Category : cng

I’m trying to rework the CNG encryption example in the Microsoft documentation. One peculiar thing about the example is that the encryption IV is hard coded. I don’t know a lot about encryption but my understanding is that it is more secure to generate a random IV for each encrypted data. Does anyone have any ..

Read more

On Windows Server A, we can generate a key in an HSM, and make it available to AD CS. The key is used to generate a CSR, which is signed by a public CA, and imported into the cert store on the same host. Can use certutil -repairstore to link the signed cert to the ..

Read more

I’d like to implement data encryption and decryption in a C++ application running on Windows. I’ve spent considerable time looking around the Web and am thinking I should probably use the Windows Cryptography API: Next Generation (CNG) functions (although I’m open to better alternatives). What I find everywhere are complex examples that do all sorts ..

Read more

I need to invoke the following function in Powershell: https://docs.microsoft.com/en-us/windows/win32/api/ncrypt/nf-ncrypt-ncryptenumkeys I am calling https://docs.microsoft.com/en-us/windows/win32/api/ncrypt/nf-ncrypt-ncryptenumstorageproviders and then I loop https://docs.microsoft.com/en-us/windows/win32/api/ncrypt/nf-ncrypt-ncryptopenstorageprovider These two functions NCryptEnumStorageProviders and NCryptOpenStorageProvider are working fine and I am getting the right handles, the right results, etc. I want to then enumerate keys stored by these providers by using NCryptEnumKeys function. This is ..

Read more