Login/Register
CAPI does not support Password Based Encryption (PBE) encryption?
Asked Answered
c++cryptoapipbkdf2
B

0

8

I am trying to port a UNIX code using OpenSSL (PKCS#5 & PKCS#7) to windows.

In the case of OpenSSL, all the encoding/decoding (certificates or passwords) is done transparently to the caller in the function CMS_Encrypt, as it should be.

CAPI does the same thing in the case of certificate based encryption inside the function CryptEncryptMessage (no ASN details are revealed to the caller). After some googling, I found out the following key generation implementation. Now how am I supposed to use it in CAPI ?

Because CAPI does not support PBE encryption at the high level (PBKDF2) my guess is that the encoding has to be done (somehow?) manually. And by manually I mean writing (and reading) the binary representations of various ASN tags. How am I supposed to do this ?

I cannot access the msasn1.h API since msasn1.lib is never distributed. Has anyone been able to use CAPI interface for doing anything else other than certificates based encryption ?

Brickyard answered 29/7, 2012 at 13:10 Comment(4)
Not sure what you are asking. Are you trying to do PBE using an interface that doesn't support it, or are you asking how to generate a certificate and use CBE?Rota
Trying to figure out how to do PBE using Microsoft CAPI interchangeably with OpenSSL, I believe.Colp
A lot of applications are using OpenSSL in MS Windows. Why not just to use them?Cogent
Are you looking for this function? BCryptDeriveKeyPBKDF2, msdn.microsoft.com/en-us/library/windows/desktop/dd433795.aspxCurrish

© 2022 - 2024 — McMap. All rights reserved.