CNG - Crypt Ne Gen

Contents
Cryptography API: Next Generation

About CNG
CNG Features
Cryptographic Primitives
Key Storage and Retrieval
Key Import and Export
CNG DPAPI
Protection Providers
Protection Descriptors
Protected Data Format
Using CNG
Using the Cryptography Configuration Features of CNG
Typical CNG Programming
Creating a Hash with CNG
Signing Data with CNG
Encrypting Data with CNG
CNG Reference
CNG Constants
CNG Named Elliptic Curves
CNG Algorithm Pseudo-handles
CNG Algorithm Identifiers
CNG DPAPI Constants
CNG Interface Identifiers
Cryptography Primitive Property Identifiers
Key Storage Property Identifiers
CNG Cryptographic Configuration Functions
BCryptAddContextFunction
BCryptConfigureContext
BCryptConfigureContextFunction
BCryptCreateContext
BCryptDeleteContext
BCryptEnumAlgorithms
BCryptEnumContextFunctionProviders
BCryptEnumContextFunctions
BCryptEnumContexts
BCryptEnumProviders
BCryptEnumRegisteredProviders
BCryptGetFipsAlgorithmMode
BCryptQueryContextConfiguration
BCryptQueryContextFunctionConfiguration
BCryptQueryContextFunctionProperty
BCryptQueryProviderRegistration
BCryptRegisterConfigChangeNotify(HANDLE*)
BCryptRegisterConfigChangeNotify(PRKEVENT)
BCryptRemoveContextFunction
BCryptResolveProviders
BCryptSetContextFunctionProperty
BCryptUnregisterConfigChangeNotify(HANDLE)
BCryptUnregisterConfigChangeNotify(PRKEVENT)
CNG Cryptographic Primitive Functions
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptCreateMultiHash
BCryptDecrypt
BCryptDeriveKey
BCryptDestroyHash
BCryptDestroyKey
BCryptDestroySecret
BCryptDuplicateHash
BCryptDuplicateKey
BCryptEncrypt
BCryptExportKey
BCryptFinalizeKeyPair
BCryptFinishHash
BCryptFreeBuffer
BCryptGenerateKeyPair
BCryptGenerateSymmetricKey
BCryptGenRandom
BCryptGetProperty
BCryptHash
BCryptHashData
BCryptImportKey
BCryptImportKeyPair
BCryptKeyDerivation
BCryptOpenAlgorithmProvider
BCryptProcessMultiOperations
BCryptSecretAgreement
BCryptSetProperty
BCryptSignHash
BCryptVerifySignature
CNG DPAPI Functions
NCryptCreateProtectionDescriptor
NCryptCloseProtectionDescriptor
NCryptGetProtectionDescriptorInfo
NCryptProtectSecret
NCryptQueryProtectionDescriptorName
NCryptRegisterProtectionDescriptorName
NCryptStreamClose
NCryptStreamOpenToProtect
NCryptStreamOpenToUnprotectEx
NCryptStreamOpenToUnprotect
NCryptStreamUpdate
NCryptUnprotectSecret
PFNCryptStreamOutputCallback
CNG Helper Functions
BCryptDeriveKeyCapi
BCryptDeriveKeyPBKDF2
BCRYPT_INIT_AUTH_MODE_INFO
SystemPrng
CNG Key Storage Functions
NCryptCreateClaim
NCryptCreatePersistedKey
NCryptDecrypt
NCryptDeleteKey
NCryptDeriveKey
NCryptEncrypt
NCryptEnumAlgorithms
NCryptEnumKeys
NCryptEnumStorageProviders
NCryptExportKey
NCryptFinalizeKey
NCryptFreeBuffer
NCryptFreeObject
NCryptGetProperty
NCryptImportKey
NCryptIsAlgSupported
NCryptIsKeyHandle
NCryptKeyDerivation
NCryptNotifyChangeKey
NCryptOpenKey
NCryptOpenStorageProvider
NCryptSecretAgreement
NCryptSetProperty
NCryptSignHash
NCryptTranslateHandle
NCryptVerifyClaim
NCryptVerifySignature
CNG SSL Provider Functions
SslChangeNotify
SslComputeClientAuthHash
SslComputeEapKeyBlock
SslComputeFinishedHash
SslCreateClientAuthHash
SslCreateEphemeralKey
SslCreateHandshakeHash
SslDecrementProviderReferenceCount
SslDecryptPacket
SslEncryptPacket
SslEnumCipherSuites
SslEnumProtocolProviders
SslExportKey
SslExportKeyingMaterial
SslFreeBuffer
SslFreeObject
SslGenerateMasterKey
SslGenerateSessionKeys
SslGetCipherSuitePRFHashAlgorithm
SslGetKeyProperty
SslGetProviderProperty
SslHashHandshake
SslImportKey
SslImportMasterKey
SslIncrementProviderReferenceCount
SslLookupCipherLengths
SslLookupCipherSuiteInfo
SslOpenPrivateKey
SslOpenProvider
SslSignHash
SslVerifySignature
CNG Token Binding Functions
TokenBindingDeleteAllBindings
TokenBindingDeleteBinding
TokenBindingGenerateBinding
TokenBindingGenerateID
TokenBindingGenerateMessage
TokenBindingGetKeyTypesClient
TokenBindingGetKeyTypesServer
TokenBindingVerifyMessage
CNG Structures
BCRYPT_ALGORITHM_IDENTIFIER
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
BCRYPT_DH_KEY_BLOB
BCRYPT_DH_PARAMETER_HEADER
BCRYPT_DSA_KEY_BLOB
BCRYPT_DSA_KEY_BLOB_V2
BCRYPT_DSA_PARAMETER_HEADER
BCRYPT_DSA_PARAMETER_HEADER_V2
BCRYPT_ECCKEY_BLOB
BCRYPT_INTERFACE_VERSION
BCRYPT_KEY_BLOB
BCRYPT_KEY_DATA_BLOB_HEADER
BCRYPT_KEY_LENGTHS_STRUCT
BCRYPT_MULTI_HASH_OPERATION
BCRYPT_MULTI_OBJECT_LENGTH_STRUCT
BCRYPT_OAEP_PADDING_INFO
BCRYPT_OID
BCRYPT_OID_LIST
BCRYPT_PKCS1_PADDING_INFO
BCRYPT_PROVIDER_NAME
BCRYPT_PSS_PADDING_INFO
BCRYPT_RSAKEY_BLOB
CRYPT_CONTEXT_CONFIG
CRYPT_CONTEXT_FUNCTION_CONFIG
CRYPT_CONTEXT_FUNCTION_PROVIDERS
CRYPT_CONTEXT_FUNCTIONS
CRYPT_CONTEXTS
CRYPT_IMAGE_REF
CRYPT_IMAGE_REG
CRYPT_INTERFACE_REG
CRYPT_PROPERTY_REF
CRYPT_PROVIDER_REF
CRYPT_PROVIDER_REFS
CRYPT_PROVIDER_REG
CRYPT_PROVIDERS
NCRYPT_ALLOC_PARA
NCRYPT_KEY_BLOB_HEADER
NCRYPT_PROTECT_STREAM_INFO
NCRYPT_SUPPORTED_LENGTHS
NCRYPT_UI_POLICY
NCRYPT_UI_POLICY_BLOB
NCryptAlgorithmName
NCryptBuffer
NCryptBufferDesc
NCryptKeyName
NCryptProviderName
TOKENBINDING_IDENTIFIER
TOKENBINDING_KEY_TYPES
TOKENBINDING_RESULT_DATA
TOKENBINDING_RESULT_LIST
CNG Enumerations
BCRYPT_HASH_OPERATION_TYPE
BCRYPT_MULTI_OPERATION_TYPE
DSAFIPSVERSION_ENUM
HASHALGORITHM_ENUM
TOKENBINDING_EXTENSION_FORMAT
TOKENBINDING_TYPE
minutes to read • Edit Online
Purpose
Cryptography API: Next Generation (CNG) is the long-term replacement for the CryptoAPI. CNG is designed to be
extensible at many levels and cryptography agnostic in behavior.
Developer audience
CNG is intended for use by developers of applications that will enable users to create and exchange documents and
other data in a secure environment, especially over nonsecure media such as the Internet. Developers should be
familiar with the C and C++ programming languages and the Windows-based programming environment.
Although not required, an understanding of cryptography or security-related subjects is advised.
If you are developing a CNG cryptographic algorithm provider or key storage provider, you must download the
Cryptographic Provider Development Kit from Microsoft.
Run-time requirements
CNG is supported beginning with Windows Server 2008 and Windows Vista. For information about run-time
requirements for a particular programming element, see the Requirements section of the reference page for that
element.
In this section
TO P IC DESC RIP T IO N
About CNG Describes CNG features, cryptographic primitives, and key

storage, retrieval, import, and export.
Using CNG Explains how to use the cryptography configuration features

of CNG and typical CNG programming.
CNG Reference Detailed descriptions of the CNG programming elements.

