I'm am trying to use the cryptographic function within the advapi32.dll to perform symmetric encryption/decryption using an AES key. The issue I am having is that the AES key is required to be stored on a LunaPCI HSM and I am having trouble obtaining a handle to the key to then perform the encrypt/decrypt.
My first question really is can this be achieved? I am led to believe the storing/retrieval o symmetric keys cannot be done via the MS CAPI hence I am going down this path.
I have the LunaPCI card installed and have registered it in the registry as a CSP.
Using the following code I a "True" from the CryptAcquireContext() method - so I am connection to the CSP ok and default key container. The problem is I do not seem to be able to get a handle to a key? There doesn't seem to be a method available to get a symmetric key - am I missing something here?
Any help here would be much appreciated.
regards,
Peter.
using System;
using System.Collections.Generic;
using System.Text;
using System.IO;
using System.Security.Cryptography;
using System.Runtime.InteropServices;
using Microsoft.Practices.EnterpriseLibrary.Common.Configuration;
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration;
namespace URUPlay
{
class Program
{
[DllImport("advapi32.dll", CharSet = CharSet.Auto)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CryptAcquireContext(
ref IntPtr hProv,
string pszContainer,
string pszProvider,
uint dwProvType,
uint dwFlags);
[DllImport(@"advapi32.dll")]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool CryptEncrypt(
IntPtr hKey,
int hHash,
int Final,
int dwFlags,
byte[] pbData,
ref int pdwDataLen,
int dwBufLen);
[DllImport(@"advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool CryptDecrypt(
IntPtr hKey,
int hHash,
int Final,
int dwFlags,
byte[] pbData,
ref int pdwDataLen);
[DllImport(@"advapi32.dll")]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool CryptReleaseContext(
IntPtr hProv,
int dwFlags);
[DllImport(@"advapi32.dll", EntryPoint = "CryptGetUserKey", CharSet = CharSet.Ansi)]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool CryptGetUserKey(
IntPtr hProv,
int dwKeySpec,
ref IntPtr phUserKey);
static void Main(string[] args)
{
try
{
string text = "1234567891234567";
System.Console.WriteLine("Raw Text = [{0}]", text);
string enc = Encrypt(text);
System.Console.WriteLine("Encrpyted Text = [{0}]", enc);
//string dec = Decrypt(enc);
//System.Console.WriteLine("Decrypted Text = [{0}]", dec);
}
catch (Exception e)
{
System.Console.WriteLine("error [{0}]", e.Message);
System.Console.WriteLine("Stack Trace [{0}]", e.StackTrace);
}
System.Console.ReadKey();
}
static string Encrypt(string text)
{
IntPtr hProv = IntPtr.Zero;
IntPtr hKey = IntPtr.Zero;
string passphrase = "";
uint PROV_RSA_FULL = 1;
uint CRYPT_VERIFYCONTEXT = 0xf0000000;
uint CRYPT_NEWKEYSET = 0x8;
byte[] data = Encoding.UTF8.GetBytes(text);
uint dataLength = (uint)data.Length;
uint bufLength = (uint)data.Length;
bool status = Program.CryptAcquireContext(ref hProv, null, "Luna Cryptographic Services for Microsoft
Windows", 1, CRYPT_VERIFYCONTEXT);
// This returns True
System.Console.WriteLine("Acquire Context Status = [{0}]", status);
// This line doesn't work - how would I get a handle to Key "5" from the HSM?
status = Program.CryptGetUserKey(hProv, 7, ref hKey);
System.Console.WriteLine("Get Key Status = [{0}]", status);
// First Parameter Here - I need the key!!!
//Program.CryptEncrypt();
CryptReleaseContext(hProv, 0);
return "";
}
static string Decrypt(string text)
{
return "";
}
}
}
Enter your message below
Sign in or Join us (it's free).