Re: Internal format of RSA private keys in microsoft keystore.

2003-10-15 Thread Anton Stiglic

- Original Message - 
From: R.Sriram [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, October 10, 2003 1:20 AM
Subject: Internal format of RSA private keys in microsoft keystore.


 Greetings,
 
 In the process of trying to work around some of the limitations
 of the m$-CAPI API, I'm trying to decipher the internal representation
 of private keys in the default m$ key store, in order to extract
 the private key out.

If you could acquire a context, you could export the private key into 
a blob and then read it from that, but you can't acquire a context.
As Tom mentioned, the keys are encrypted in the container.
The FIPS 140 security policies for M$'s CSPs say that the task 
of protecting the keys in the system is delegated to Data Protection 
API (DPAPI).  There is a brief explanation in the security policies, 
see for example
http://csrc.nist.gov/cryptval/140-1/140sp/140sp241.pdf
section Key Storage.
You might be able to find more detailed information somewhere else...

Good luck!

--Anton


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Internal format of RSA private keys in microsoft keystore.

2003-10-12 Thread t . c . jones
key containers in MS are encrypted.
there is a capi m/l to be found at 
http://discuss.microsoft.com/archives/index.html
..tom
 Greetings,
 
 In the process of trying to work around some of the limitations
 of the m$-CAPI API, I'm trying to decipher the internal representation
 of private keys in the default m$ key store, in order to extract
 the private key out.
 
 The systems I'm working on are Win2K and XP, both on NTFS.
 
 Google didn't give me much. Has anyone been able to figure out
 the format of private key files? You can have a look at
 C:/Documents and Settings/username/Application Data/Microsoft/
 Crypto/RSA/*/filename
 
 I'm trying this because CryptAcquireContext() dies with the error
 NTE_BAD_KEYSET half the time. This is supposed to indicate that the
 key container doesn't exist or it could be corrupted. At this point
 I'm trying to see if the files are in good shape by reading them
 out.
 
 Having come from a Unix world, there may be something obvious I'm
 missing out, so please have patience :)
 
 Thanks,
 Sriram.
 
 
 -

 The Cryptography Mailing List
 Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]