These pages include reference descriptions of the API for
working with CNG.
Cryptography API: Next Generation (CNG) is the long-term replacement for the CryptoAPI. CNG is designed to be
extensible at many levels and cryptography agnostic in behavior.
Features
For information about the features of CNG, see CNG Features.
Cryptographic Primitives
For more information about the cryptographic primitives in CNG, see Cryptographic Primitives.
Key Storage and Retrieval

For more information about key storage and retrieval in CNG, see Key Storage and Retrieval.
Key Import and Export

For more information about importing and exporting keys, see Key Import and Export.
Data Protection API: Next Generation

CNG provides a set of APIs that can be used to easily encrypt and decrypt content to authorization principals
across multiple computers. For more information, see CNG DPAPI.
CNG has the following features.

Cryptographic Agility
Certification and Compliance
Suite B Support
Legacy Support
Kernel Mode Support
Auditing
Replaceable Random Number Generators
Thread Safety
Mode of Operation
Cryptographic Agility
One of the key value propositions of CNG is cryptographic agility, sometimes called cryptographic agnosticism.
Converting implementation of protocols like Secure Sockets Layer protocol (SSL) or transport layer security (TLS),
CMS (S/MIME), IPsec, Kerberos, and so on, to CNG, however, was required to make this ability valuable. At the CNG
level, it was necessary to provide substitution and discoverability for all the algorithm types (symmetric,
asymmetric, hash functions), random number generation, and other utility functions. The protocol-level changes
are more significant because in many cases the protocol APIs needed to add algorithm selection and other
flexibility options that did not previously exist.
CNG is first available in Windows Vista and is positioned to replace existing uses of CryptoAPI throughout the
Microsoft software stack. Third-party developers will find lots of new features in CNG, including:
A new crypto configuration system, supporting better cryptographic agility.
Finer-grained abstraction for key storage (and separation of storage from algorithm operations).
Process isolation for operations with long-term keys.
Replaceable random number generators.
Relief from export signing restrictions.
Thread-safety throughout the stack.
Kernel-mode cryptographic API.
In addition, CNG includes support for all required Suite B algorithms, including elliptic curve cryptography (ECC).
Existing CryptoAPI applications will continue to work as CNG becomes available.
Certification and Compliance

CNG is validated to Federal Information Processing Standards (FIPS) 140-2 and is part of the Target of Evaluation
for the Windows Common Criteria certification. CNG was designed to be usable as a component in a FIPS level 2
validated system.
CNG complies with Common Criteria requirements by storing and using long lived keys in a secure process.
Suite B Support
An important feature of CNG is its support for the Suite B algorithms. In February of 2005, the National Security
Agency (NSA) of the United States announced a coordinated set of symmetric encryption, asymmetric secret
agreement (also known as key exchange), digital signature and hash functions for future U.S. government use
called Suite B. The NSA has announced that certified Suite B implementations can and will be used for the
protection of information designated as Top Secret, Secret, and private information that, in the past was described
as Sensitive-But-Unclassified. Because of this, Suite B support is very important to application software vendors
and system integrators as well as to Microsoft.
All Suite B algorithms are publicly known. They have been developed outside the scope of the government secrecy
historically associated with cryptographic algorithm development. In this same time frame, some European
countries and regions have also proposed the same Suite B requirements for protecting their information.
Suite B cryptography recommends use of elliptic curve Diffie-Hellman (ECDH) in many existing protocols such as
the Internet Key Exchange (IKE, mainly used in IPsec), transport layer security (TLS), and Secure MIME (S/MIME).
CNG includes support for Suite B that extends to all required algorithms: AES (all key sizes), the SHA-2 family
(SHA-256, SHA-384 and SHA-512) of hashing algorithms, ECDH, and elliptic curve DSA (ECDSA) over the NIST-
standard prime curves P-256, P-384, and P-521. Binary curves, Koblitz curves, custom prime curves, and elliptic
curve Menezes-Qu-Vanstone (ECMQV) are not supported by the Microsoft algorithm providers included with
Windows Vista.
Legacy Support
CNG provides support for the current set of algorithms in CryptoAPI 1.0. Every algorithm that is currently
supported in CryptoAPI 1.0 will continue to be supported in CNG.
Kernel Mode Support

CNG supports cryptography in kernel mode. The same APIs are used in both kernel and user mode to fully support
the cryptography features. Both SSL/TLS and IPsec operate in kernel mode in addition to boot processes that will
be using CNG. Not all CNG functions can be called from kernel mode. The reference topic for the functions that
cannot be called from kernel mode will explicitly state that the function cannot be called from kernel mode.
Otherwise, all CNG functions can be called from kernel mode if the caller is running at PASSIVE_LEVEL IRQL. In
addition, some kernel mode CNG functions may be callable at DISPATCH_LEVEL IRQL , depending on the
provider's capabilities.
The Microsoft kernel security support provider interface (Ksecdd.sys) is a general purpose, software-based,
cryptographic module residing at the kernel mode level of Windows. Ksecdd.sys runs as a kernel mode export
driver, and provides cryptographic services through their documented interfaces to kernel components. The only
built-in Microsoft provider algorithm that is not supported by Ksecdd.sys is DSA.
Windows Ser ver 2008 and Windows Vista: CNG does not support pluggable algorithms and providers in
kernel mode. The only supported cryptographic algorithms available in kernel mode are those implementations
provided by Microsoft through the kernel mode CNG APIs.
Auditing
To comply with some of the Common Criteria requirements in addition to providing comprehensive security, many
actions that happen in the CNG layer are audited in the Microsoft software key storage provider (KSP). The
Microsoft KSP adheres to the following guidelines to create audit records in the security log:
Key and key-pair generation failures, including self-test failures, must be audited.
Key import and export must be audited.
Key destruction failures must be audited.
Persistent keys need to be audited when they are written to and read from files.
Pair-wise consistency check failures must be audited.
Secret key validation failures, if any, must be audited, for example, parity checks on 3DES keys.
Failures in encryption, decryption, hashing, signature, verification, key exchange, and random number
generation must be audited.
Cryptographic self-tests must be audited.
In general, if a key does not have a name, it is an ephemeral key. An ephemeral key does not persist, and the
Microsoft KSP does not generate audit records for ephemeral keys. The Microsoft KSP generates audit records in
user mode in the LSA process only. No audit record is generated by kernel mode CNG. Administrators need to
configure the audit policy to obtain all KSP audit logs from the security log. An administrator must run the
following command line to configure additional audits generated by KSPs:
auditpol /set /subcategor y:"other system events" /success:enable /failure:enable
Replaceable Random Number Generators

Another improvement that CNG provides is the ability to replace the default random number generator (RNG). In
CryptoAPI, it is possible to provide an alternate RNG as part of a cryptographic service provider (CSP), but it is not
possible to redirect the Microsoft Base CSPs to use another RNG. CNG makes it possible to explicitly specify a
particular RNG to use within particular calls.
Thread Safety
Any functions that modify the same area of memory at the same time (critical sections) when being called from
separate threads are not thread safe.
Mode of Operation
CNG supports three modes of operations that can be used with symmetric block ciphers through the encryption
APIs. These modes and their supportability are listed in the following table. The mode of operation can be changed
by setting the BCRYPT_CHAINING_MODE property for the algorithm provider by using the
BCr yptSetProper ty function.
B C RY P T _C H A IN IN G_M O DE
M O DE O F O P ERAT IO N VA L UE A L GO RIT H M S STA N DA RD
ECB (Electronic Codebook) BCRYPT_CHAIN_MODE_E Symmetric block ciphers SP800-38A

