question

MartinAA avatar image
0 Votes"
MartinAA asked MartinAA edited

Create user key in "Microsoft Software Key Storage Provider" via NCrypt from a background process

Background
I have an application running as a background process on Windows 10 as a different user account (userX) than the currently logged on user (userA). This application needs to be able to create/open RSA keys in the "Microsoft Software Key Storage Provider" via NCrypt.

Problem
I have tried to create a user key in the application. This fails in the call to NCryptCreatePersistedKey with the error code 0x80070002. If I run the application as userA everything works as expected. If I log on to the computer as userX, select "Switch user" in Windows, log on as userA and run the application as userX, everything works as expected. If I open a command prompt and run runas /user:userX cmd, everything works as expected while the prompt is open. So, it seems like I am not able to create a user key unless the user is interactively logged on to the computer. Is this correct?

Is there a way to create user keys via NCrypt API without being interactively logged on to the computer?


I would like to add more related tags such as ncrypt, cng etc. but I am forced to select from the predefined tags.

windows-10-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers