Internal format of RSA private keys in microsoft keystore.
Anton Stiglic
astiglic at okiok.com
Tue Oct 14 09:48:52 EDT 2003
----- Original Message -----
From: "R.Sriram" <rsriram at encentuate.com>
To: <cryptography at metzdowd.com>
Sent: Friday, October 10, 2003 1:20 AM
Subject: Internal format of RSA private keys in microsoft keystore.
> Greetings,
>
> In the process of trying to work around some of the limitations
> of the m$-CAPI API, I'm trying to decipher the internal representation
> of private keys in the default m$ key store, in order to extract
> the private key out.
If you could acquire a context, you could export the private key into
a blob and then read it from that, but you can't acquire a context.
As Tom mentioned, the keys are encrypted in the container.
The FIPS 140 security policies for M$'s CSPs say that the task
of protecting the keys in the system is delegated to Data Protection
API (DPAPI). There is a brief explanation in the security policies,
see for example
http://csrc.nist.gov/cryptval/140-1/140sp/140sp241.pdf
section "Key Storage".
You might be able to find more detailed information somewhere else...
Good luck!
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list