CB
CBC (Cipher Block Chaining) BCRYPT_CHAIN_MODE_C Symmetric block ciphers SP800-38A

BC
CFB (Cipher Feedback) BCRYPT_CHAIN_MODE_C Symmetric block ciphers SP800-38A

FB
CCM (Counter with CBC) BCRYPT_CHAIN_MODE_C AES SP800-38C

CM
GCM (Galois/Counter Mode) BCRYPT_CHAIN_MODE_ AES SP800-38D

GCM
NOTE
Only ECB, CBC, and CFB modes of operation are defined in Windows Vista. GCM and CCM require Windows Vista with
Service Pack 1 (SP1) or Windows Server 2008.
The CNG API provides a set of functions that perform basic cryptographic operations such as creating hashes or
encrypting and decrypting data. For more information about these functions, see CNG Cryptographic Primitive
Functions.
CNG implements numerous cryptographic algorithms. Each algorithm or class of algorithms exposes its own
primitive API. Multiple implementations of a given algorithm can be installed at the same time; however, only one
implementation will be the default at any given time.
Each algorithm class in CNG is represented by a primitive router. Applications using the CNG primitive functions
will link to the router binary file Bcrypt.dll in user mode, or Ksecdd.sys in kernel mode before calling the functions.
Various router routines manage all of the algorithm primitives. These routers track each algorithm implementation
installed on the system and route each function call to the appropriate primitive provider module.
CNG provides primitives for the following classes of algorithms.
A L GO RIT H M C L A SS DESC RIP T IO N
Random number generator Pluggable random number generation (RNG).
Hashing Algorithms used for hashing, such as SHA1 and SHA2.
Symmetric encryption Algorithms used for symmetric encryption, such as AES, 3DES,
and RC4.
Asymmetric encryption Asymmetric (public key) algorithms that support encryption,

such as RSA.
Signature Signature algorithms such as DSA and ECDSA. This class can
also be used with RSA.
Secret agreement Secret agreement algorithms such as Diffie-Hellman (DH) and

elliptic curve Diffie-Hellman (ECDH).
The following illustration shows the design and function of the CNG cryptographic primitives.
The header file Bcrypt.h defines the MS_PRIMITIVE_PROVIDER constant as "Microsoft Primitive Provider". To use
the Microsoft Primitive Provider, pass this value to BCr yptOpenAlgorithmProvider .
Key Storage Architecture

Key Types
Supported Algorithms
Key Directories and Files
Key Storage Architecture

CNG provides a model for private key storage that allows adapting to the current and future demands of creating
applications that use cryptography features such as public or private key encryption, as well as the demands of the
storage of key material. The key storage router is the central routine in this model and is implemented in Ncrypt.dll.
An application accesses the key storage providers (KSPs) on the system through the key storage router, which
conceals details, such as key isolation, from both the application and the storage provider itself. The following
illustration shows the design and function of the CNG key isolation architecture.
To comply with common criteria (CC) requirements, the long-lived keys must be isolated so that they are never
present in the application process. CNG currently supports the storage of asymmetric private keys by using the
Microsoft software KSP that is included with Windows Server 2008 and Windows Vista and installed by default.
Key isolation is enabled by default in Windows Server 2008 and Windows Vista. The key isolation feature is not
available on platforms prior to these. Also, third party KSPs are not loaded in the key isolation service (LSA
process). Only the Microsoft KSP is loaded in the key isolation service.
The LSA process is used as the key isolation process to maximize performance. All access to private keys goes
through the key storage router, which exposes a comprehensive set of functions for managing and using private
keys.
CNG stores the public portion of the stored key separately from the private portion. The public portion of a key
pair is also maintained in the key isolation service and is accessed by using local remote procedure call (LRPC). The
key storage router uses LRPC when calling into the key isolation process. All access to private keys goes through
the private key router and is audited by CNG.
As described above, a wide range of hardware storage devices can be supported. In each case, the interface to all of
these storage devices is identical. It includes functions to perform various private key operations as well as
functions that pertain to key storage and management.
CNG provides a set of APIs that are used to create, store, and retrieve cryptographic keys. For a list of these APIs,
see CNG Key Storage Functions.
Key Types
CNG supports the following key types:
Diffie-Hellman public and private keys.
Digital Signature Algorithm (DSA, FIPS 186-2) public and private keys.
RSA (PKCS #1) public and private keys.
Several legacy (CryptoAPI) public and private keys.
Elliptic Curve Cryptography public and private keys.
Supported Algorithms
CNG supports the following key algorithms.
A L GO RIT H M K EY / H A SH L EN GT H ( B IT S)
RSA 512 to 16384, in 64 bit increments
DH 512 to 16384, in 64 bit increments
DSA 512 to 1024, in 64 bit increments
ECDSA P-256, P-384, P-521 (NIST Curves)
ECDH P-256, P-384, P-521 (NIST Curves)
MD2 128
MD4 128
MD5 128
SHA-1 160
SHA-256 256
SHA-384 384
A L GO RIT H M K EY / H A SH L EN GT H ( B IT S)
SHA-512 512
Key Directories and Files

The Microsoft legacy CryptoAPI CSPs store private keys in the following directories.
K EY T Y P E DIREC TO RIES
User private %APPDATA%\Microsoft\Crypto\RSA\User SID\

%APPDATA%\Microsoft\Crypto\DSS\User SID\
Local system private %ALLUSERSPROFILE%\Application

Data\Microsoft\Crypto\RSA\S-1-5-18\
%ALLUSERSPROFILE%\Application
Data\Microsoft\Crypto\DSS\S-1-5-18\
Local service private %ALLUSERSPROFILE%\Application

Network service private %ALLUSERSPROFILE%\Application

Shared private %ALLUSERSPROFILE%\Application

Data\Microsoft\Crypto\RSA\MachineKeys
Data\Microsoft\Crypto\DSS\MachineKeys
CNG stores private keys in the following directories.
K EY T Y P E DIREC TO RY
User private %APPDATA%\Microsoft\Crypto\Keys
Local system private %ALLUSERSPROFILE%\Application

Data\Microsoft\Crypto\SystemKeys
Local service private %WINDIR%\ServiceProfiles\LocalService
Network service private %WINDIR%\ServiceProfiles\NetworkService
Shared private %ALLUSERSPROFILE%\Application

