question

SUBRAMANIANPrabhakaran-8794 avatar image
0 Votes"
SUBRAMANIANPrabhakaran-8794 asked XiaopoYang-MSFT answered

How to implement CNG Key Storage Functions in C#.Net?

Hi Team,

How to implement CNG Key Storage Functions in C#?
The following link which is implemented in C++.

https://docs.microsoft.com/en-us/windows/win32/seccng/cng-key-storage-functions

CNG Key Storage Functions :

NCryptCreatePersistedKey
NCryptDecrypt
NCryptDeleteKey
NCryptDeriveKey
NCryptEncrypt
NCryptEnumAlgorithms
NCryptEnumKeys
NCryptEnumStorageProviders
NCryptExportKey
NCryptFinalizeKey
NCryptFreeBuffer
NCryptFreeObject
NCryptGetProperty

Regards,
Prabhakaran

dotnet-csharpwindows-apidotnet-runtime
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

lextm avatar image
0 Votes"
lextm answered lextm edited

If your goal is to consume such Win32 API in a C# application ("implement something" is completely a different story so don't misuse that verb), learn to write PInvoke,

https://docs.microsoft.com/en-us/dotnet/standard/native-interop/pinvoke

You might try Microsoft's PInvoke helpers like CsWin32 if you don't want to wrap over those native functions on your own, https://github.com/microsoft/CsWin32

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

XiaopoYang-MSFT avatar image
0 Votes"
XiaopoYang-MSFT answered SUBRAMANIANPrabhakaran-8794 commented

The calling code is like following. You can also refer to the page.

 using System;
 using System.Runtime.InteropServices;
    
 namespace ConsoleApp2
 {
     class Program
     {
         [DllImport("Ncrypt.dll", CharSet = CharSet.Unicode)]
         static extern int NCryptOpenStorageProvider(out IntPtr hProvider, [MarshalAs(UnmanagedType.LPWStr)] string szProviderName, int flags);
    
         static void Main(string[] args)
         {
             IntPtr h;
             NCryptOpenStorageProvider(out h, "Microsoft Software Key Storage Provider", 0);
         }
     }
 }


· 13
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for your response.
How to call the following method? What parameters need to pass it? Please help me on this

     **[DllImport("ncrypt.dll", CharSet = CharSet.Unicode)]
     internal static extern ErrorCode NCryptCreatePersistedKey(SafeNCryptProviderHandle hProvider,
                                                         [Out] out SafeNCryptKeyHandle phKey,
                                                         string pszAlgId,
                                                         string pszKeyName,
                                                         int dwLegacyKeySpec,
                                                         CngKeyCreationOptions dwFlags);**

static void Main(string[] args)
{
NCryptCreatePersistedKey( ------------ Parameters?--------------)
}

I want to create, store and retrieve cryptographic keys. Please share me the code to implement it

0 Votes 0 ·
XiaopoYang-MSFT avatar image XiaopoYang-MSFT SUBRAMANIANPrabhakaran-8794 ·

The parameters is the same as the corresponding win32 API which is NCryptCreatePersistedKey in the context.

0 Votes 0 ·

What are the parameter values needs to be passed?

SafeNCryptProviderHandle hProvider = ?
[Out] out SafeNCryptKeyHandle phKey = ?
string pszAlgId = ?
string pszKeyName = ?
int dwLegacyKeySpec = ?
CngKeyCreationOptions dwFlags = ?

I need to create, store and retrieve cryptographic keys.

0 Votes 0 ·
Show more comments
XiaopoYang-MSFT avatar image
0 Votes"
XiaopoYang-MSFT answered SUBRAMANIANPrabhakaran-8794 edited

How to use the following code:
1.VS Tools->NuGet Package Manger->Package Manger Console
2.type: Install-Package PInvoke.NCrypt
more information.

 using static PInvoke.NCrypt; // Supported in C# 6 (VS2015) and later.
    
 namespace ConsoleApp2
 {
     class Program
     {
         static void Main(string[] args)
         {
             SafeProviderHandle ProviderHandle;
             SafeKeyHandle KeyHandle;
             string KeyName = "SampleStrongKey";
    
             SECURITY_STATUS secStatus = NCryptOpenStorageProvider(out ProviderHandle, "Microsoft Software Key Storage Provider", 0);
    
             secStatus = NCryptCreatePersistedKey(
                                         ProviderHandle,             // Handle of the key storage provider
                                         out KeyHandle,                 // Address of the variable that recieves the key handle
                                         "RSA",       // Algorithm name (null terminated unicode string)
                                         KeyName,                    // Key name (null terminated unicode string)
                                         LegacyKeySpec.AT_SIGNATURE,               // Legacy identifier (AT_KEYEXCHANGE, AT_SIGNATURE or 0 )
                                         NCryptCreatePersistedKeyFlags.NCRYPT_OVERWRITE_KEY_FLAG); // Flags; If a key already exists in the container with the specified name, the existing key will be overwritten.
    
         secStatus = NCryptFinalizeKey(
                                         KeyHandle,                  // Handle of the key - that has to be finalized
                                         0);                         // Flags
    
             //
             // Delete this object
             //
    
             KeyHandle.Dispose();
             ProviderHandle.Dispose();
         }
     }
 }

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,
Thanks for your response.
I have tried NCryptOpenKey method.
How to check key is exist or not in the specified CNG key storage provider? Please help me on this.
Please find below code which i have tried,

public static void OpenKey()
{
SafeProviderHandle ProviderHandle;
SafeKeyHandle KeyHandle;
string KeyName = "SampleStrongKey";
SECURITY_STATUS secStatus = NCryptOpenStorageProvider(out ProviderHandle, "Microsoft Software Key Storage Provider", 0);
secStatus = NCryptOpenKey(ProviderHandle, out KeyHandle, KeyName, LegacyKeySpec.AT_SIGNATURE, NCryptOpenKeyFlags.NCRYPT_SILENT_FLAG);
secStatus = NCryptFinalizeKey(KeyHandle,0);
KeyHandle.Dispose();
ProviderHandle.Dispose();
}






0 Votes 0 ·
SUBRAMANIANPrabhakaran-8794 avatar image
0 Votes"
SUBRAMANIANPrabhakaran-8794 answered SUBRAMANIANPrabhakaran-8794 edited

Hi,
I have tried NCryptOpenKey and NCryptDeleteKey method. it is working now.
Can you please share me the code, how to use NCryptEncrypt and NCryptDecrypt function in C#?

Regards,
Prabs

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

XiaopoYang-MSFT avatar image
0 Votes"
XiaopoYang-MSFT answered

Hello,

Welcome to Microsoft Q&A!

I had been notified c# has itself CNG implementation. Here is a c# sample. Perhaps you need a c# support.

Thank you.


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.