locked
Does Metro App support schannel?

    Question

  • I am trying to find out if Metro App support schannel?

    I have legacy WIN32 code in C++ which uses schannel. I need to migrate the functionalities to a Metro App. What are my choices?

    To clarify: I am trying to use schannel in a Metro App, not a Desktop App.

    Thanks in advance.


    • Edited by Shafiq2012 Friday, April 27, 2012 12:14 AM
    Thursday, April 26, 2012 7:00 PM

Answers

  • Hi,

    Regarding your link here, yes you can call this from a Metro App, and it can establish an SSL connection to a web site:

    http://msdn.microsoft.com/library/windows/apps/Hh780595

    Another option is HttpClient:

    http://social.msdn.microsoft.com/Forums/en-US/winappswithcsharp/thread/26febe05-cbc1-4e19-b664-94ca5dfc69d1

    Regarding your existing Win32 C++ code, I am guessing your are using SSPI or perhaps HttpOpenRequest. In either case it is unlikely that you can use those APIs in Metro, but there is a small chance. If you add winapifamily.h to your project, and then #define WINAPI_PARTITION_APP (or #define WINAPI_FAMILY = 2), the project will fail to compile if the code uses any APIs that aren’t safe for Metro style apps.  If the compilation succeeds, then the API should be safe.  You can then run the app under the Windows App Cert Kit to verify this.

    Mark Stanley - Microsoft Escalation Engineer - Forum Moderator

    Saturday, April 28, 2012 1:13 AM
    Moderator

All replies

  • Hello,

    The document of  InitSecurityInterface function point that this interface only Applies to: desktop apps
    http://msdn.microsoft.com/en-us/library/windows/desktop/aa376103(v=vs.85).aspx

    You can try to use the some alternatives APIs to the security.

    Windows.Security.Credentials

    Windows.Security.Credentials.UI
    Windows.Security.Cryptography
    Windows.Security.Cryptography.Certificates
    Windows.Security.Cryptography.Core
    Windows.Security.Cryptography.DataProtection

    Best regards,
    Jesse


    Jesse Jiang [MSFT]
    MSDN Community Support | Feedback to us

    Friday, April 27, 2012 9:09 AM
  • Cryptograpy cannot help in secure socket connection. Using cryptography, will I not need to implement the encryption/decryption on the other party of the socket communication? I do not have control on the other party.

    Please see this note and let me know is that the "schannel" i.e., secure socket now in WinRT for Metro App applications.

    http://msdn.microsoft.com/library/windows/apps/Hh780595

    Thanks,

    Friday, April 27, 2012 9:25 PM
  • Hi,

    Regarding your link here, yes you can call this from a Metro App, and it can establish an SSL connection to a web site:

    http://msdn.microsoft.com/library/windows/apps/Hh780595

    Another option is HttpClient:

    http://social.msdn.microsoft.com/Forums/en-US/winappswithcsharp/thread/26febe05-cbc1-4e19-b664-94ca5dfc69d1

    Regarding your existing Win32 C++ code, I am guessing your are using SSPI or perhaps HttpOpenRequest. In either case it is unlikely that you can use those APIs in Metro, but there is a small chance. If you add winapifamily.h to your project, and then #define WINAPI_PARTITION_APP (or #define WINAPI_FAMILY = 2), the project will fail to compile if the code uses any APIs that aren’t safe for Metro style apps.  If the compilation succeeds, then the API should be safe.  You can then run the app under the Windows App Cert Kit to verify this.

    Mark Stanley - Microsoft Escalation Engineer - Forum Moderator

    Saturday, April 28, 2012 1:13 AM
    Moderator
  • My legacy code indeed uses sspi.h and related library.

    Those are not allowed in MetroApp mode. Simply code does not compile.

    Only if allow to build in Desktop mode, then the code compiles. So, schannel stuff such as:

    InitializeSecurityContext

    QueryContextAttributes

    DecryptMessage

    EncryptMessage

    need to be re-written somehow, or something in MetroApp needs to come in rescue.

    Thanks.


    sua

    Sunday, June 10, 2012 1:15 AM