Data\Microsoft\Crypto\Keys
The following are some of the differences between the CryptoAPI and CNG key containers.
CNG uses different file names for key files than key files that are created by the Rsaenh.dll and Dssenh.dll legacy
CSPs. The legacy key files also have the .key extension, but CNG key files do not have the .key extension.
CNG fully supports Unicode key container names; CNG uses a hash of the Unicode container name, whereas
CryptoAPI uses a hash of the ANSI container name.
CNG is more flexible with regard to RSA key pairs. For example, CNG supports public exponents larger than 32-
bits in length, and it supports keys in which p and q are different lengths.
In CryptoAPI, the key container file is stored in a directory whose name is the textual equivalent of the user's
SID. This is no longer the case in CNG, which removes the difficulty of moving users from one domain to
another without losing all of their private keys.
The CNG KSP and key names are limited to MAX_PATH Unicode characters. The CryptoAPI CSP and key names
are limited to MAX_PATH ANSI characters.
CNG offers the capability of user-defined key properties. Users can create and associate custom properties with
keys, and have them stored with persisted keys.
When persisting a key, CNG can create two files. The first file contains the private key in the new CNG format and is
always created. This file is not usable by the legacy CryptoAPI CSPs. The second file contains the same private key
in the legacy CryptoAPI key container. The second file conforms to the format and location used by Rsaenh.dll.
Creation of the second file only occurs if the NCRYPT_WRITE_KEY_TO_LEGACY_STORE_FL AG flag is specified
when the NCr yptFinalizeKey function is called to finalize an RSA key. This feature is not supported for DSA and
DH keys.
When an application attempts to open an existing persisted key, CNG first attempts to open the native CNG file. If
this file does not exist, then CNG attempts to locate a matching key in the legacy CryptoAPI key container.
When you move or copy CryptoAPI keys from a source machine to a target machine with Windows User State
Migration Tool (USMT), CNG will fail to access the keys on the target machine. To access such migrated keys, you
must use the CryptoAPI.
You can import and export symmetric keys and asymmetric keys with CNG. And you can use key export and
import functionality to move keys between machines.
Symmetric keys
To import or export symmetric (or session) keys in which the same key is used to encrypt and decrypt some data,
you can use the BCr yptImpor tKey and BCr yptExpor tKey functions. Typically, you first export a key by using the
BCr yptExpor tKey function before importing by using the BCr yptImpor tKey function. The functions are
designed to enable encryption of exported and imported keys by using the hExportKey and hImportKey
parameters; however, the Microsoft implementation of these functions does not support encryption of exported
and imported keys.
Asymmetric keys
To import asymmetric (or public/private) key pairs in which one key is used to encrypt and the other is used to
decrypt some data, you can use either of the BCr yptImpor tKeyPair or NCr yptImpor tKey functions. A CNG
provider must encode the key pair by using a supported key BLOB type. BCr yptExpor tKey can be used to create
the encoded key BLOB. CNG Structures describes the key BLOB types and structures that Microsoft Key Storage
Provider supports.
For BCr yptExpor tKey to create a persisted key pair, the input key BLOB must contain a private key. Public keys are
not persisted.
The key name and export policy are not part of the BLOB structure defined in CNG Structures. However, if a BLOB is
of an opaque BLOB type (such as the memory image of an internal key state), the BLOB might contain the key
name and export-policy properties.
The following procedure describes how to import a persisted private key with its properties.
To impor t a persisted key
1. Create a persisted key by using the NCr yptCreatePersistedKey function.
2. Set any desired properties on the key object by using the NCr yptSetProper ty function.
3. Set the import key BLOB as a property on the key, with the BLOB type as the property name.
4. Finalize the persisted key import by using the NCr yptFinalizeKey function.
Microsoft introduced the data protection application programming interface (DPAPI) in Windows 2000. The API
consists of two functions, Cr yptProtectData and Cr yptUnprotectData . DPAPI is part of CryptoAPI and was
intended for developers who knew very little about using cryptography. The two functions could be used to
encrypt and decrypt static data on a single computer.
Cloud computing, however, often requires that content encrypted on one computer be decrypted on another.
Therefore, beginning with Windows 8, Microsoft extended the idea of using a relatively straightforward API to
encompass cloud scenarios. This new API, called DPAPI-NG, enables you to securely share secrets (keys,
passwords, key material) and messages by protecting them to a set of principals that can be used to unprotect
them on different computers after proper authentication and authorization. The following principals are currently
supported:
A group in an Active Directory forest.
Web credentials.
For more information, see the following topics:
Protection Providers
Protection Descriptors
Protected Data Format
DPAPI-NG is built on top of Cryptography Next Generation (CNG) and includes the following functions:
NCr yptCreateProtectionDescriptor
NCr yptCloseProtectionDescriptor
NCr yptProtectSecret
NCr yptQuer yProtectionDescriptorName
NCr yptRegisterProtectionDescriptorName
NCr yptStreamClose
NCr yptStreamOpenToProtect
NCr yptStreamOpenToUnprotect
NCr yptStreamUpdate
NCr yptUnprotectSecret
Beginning with Windows 8, Microsoft began distributing the providers that enable you to securely share encrypted
secrets and messages across computers. There are currently two key protection providers. The Microsoft Key
Protection provider allows you to protect content to a group in an Active Directory forest. The Microsoft Client Key
Protection provider allows you to protect content to a set of web credentials.
The correct protector to use is automatically chosen for you when the NCr yptCreateProtectionDescriptor
function parses the protection descriptor rule string your provide as input. The Microsoft Key Protection provider is
chosen for rule strings that begin with SID, SDDL, and LOCAL. The Microsoft Client Key Protection provider parses
rule strings that begin with WEBCREDENTIALS. For more information about rule strings, see Protection
Descriptors.
NOTE
Custom providers are not currently allowed.CNG DPAPI
Related topics
C
N
G
D
P
A
P
I
N
C
r
y
p
t
C
r
e
a
t
e
P
r
o
t
e
c
t
i
o
n
D
e
s
c
r
i
p
t
o
r
P
r
o
t
e
c
t
i
o
n
D
e
s
c
r
i
p
t
o
r
s
A protection descriptor rule string contains a sequential list of one or more protectors. There must be at least one
protector. If there is more than one, the protectors must be separated in the string by AND or OR . These values
must be capitalized. The following syntax shows the string format of a protection descriptor.
Descriptor = [ Protector-or
*( OR-separator Protector-or ) ]
Protector-or = Protector-and
*( AND-separator Protector-and )
OR-separator = "OR"
AND-separator = "AND"
Protector-and = providerName EQUALS providerAttributes
providerName = descr
providerAttribute = string | hexstring
; The following characters are to be escaped when they appear

; in the value to be encoded: ESC, one of <escaped>, leading
; SHARP or SPACE, trailing SPACE, and NULL.
string = [ ( leadchar / pair ) [ *( stringchar / pair )
( trailchar / pair ) ] ]
leadchar = LUTF1 / UTFMB

LUTF1 = %x01-1F / %x21 / %x24-2A / %x2D-3A / %x3D / %x3F-5B / %x5D-7F
trailchar = TUTF1 / UTFMB

TUTF1 = %x01-1F / %x21 / %x23-2A / %x2D-3A / %x3D / %x3F-5B / %x5D-7F
stringchar = SUTF1 / UTFMB

SUTF1 = %x01-21 / %x23-2A / %x2D-3A / %x3D / %x3F-5B / %x5D-7F
pair = ESC ( ESC / special / hexpair )

special = escaped / SPACE / SHARP / EQUALS
escaped = DQUOTE / PLUS / COMMA / SEMI / LANGLE / RANGLE
hexstring = SHARP 1*hexpair
hexpair = HEX HEX
descr = leadkeychar *keychar

leadkeychar = ALPHA
keychar = ALPHA / DIGIT / HYPHEN
number = DIGIT / ( LDIGIT 1*DIGIT )
ALPHA = %x41-5A / %x61-7A ; "A"-"Z" / "a"-"z"

DIGIT = %x30 / LDIGIT ; "0"-"9"
LDIGIT = %x31-39 ; "1"-"9"
HEX = DIGIT / %x41-46 / %x61-66 ; "0"-"9" / "A"-"F" / "a"-"f"
NULL = %x00 ; null (0)

SPACE = %x20 ; space (" ")
DQUOTE = %x22 ; quote (""")
SHARP = %x23 ; octothorpe (or sharp sign) ("#")
DOLLAR = %x24 ; dollar sign ("$")
SQUOTE = %x27 ; single quote ("'")
LPAREN = %x28 ; left paren ("(")
RPAREN = %x29 ; right paren (")")
PLUS = %x2B ; plus sign ("+")
COMMA = %x2C ; comma (",")
HYPHEN = %x2D ; hyphen ("-")
DOT = %x2E ; period (".")
SEMI = %x3B ; semicolon (";")
LANGLE = %x3C ; left angle bracket ("<")
EQUALS = %x3D ; equals sign ("=")
RANGLE = %x3E ; right angle bracket (">")
ESC = %x5C ; backslash ("\")
USCORE = %x5F ; underscore ("_")
LCURLY = %x7B ; left curly brace "{"
RCURLY = %x7D ; right curly brace "}"
; Any UTF-8 [RFC3629] encoded Unicode [Unicode] character

