How to implement CNG Key Storage Functions in C#.Net?

SUBRAMANIAN Prabhakaran 1 Reputation point
2021-11-30T05:17:27.117+00:00

Hi Team,

How to implement CNG Key Storage Functions in C#?
The following link which is implemented in C++.

https://learn.microsoft.com/en-us/windows/win32/seccng/cng-key-storage-functions

CNG Key Storage Functions :

NCryptCreatePersistedKey
NCryptDecrypt
NCryptDeleteKey
NCryptDeriveKey
NCryptEncrypt
NCryptEnumAlgorithms
NCryptEnumKeys
NCryptEnumStorageProviders
NCryptExportKey
NCryptFinalizeKey
NCryptFreeBuffer
NCryptFreeObject
NCryptGetProperty

Regards,
Prabhakaran

Windows API - Win32
Windows API - Win32
A core set of Windows application programming interfaces (APIs) for desktop and server applications. Previously known as Win32 API.
2,387 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,099 questions
.NET Runtime
.NET Runtime
.NET: Microsoft Technologies based on the .NET software framework.Runtime: An environment required to run apps that aren't compiled to machine language.
1,109 questions
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Lex Li (Microsoft) 4,332 Reputation points Microsoft Employee
    2021-11-30T06:49:57.703+00:00

    If your goal is to consume such Win32 API in a C# application ("implement something" is completely a different story so don't misuse that verb), learn to write PInvoke,

    https://learn.microsoft.com/en-us/dotnet/standard/native-interop/pinvoke

    You might try Microsoft's PInvoke helpers like CsWin32 if you don't want to wrap over those native functions on your own, https://github.com/microsoft/CsWin32

    0 comments No comments

  2. Xiaopo Yang - MSFT 11,081 Reputation points Microsoft Vendor
    2021-11-30T07:11:53.68+00:00

    The calling code is like following. You can also refer to the page.

    using System;
    using System.Runtime.InteropServices;
    
    namespace ConsoleApp2
    {
        class Program
        {
            [DllImport("Ncrypt.dll", CharSet = CharSet.Unicode)]
            static extern int NCryptOpenStorageProvider(out IntPtr hProvider, [MarshalAs(UnmanagedType.LPWStr)] string szProviderName, int flags);
    
            static void Main(string[] args)
            {
                IntPtr h;
                NCryptOpenStorageProvider(out h, "Microsoft Software Key Storage Provider", 0);
            }
        }
    }
    

  3. Xiaopo Yang - MSFT 11,081 Reputation points Microsoft Vendor
    2021-12-02T08:04:10.79+00:00

    How to use the following code:
    1.VS Tools->NuGet Package Manger->Package Manger Console
    2.type: Install-Package PInvoke.NCrypt
    more information.

    using static PInvoke.NCrypt; // Supported in C# 6 (VS2015) and later.
    
    namespace ConsoleApp2
    {
        class Program
        {
            static void Main(string[] args)
            {
                SafeProviderHandle ProviderHandle;
                SafeKeyHandle KeyHandle;
                string KeyName = "SampleStrongKey";
    
                SECURITY_STATUS secStatus = NCryptOpenStorageProvider(out ProviderHandle, "Microsoft Software Key Storage Provider", 0);
    
                secStatus = NCryptCreatePersistedKey(
                                            ProviderHandle,             // Handle of the key storage provider
                                            out KeyHandle,                 // Address of the variable that recieves the key handle
                                            "RSA",       // Algorithm name (null terminated unicode string)
                                            KeyName,                    // Key name (null terminated unicode string)
                                            LegacyKeySpec.AT_SIGNATURE,               // Legacy identifier (AT_KEYEXCHANGE, AT_SIGNATURE or 0 )
                                            NCryptCreatePersistedKeyFlags.NCRYPT_OVERWRITE_KEY_FLAG); // Flags; If a key already exists in the container with the specified name, the existing key will be overwritten.
    
            secStatus = NCryptFinalizeKey(
                                            KeyHandle,                  // Handle of the key - that has to be finalized
                                            0);                         // Flags
    
                //
                // Delete this object
                //
    
                KeyHandle.Dispose();
                ProviderHandle.Dispose();
            }
        }
    }
    

  4. SUBRAMANIAN Prabhakaran 1 Reputation point
    2021-12-06T05:15:41.923+00:00

    Hi,
    I have tried NCryptOpenKey and NCryptDeleteKey method. it is working now.
    Can you please share me the code, how to use NCryptEncrypt and NCryptDecrypt function in C#?

    Regards,
    Prabs

    0 comments No comments

  5. Xiaopo Yang - MSFT 11,081 Reputation points Microsoft Vendor
    2021-12-09T07:22:41.92+00:00

    Hello,

    Welcome to Microsoft Q&A!

    I had been notified c# has itself CNG implementation. Here is a c# sample. Perhaps you need a c# support.

    Thank you.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments