none
NCryptCreatePersistedKey x CryptGenKey RRS feed

  • Question

  • Hi,

    using CAPI/CryptGenKey is possible to create RSA signature and RSA keyexchange key in one container.

    is possible to create ECC signature and ECCDH key in one container using CNG/NCryptCreatePersistedKey or container in CNG can contain only one ECC key type?

    thanks


    Lukas

    Tuesday, September 25, 2012 2:02 PM

Answers

  • While you are creating or opening key in CNG, the legacyKeySpec parameter can be specified. If provider supports 2 keys per container, you can differ signature and exchange keys by using this parameter.

    But, for example, "Microsoft Software Key Storage Provider" does not support them.

    • Marked as answer by Lukas JOSEFIK Tuesday, October 30, 2012 2:45 PM
    Thursday, October 4, 2012 9:19 AM

All replies

  • I believe CNG allows only one key pair per container unlike CAPI.

    Andrew

    Thursday, October 4, 2012 2:33 AM
  • While you are creating or opening key in CNG, the legacyKeySpec parameter can be specified. If provider supports 2 keys per container, you can differ signature and exchange keys by using this parameter.

    But, for example, "Microsoft Software Key Storage Provider" does not support them.

    • Marked as answer by Lukas JOSEFIK Tuesday, October 30, 2012 2:45 PM
    Thursday, October 4, 2012 9:19 AM