UTF8 = UTF1 / UTFMB
UTFMB = UTF2 / UTF3 / UTF4
UTF0 = %x80-BF
UTF1 = %x00-7F
UTF2 = %xC2-DF UTF0
UTF3 = %xE0 %xA0-BF UTF0 / %xE1-EC 2(UTF0) /
%xED %x80-9F UTF0 / %xEE-EF 2(UTF0)
UTF4 = %xF0 %x90-BF 2(UTF0) / %xF1-F3 3(UTF0) /
%xF4 %x80-8F 2(UTF0)
OCTET = %x00-FF ; Any octet (8-bit data unit)
Protection descriptors can currently be defined for the following types of authorization:
A group in an Active Directory forest.
A set of web credentials.
A certificate in the user's certificate store.
Examples of protection descriptor rule strings for an Active Directory group include the following:
"SID=S-1-5-21-4392301 AND SID=S-1-5-21-3101812"
"SDDL=O:S-1-5-5-0-290724G:SYD:(A;;CCDC;;;S-1-5-5-0-290724)(A;;DC;;;WD)"
"LOCAL=user"
"LOCAL=machine"
Examples of protection descriptor rule strings for a set of web credentials include the following:
"WEBCREDENTIALS=MyPasswordName"
"WEBCREDENTIALS=MyPasswordName,myweb.com"
Examples of protection descriptor rule strings for a certificate include the following:
"CERTIFICATE=HashID:sha1_hash_of_certificate"
"CERTIFICATE=CertBlob:base64String"
The protection descriptor you specify automatically determines which key protection provider is used. For more
information, see Protection Providers.
Note that the left side of the equals sign (=) must be SID , SDDL , LOCAL , WEBCREDENTIALS , or CERTIFICATE .
These values are not case sensitive.
You must specify a rule string (or a display name associated with a rule string) when you call the
NCr yptCreateProtectionDescriptor function. Alternatively, because protection descriptor rule strings are
somewhat cumbersome to use and remember, you can associate a display name with the rule string and register
both by using the NCr yptRegisterProtectionDescriptorName function. Then you can use the display name in
NCr yptCreateProtectionDescriptor .
Related topics
C
N
G
D
P
A
P
I
P
r
o
t
e
c
t
i
o
n
P
r
o
v
i
d
e
r
s
Protected data is stored as an ASN.1 encoded BLOB. The data is formatted as CMS (certificate message syntax)
enveloped content. The digital envelope contains encrypted content, recipient information that contains an
encrypted content encryption key (CEK), and a header that contains information about the content, including the
unencrypted protection descriptor rule string. This is shown by the following diagram.
Related topics
C
N
G
D
P
A
P
I
P
r
o
t
e
c
t
i
o
n
D
e
s
c
r
i
p
t
o
r
s
P
r
o
t
e
c
t
i
o
n
P
r
o
v
i
d
e
r
s
Using the Cryptography Configuration Features of CNG

Typical CNG Programming
The CNG API provides functions to enumerate and obtain information about registered providers.
Enumerating Providers
Getting Provider Registration Information
Enumerating Providers
You use the BCr yptEnumRegisteredProviders function to enumerate the registered providers. The
BCr yptEnumRegisteredProviders function can be called in one of two ways:
1. The first is to have the BCr yptEnumRegisteredProviders function allocate the memory. This is
accomplished by passing the address of a NULL pointer for the ppBuffer parameter. This code will allocate
the memory required for the CRYPT_PROVIDERS structure and the associated strings. When the
BCr yptEnumRegisteredProviders function is used in this manner, you must free the memory when it is
no longer needed by passing ppBuffer to the BCr yptFreeBuffer function.
The following example shows how to use the BCr yptEnumRegisteredProviders function to allocate the
buffer for you.
#include <windows.h>
#ifndef NT_SUCCESS
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
#endif
void EnumProviders1()
{
NTSTATUS status;
ULONG cbBuffer = 0;
PCRYPT_PROVIDERS pBuffer = NULL;
/*
Get the providers, letting the BCryptEnumRegisteredProviders
function allocate the memory.
*/
status = BCryptEnumRegisteredProviders(&cbBuffer, &pBuffer);
if (NT_SUCCESS(status))
{
if (pBuffer != NULL)
{
// Enumerate the providers.
for (ULONG i = 0; i < pBuffer->cProviders; i++)
{
printf("%S\n", pBuffer->rgpszProviders[i]);
}
}
}
else
{
printf("BCryptEnumRegisteredProviders failed with error "
"code 0x%08x\n", status);
}
if (NULL != pBuffer)
{
/*
Free the memory allocated by the
BCryptEnumRegisteredProviders function.
*/
BCryptFreeBuffer(pBuffer);
}
}
2. The second method is to allocate the required memory yourself. This is accomplished by calling the
BCr yptEnumRegisteredProviders function with NULL for the ppBuffer parameter. The
BCr yptEnumRegisteredProviders function will place in the value pointed to by the pcbBuffer parameter,
the required size, in bytes, of the CRYPT_PROVIDERS structure and all strings. You then allocate the
required memory and pass the address of this buffer pointer for the ppBuffer parameter in a second call to
the BCr yptEnumRegisteredProviders function.
The following example shows how to use the BCr yptEnumRegisteredProviders function to allocate and
use your own buffer.
#include <stdio.h>
#ifndef NT_SUCCESS
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
#endif
void EnumProviders2()
{
NTSTATUS status;
ULONG cbBuffer = 0;
// Get the required size of the buffer.

status = BCryptEnumRegisteredProviders(&cbBuffer, NULL);
if (STATUS_BUFFER_TOO_SMALL == status)
{
// Allocate the buffer.
PCRYPT_PROVIDERS pBuffer =
(PCRYPT_PROVIDERS)LocalAlloc(LPTR, cbBuffer);
if (NULL != pBuffer)
{
// Get the providers in the buffer that was allocated.
status = BCryptEnumRegisteredProviders(
&cbBuffer,
&pBuffer);
if (NT_SUCCESS(status))
{
for (ULONG i = 0; i < pBuffer->cProviders; i++)
{
// Enumerate the providers.
printf("%S\n", pBuffer->rgpszProviders[i]);
}
}
// Free the memory that was allocated.

LocalFree(pBuffer);
}
}
}
Getting Provider Registration Information

The BCr yptQuer yProviderRegistration function is used to obtain additional, registration-specific information
about a provider. This function takes the name of the provider that you want to obtain information for, the desired
provider mode (kernel mode, user mode, or both), and the identifier of the provider interface to retrieve the
registration information for. For example, to obtain the user mode registration information for the cipher interface
for the "Microsoft Primitive Provider" provider, you would make a call similar to the following.
BCryptQueryProviderRegistration(
MS_PRIMITIVE_PROVIDER,
CRYPT_UM,
BCRYPT_CIPHER_INTERFACE,
//...
);
Like the BCr yptEnumRegisteredProviders function, the BCr yptQuer yProviderRegistration function can
either allocate memory for you or you can allocate the memory yourself. The process is the same for the two
functions.
The CNG API implements an extensible provider model that lets you load a provider by specifying the required
cryptographic algorithm rather than a particular provider. The advantage is that an algorithm provider can be
replaced or upgraded and you will not have to change your code in any way to use the new provider. Also, if some
algorithm is determined to be unsafe in the future, a more secure version of that algorithm can be installed without
affecting your code. Most of the CNG APIs require a provider or an object created by a provider.
The typical steps involved in using the CNG API for cryptographic primitive operations are as follows:
1. Opening the Algorithm Provider
2. Getting or Setting Algorithm Properties
3. Creating or Importing a Key
4. Performing Cryptographic Operations
5. Closing the Algorithm Provider
For more information, see Programming Examples.
Opening the Algorithm Provider

The BCr yptOpenAlgorithmProvider function provides you with an algorithm provider handle that is used in
subsequent CNG APIs, such as BCr yptCreateHash or BCr yptGenerateKeyPair .
Getting or Setting Algorithm Properties

You can use the algorithm provider handle to get implementation details for the algorithm, such as the key size or
the current mode of operation. You use the BCr yptGetProper ty function to obtain specific properties.
You can also modify the properties of the algorithm. For example, If you want to use ECB block cipher chaining with
AES, you set the BCRYPT_CHAINING_MODE property of an AES algorithm to BCRYPT_CHAIN_MODE_ECB ;
the property is assigned to all AES keys created using this algorithm handle, without the need to configure each
and every AES key. You use the BCr yptSetProper ty function to modify these properties.
Creating or Importing a Key

