturerId: 1229346816
ManufacturerIdTxt: IFX
ManufacturerVersion: 7.85
ManufacturerVersionFull1120: 7.85.17.51968
ManagedAuthLevel: Full
OwnerAuth: dfganN@NGRsuea83ynNWGE@&OJW
OwnerCleardisabled: False
AutoProvisioning: Enabled
LockedOut: False
LockoutHealTime: 10 minutes
LockoutCount: 0
LockoutMax: 31
SelfTest: <> -
Rita Han - MSFT 2,171 Reputation points
2021-02-08T01:26:52.733+00:00 Thanks for information. I'll consult the related engineer for helping on this issue.
Sign in to comment
4 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 54%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
frank_big 1 Reputation point2021-02-02T09:52:55.133+00:00 Hi Cheong00,
thanks for your comment.I'm using Win10.
This is my regedit window, Microsoft Crypto Provider is present. I also checked TPM functionalities with tpm.msc and everything is fine.
However I get an error whenever I try to run certtmpl.msc, translated it is like: "Impossiblle to find the file "certtmpl.msc". Verify the name and retry". Maybe it is related?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
cheong00 3,491 Reputation points Volunteer Moderator2021-02-03T01:16:29.203+00:00 certtmpl.msc is part of the Remote Server Administration Tools.
Also, the RNG cryptography setting is located at Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\Default\00000006\RNG see if you can find "Microsoft Platform Crypto Provider" there. (I don't have it, not sure if additional settings is required or you can just append "Microsoft Platform Crypto Provider" on the next line of "Providers" to make it work. You may want to create a VM for a try. This kind of registry setting will most likely require a reboot to make it effective.)
Sign in to comment -
-
cheong00 3,491 Reputation points Volunteer Moderator
2021-02-02T08:47:49.033+00:00 Try search the algorithm you want to use under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Providers . If "Microsoft Platform Crypto Provider" is not listed, I think the choice is not provided by the current system.
You'll need Win8 / Win2012 or above to choose "Microsoft Platform Crypto Provider".
You may also try to follow this exercise and see if you can get "Microsoft Platform Crypto Provider" working.
-
frank_big 1 Reputation point
2021-02-02T08:21:40.457+00:00 Hi All,
I have the same exact problem.
Here is my code:ntstat = BCryptOpenAlgorithmProvider(&pHandle,BCRYPT_RNG_ALGORITHM,MS_PRIMITIVE_PROVIDER,//MS_PLATFORM_CRYPTO_PROVIDER, NULL); if (0 == ntstat) { for (long i = 0; i < filesize; i++) { BCryptGenRandom(pHandle, buf, sizeof(buf), NULL); //outfile.write((char *)&buf[0], _countof(buf)); } BCryptCloseAlgorithmProvider(pHandle, NULL); } else { sprintf((char *)text, "error = 0x%08x", (unsigned int)ntstat); }Best regards,
-
Rita Han - MSFT 2,171 Reputation points
2021-02-03T01:32:03.837+00:00 Hello @frank_big , could you try other algorithm ID instead of BCRYPT_RNG_ALGORITHM to see if it reproduces the same error?
Sign in to comment -