Depending on the type of algorithm you use, you may need to create or load a key. For example, the
BCr yptEncr ypt function takes a key handle for the first parameter. If you want that function to encrypt data with a
symmetric encryption algorithm such as AES, you must first obtain a key. How you obtain the key depends on the
type of algorithm being used and the source of the key.
You can create ephemeral keys with the BCr yptGenerateSymmetricKey and BCr yptGenerateKeyPair
functions. You can also import ephemeral keys from a memory BLOB with the BCr yptImpor tKey and
BCr yptImpor tKeyPair functions.
For persisted keys, you use the key storage functions to load a key storage provider, and then create or load the
keys. You can also use these functions to create or load ephemeral keys by passing NULL for any container names.
For more information about the key storage functions, see CNG Key Storage Functions.
Performing Cryptographic Operations

You are now ready to perform the cryptographic operation, such as encrypting or decrypting data by using the
BCr yptEncr ypt or BCr yptDecr ypt functions, respectively.
Closing the Algorithm Provider

When the provider is no longer needed, you must pass the handle to the BCr yptCloseAlgorithmProvider
function to close the provider. This causes the provider to release any resources that have been allocated for that
algorithm provider instance. After a provider handle is closed, it cannot be reused.
Loading a provider can be a relatively time-intensive process. You should therefore cache any provider handles that
you will reference multiple times during the lifetime of your application.
Programming Examples
The following examples describe how to perform specific cryptographic operations using CNG.
Creating a Hash with CNG
Signing Data with CNG
Encrypting Data with CNG
A hash is a one way operation that is performed on a block of data to create a unique hash value that represents
the contents of the data. No matter when the hash is performed, the same hashing algorithm performed on the
same data will always produce the same hash value. If any of the data changes, the hash value will change
appropriately.
Hashes are not useful for encrypting data because they are not intended to be used to reproduce the original data
from the hash value. Hashes are most useful to verify the integrity of the data when used with an asymmetric
signing algorithm. For example, if you hashed a text message, signed the hash, and included the signed hash value
with the original message, the recipient could verify the signed hash, create the hash value for the received
message, and then compare this hash value with the signed hash value included with the original message. If the
two hash values are identical, the recipient can be reasonably sure that the original message has not been
modified.
The size of the hash value is fixed for a particular hashing algorithm. What this means is that no matter how large
or small the data block is, the hash value will always be the same size. As an example, the SHA256 hashing
algorithm has a hash value size of 256 bits.
Creating a Hashing Object
Creating a Reusable Hashing Object
Duplicating a Hash Object
Creating a Hashing Object

To create a hash using CNG, perform the following steps:
1. Open an algorithm provider that supports the desired algorithm. Typical hashing algorithms include MD2,
MD4, MD5, SHA-1, and SHA256. Call the BCr yptOpenAlgorithmProvider function and specify the
appropriate algorithm identifier in the pszAlgId parameter. The function returns a handle to the provider.
2. Perform the following steps to create the hashing object:
a. Obtain the size of the object by calling the BCr yptGetProper ty function to retrieve the
BCRYPT_OBJECT_LENGTH property.
b. Allocate memory to hold the hash object.
c. Create the object by calling the BCr yptCreateHash function.
3. Hash the data. This involves calling the BCr yptHashData function one or more times. Each call appends the
specified data to the hash.
4. Perform the following steps to obtain the hash value:
a. Retrieve the size of the value by calling the BCr yptGetProper ty function to get the
BCRYPT_HASH_LENGTH property.
b. Allocate memory to hold the value.
c. Retrieve the hash value by calling the BCr yptFinishHash function. After this function has been called,
the hash object is no longer valid.
5. To complete this procedure, you must perform the following cleanup steps:
a. Close the hash object by passing the hash handle to the BCr yptDestroyHash function.
b. Free the memory you allocated for the hash object.
c. If you will not be creating any more hash objects, close the algorithm provider by passing the
provider handle to the BCr yptCloseAlgorithmProvider function.
If you will be creating more hash objects, we suggest you reuse the algorithm provider rather than
creating and destroying the same type of algorithm provider many times.
d. When you have finished using the hash value memory, free it.
The following example shows how to create a hash value by using CNG.
// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF

// ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO
// THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
// PARTICULAR PURPOSE.
//
// Copyright (C) Microsoft. All rights reserved.
/*++
Abstract:
Sample program for SHA 256 hashing using CNG
--*/
#include <stdio.h>
#include <bcrypt.h>
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L)
static const BYTE rgbMsg[] =

{
0x61, 0x62, 0x63
};
void __cdecl wmain(

int argc,
__in_ecount(argc) LPWSTR *wargv)
{
BCRYPT_ALG_HANDLE hAlg = NULL;

BCRYPT_HASH_HANDLE hHash = NULL;
NTSTATUS status = STATUS_UNSUCCESSFUL;
DWORD cbData = 0,
cbHash = 0,
cbHashObject = 0;
PBYTE pbHashObject = NULL;
PBYTE pbHash = NULL;
UNREFERENCED_PARAMETER(argc);
UNREFERENCED_PARAMETER(wargv);
//open an algorithm handle

if(!NT_SUCCESS(status = BCryptOpenAlgorithmProvider(
&hAlg,
BCRYPT_SHA256_ALGORITHM,
NULL,
0)))
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptOpenAlgorithmProvider\n", status);
goto Cleanup;
}
//calculate the size of the buffer to hold the hash object

if(!NT_SUCCESS(status = BCryptGetProperty(
hAlg,
BCRYPT_OBJECT_LENGTH,
(PBYTE)&cbHashObject,
sizeof(DWORD),
&cbData,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptGetProperty\n", status);
goto Cleanup;
}
//allocate the hash object on the heap

pbHashObject = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbHashObject);
if(NULL == pbHashObject)
{
wprintf(L"**** memory allocation failed\n");
goto Cleanup;
}
//calculate the length of the hash

hAlg,
BCRYPT_HASH_LENGTH,
(PBYTE)&cbHash,
sizeof(DWORD),
&cbData,
0)))
{
goto Cleanup;
}
//allocate the hash buffer on the heap

pbHash = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbHash);
if(NULL == pbHash)
{
goto Cleanup;
}
//create a hash
if(!NT_SUCCESS(status = BCryptCreateHash(
hAlg,
&hHash,
pbHashObject,
cbHashObject,
NULL,
0,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptCreateHash\n", status);
goto Cleanup;
}
//hash some data

if(!NT_SUCCESS(status = BCryptHashData(
hHash,
(PBYTE)rgbMsg,
sizeof(rgbMsg),
0)))
{
{
wprintf(L"**** Error 0x%x returned by BCryptHashData\n", status);
goto Cleanup;
}
//close the hash

if(!NT_SUCCESS(status = BCryptFinishHash(
hHash,
pbHash,
cbHash,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptFinishHash\n", status);
goto Cleanup;
}
wprintf(L"Success!\n");
Cleanup:
if(hAlg)
{
BCryptCloseAlgorithmProvider(hAlg,0);
}
if (hHash)
{
BCryptDestroyHash(hHash);
}
if(pbHashObject)
{
HeapFree(GetProcessHeap(), 0, pbHashObject);
}
if(pbHash)
{
HeapFree(GetProcessHeap(), 0, pbHash);
}
Creating a Reusable Hashing Object

Beginning with Windows 8 and Windows Server 2012, you can create a reusable hashing object for scenarios that
require you to compute multiple hashes or HMACs in rapid succession. Do this by specifying the
BCRYPT_HASH_REUSABLE_FL AG when calling the BCr yptOpenAlgorithmProvider function. All Microsoft
hash algorithm providers support this flag. A hashing object created by using this flag can be reused immediately
after calling BCr yptFinishHash just as if it had been freshly created by calling BCr yptCreateHash . Perform the
following steps to create a reusable hashing object:
1. Open an algorithm provider that supports the desired hashing algorithm. Call the
BCr yptOpenAlgorithmProvider function and specify the appropriate algorithm identifier in the pszAlgId
parameter and BCRYPT_HASH_REUSABLE_FL AG in the dwFlags parameter. The function returns a handle
to the provider.
2. Perform the following steps to create the hashing object:
a. Obtain the size of the object by calling the BCr yptGetProper ty function to retrieve the
BCRYPT_OBJECT_LENGTH property.
b. Allocate memory to hold the hash object.
c. Create the object by calling the BCr yptCreateHash function. Specify
BCRYPT_HASH_REUSABLE_FL AG in the dwFlags parameter.
3. Hash the data by calling the BCr yptHashData function.
4. Perform the following steps to obtain the hash value:
a. Obtain the size of the hash value by calling the BCr yptGetProper ty function to get the
BCRYPT_HASH_LENGTH property.
b. Allocate memory to hold the value.
c. Get the hash value by calling BCr yptFinishHash .
5. To reuse the hashing object with new data, go to step 3.
6. To complete this procedure, you must perform the following cleanup steps:
a. Close the hash object by passing the hash handle to the BCr yptDestroyHash function.
b. Free the memory you allocated for the hash object.
c. If you will not be creating any more hash objects, close the algorithm provider by passing the provider
handle to the BCr yptCloseAlgorithmProvider function.
d. When you have finished using the hash value memory, free it.
Duplicating a Hash Object

In some circumstances, it may be useful to hash some amount of common data and then create two separate hash
objects from the common data. You do not have to create two separate hash objects and hash the common data
twice to accomplish this. You can create a single hash object and add all of the common data to the hash object.
Then, you can use the BCr yptDuplicateHash function to create a duplicate of the original hash object. The
duplicate hash object contains all of the same state information and hashed data as the original, but it is a
completely independent hash object. You can now add the unique data to each of the hash objects and obtain the
hash value as shown in the example. This technique is useful when hashing a possibly large amount of common
data. You only have to add the common data to the original hash one time, and then you can duplicate the hash
object to obtain a unique hash object.
Data signing does not protect the data. It only to verifies the integrity of the data. The sender hashes that data and
signs (encrypts) the hash by using a private key. The intended recipient performs verification by creating a hash of
the data received, decrypting the signature to obtain the original hash, and comparing the two hashes.
When data is signed, the sender creates a hash value and signs (encrypts) the hash by using a private key. This
signature is then attached to the data and sent in a message to a recipient. The hashing algorithm that was used to
create the signature must be known in advance by the recipient or identified in the message. How this is done is up
to the message protocol.
To verify the signature, the recipient extracts the data and the signature from the message. The recipient then
creates another hash value from the data, decrypts the signed hash by using the sender's public key, and compares
the two hash values. If the values are identical, the signature has been verified and the data is assumed to be
unaltered.
To create a signature by using CNG
1. Create a hash value for the data by using the CNG hashing functions. For more information about creating a
hash, see Creating a Hash With CNG.
2. Create an asymmetric key to sign the hash. You can either create a persistent key with the CNG Key Storage
Functions or an ephemeral key with the CNG Cryptographic Primitive Functions.
3. Use either the NCr yptSignHash or the BCr yptSignHash function to sign (encrypt) the hash value. This
function signs the hash value by using the asymmetric key.
4. Combine the data and signature into a message which can be sent sent to the intended recipient.
To verify a signature by using CNG
1. Extract the data and signature from the message.
2. Create a hash value for the data by using the CNG hashing functions. The hashing algorithm used must be the
same algorithm that was used to sign he hash.
3. Obtain the public portion of the asymmetric key pair that was used to sign the hash. How you obtain this key
depends on how the key was created and persisted. If the key was created or loaded with the CNG Key Storage
Functions, you will use the NCr yptOpenKey function to load the persisted key. If the key is an ephemeral key,
then it would have to have been saved to a key BLOB. You need to pass this key BLOB to either the
BCr yptImpor tKeyPair or the NCr yptImpor tKey function.
4. Pass the new hash value, the signature, and the key handle to either the NCr yptVerifySignature or the
BCr yptVerifySignature function. These functions perform verification by using the public key to decrypt the
signature and comparing the decrypted hash to the hash computed in step 2. The BCr yptVerifySignature
function will return STATUS_SUCCESS if the signature matches the hash or STATUS_INVALID_SIGNATURE if
the signature does not match the hash. The NCr yptVerifySignature function will return STATUS_SUCCESS if
the signature matches the hash or NTE_BAD_SIGNATURE if the signature does not match the hash.
Signing and Verifying Data Example

The following example shows how to use the cryptographic primitive APIs to sign data with a persisted key and
verify the signature with an ephemeral key.

//
/*++
Abstract:
Sample program for ECDSA 256 signing using CNG
Example for use of BCrypt/NCrypt API
Persisted key for signing and ephemeral key for verification
--*/
#include <stdio.h>
#include <bcrypt.h>
#include <ncrypt.h>
static const BYTE rgbMsg[] =

{
0x04, 0x87, 0xec, 0x66, 0xa8, 0xbf, 0x17, 0xa6,
0xe3, 0x62, 0x6f, 0x1a, 0x55, 0xe2, 0xaf, 0x5e,
0xbc, 0x54, 0xa4, 0xdc, 0x68, 0x19, 0x3e, 0x94,
};
void __cdecl wmain(

int argc,
{
NCRYPT_PROV_HANDLE hProv = NULL;
NCRYPT_KEY_HANDLE hKey = NULL;
BCRYPT_KEY_HANDLE hTmpKey = NULL;
SECURITY_STATUS secStatus = ERROR_SUCCESS;
BCRYPT_ALG_HANDLE hHashAlg = NULL,
hSignAlg = NULL;
BCRYPT_HASH_HANDLE hHash = NULL;
DWORD cbData = 0,
cbHash = 0,
cbBlob = 0,
cbSignature = 0,
cbHashObject = 0;
PBYTE pbHashObject = NULL;
PBYTE pbHash = NULL,
pbBlob = NULL,
pbSignature = NULL;
//open an algorithm handle

&hHashAlg,
BCRYPT_SHA1_ALGORITHM,
NULL,
0)))
{
goto Cleanup;
}
&hSignAlg,
BCRYPT_ECDSA_P256_ALGORITHM,
NULL,
0)))
{
goto Cleanup;
}
//calculate the size of the buffer to hold the hash object

hHashAlg,
(PBYTE)&cbHashObject,
sizeof(DWORD),
&cbData,
0)))
{
goto Cleanup;
}
//allocate the hash object on the heap

pbHashObject = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbHashObject);
if(NULL == pbHashObject)
{
goto Cleanup;
}
//calculate the length of the hash

hHashAlg,
BCRYPT_HASH_LENGTH,
(PBYTE)&cbHash,
sizeof(DWORD),
&cbData,
0)))
{
goto Cleanup;
}
//allocate the hash buffer on the heap

pbHash = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbHash);
if(NULL == pbHash)
{
goto Cleanup;
}
//create a hash
if(!NT_SUCCESS(status = BCryptCreateHash(
hHashAlg,
&hHash,
pbHashObject,
cbHashObject,
NULL,
0,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptCreateHash\n", status);
goto Cleanup;
}
//hash some data

if(!NT_SUCCESS(status = BCryptHashData(
hHash,
(PBYTE)rgbMsg,
sizeof(rgbMsg),
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptHashData\n", status);
goto Cleanup;
}
//close the hash

if(!NT_SUCCESS(status = BCryptFinishHash(
hHash,
pbHash,
cbHash,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptFinishHash\n", status);
goto Cleanup;
}
//open handle to KSP

if(FAILED(secStatus = NCryptOpenStorageProvider(
&hProv,
MS_KEY_STORAGE_PROVIDER,
0)))
{
wprintf(L"**** Error 0x%x returned by NCryptOpenStorageProvider\n", secStatus);
goto Cleanup;
}
//create a persisted key

if(FAILED(secStatus = NCryptCreatePersistedKey(
hProv,
&hKey,
NCRYPT_ECDSA_P256_ALGORITHM,
L"my ecc key",
0,
0)))
{
wprintf(L"**** Error 0x%x returned by NCryptCreatePersistedKey\n", secStatus);
goto Cleanup;
}
//create key on disk

if(FAILED(secStatus = NCryptFinalizeKey(hKey, 0)))
{
wprintf(L"**** Error 0x%x returned by NCryptFinalizeKey\n", secStatus);
goto Cleanup;
}
//sign the hash

if(FAILED(secStatus = NCryptSignHash(
hKey,
NULL,
pbHash,
cbHash,
NULL,
0,
&cbSignature,
0)))
{
wprintf(L"**** Error 0x%x returned by NCryptSignHash\n", secStatus);
goto Cleanup;
}
//allocate the signature buffer

pbSignature = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbSignature);
if(NULL == pbSignature)
{
goto Cleanup;
}
if(FAILED(secStatus = NCryptSignHash(
hKey,
NULL,
pbHash,
cbHash,
pbSignature,
cbSignature,
&cbSignature,
0)))
{
wprintf(L"**** Error 0x%x returned by NCryptSignHash\n", secStatus);
goto Cleanup;
}
if(FAILED(secStatus = NCryptExportKey(
hKey,
NULL,
BCRYPT_ECCPUBLIC_BLOB,
NULL,
NULL,
0,
&cbBlob,
0)))
{
wprintf(L"**** Error 0x%x returned by NCryptExportKey\n", secStatus);
goto Cleanup;
}
pbBlob = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbBlob);

if(NULL == pbBlob)
{
goto Cleanup;
}
if(FAILED(secStatus = NCryptExportKey(
hKey,
NULL,
NULL,
pbBlob,
cbBlob,
&cbBlob,
0)))
{
wprintf(L"**** Error 0x%x returned by NCryptExportKey\n", secStatus);
goto Cleanup;
}
if(!NT_SUCCESS(status = BCryptImportKeyPair(
hSignAlg,
NULL,
&hTmpKey,
pbBlob,
cbBlob,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptImportKeyPair\n", status);
goto Cleanup;
}
if(!NT_SUCCESS(status = BCryptVerifySignature(
if(!NT_SUCCESS(status = BCryptVerifySignature(
hTmpKey,
NULL,
pbHash,
cbHash,
pbSignature,
cbSignature,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptVerifySignature\n", status);
goto Cleanup;
}
Cleanup:
if(hHashAlg)
{
BCryptCloseAlgorithmProvider(hHashAlg,0);
}
if(hSignAlg)
{
BCryptCloseAlgorithmProvider(hSignAlg,0);
}
if (hHash)
{
BCryptDestroyHash(hHash);
}
if(pbHashObject)
{
HeapFree(GetProcessHeap(), 0, pbHashObject);
}
if(pbHash)
{
HeapFree(GetProcessHeap(), 0, pbHash);
}
if(pbSignature)
{
HeapFree(GetProcessHeap(), 0, pbSignature);
}
if(pbBlob)
{
HeapFree(GetProcessHeap(), 0, pbBlob);
}
if (hTmpKey)
{
BCryptDestroyKey(hTmpKey);
}
if (hKey)
{
NCryptDeleteKey(hKey, 0);
}
if (hProv)
{
NCryptFreeObject(hProv);
}
}
The primary use of any cryptography API is to encrypt and decrypt data. CNG allows you to encrypt data by using
a minimum number of function calls and allows you to perform all of the memory management. While many of
the protocol implementation details are left up to the user, CNG provides the primitives that perform the actual
data encryption and decryption tasks.
Encrypting Data
Encrypting Data Example
Decrypting Data
Encrypting Data
To encrypt data, perform the following steps:
1. Open an algorithm provider that supports encryption, such as BCRYPT_DES_ALGORITHM .
2. Create a key to encrypt the data with. A key can be created by using any of the following functions:
BCr yptGenerateKeyPair or BCr yptImpor tKeyPair for asymmetric providers.
BCr yptGenerateSymmetricKey or BCr yptImpor tKey for symmetric providers.
NOTE
Data encryption and decryption with an asymmetric key is computationally intensive compared to symmetric key
encryption. If you need to encrypt data with an asymmetric key, you should encrypt the data with a symmetric key,
encrypt the symmetric key with an asymmetric key, and include the encrypted symmetric key with the message. The
recipient can then decrypt the symmetric key and use the symmetric key to decrypt the data.
3. Obtain the size of the encrypted data. This is based on the encryption algorithm, the padding scheme (if
any), and the size of the data to be encrypted. You can obtain the encrypted data size by using the
BCr yptEncr ypt function, passing NULL for the pbOutput parameter. All other parameters must be the
same as when the data is actually encrypted except for the pbInput parameter, which is not used in this case.
4. You can either encrypt the data in place with the same buffer or encrypt the data into a separate buffer.
If you want to encrypt the data in place, pass the plaintext buffer pointer for both the pbInput and pbOutput
parameters in the BCr yptEncr ypt function. It is possible that the encrypted data size will be larger than the
unencrypted data size, so the plaintext buffer must be large enough to hold the encrypted data, not just the
plaintext. You can use the size obtained in step 3 to allocate the plaintext buffer.
If you want to encrypt the data into a separate buffer, allocate a memory buffer for the encrypted data by
using the size obtained in step 3.
5. Call the BCr yptEncr ypt function to encrypt the data. This function will write the encrypted data to the
location provided in the pbOutput parameter.
6. Persist the encrypted data as needed.
7. Repeat steps 5 and 6 until all of the data has been encrypted.
Encrypting Data Example
The following example shows how to encrypt data with CNG by using the advanced encryption standard
symmetric encryption algorithm.

//
/*++
Abstract:
Sample program for AES-CBC encryption using CNG
--*/
#include <stdio.h>
#include <bcrypt.h>
#define DATA_TO_ENCRYPT "Test Data"
const BYTE rgbPlaintext[] =

{
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
static const BYTE rgbIV[] =

{
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
static const BYTE rgbAES128Key[] =

{
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
void PrintBytes(
IN BYTE *pbPrintData,
IN DWORD cbDataLen)
{
DWORD dwCount = 0;
for(dwCount=0; dwCount < cbDataLen;dwCount++)

{
printf("0x%02x, ",pbPrintData[dwCount]);
if(0 == (dwCount + 1 )%10) putchar('\n');

}
void __cdecl wmain(

int argc,
{
BCRYPT_ALG_HANDLE hAesAlg = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
DWORD cbCipherText = 0,
cbPlainText = 0,
cbData = 0,
cbKeyObject = 0,
cbBlockLen = 0,
cbBlob = 0;
PBYTE pbCipherText = NULL,
pbPlainText = NULL,
pbKeyObject = NULL,
pbIV = NULL,
pbBlob = NULL;
// Open an algorithm handle.

&hAesAlg,
BCRYPT_AES_ALGORITHM,
NULL,
0)))
{
goto Cleanup;
}
// Calculate the size of the buffer to hold the KeyObject.

hAesAlg,
(PBYTE)&cbKeyObject,
sizeof(DWORD),
&cbData,
0)))
{
goto Cleanup;
}
// Allocate the key object on the heap.

pbKeyObject = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbKeyObject);
if(NULL == pbKeyObject)
{
goto Cleanup;
}
// Calculate the block length for the IV.

hAesAlg,
BCRYPT_BLOCK_LENGTH,
(PBYTE)&cbBlockLen,
sizeof(DWORD),
&cbData,
0)))
{
goto Cleanup;
}
// Determine whether the cbBlockLen is not longer than the IV length.

if (cbBlockLen > sizeof (rgbIV))
{
wprintf (L"**** block length is longer than the provided IV length\n");
wprintf (L"**** block length is longer than the provided IV length\n");
goto Cleanup;
}
// Allocate a buffer for the IV. The buffer is consumed during the
// encrypt/decrypt process.
pbIV= (PBYTE) HeapAlloc (GetProcessHeap (), 0, cbBlockLen);
if(NULL == pbIV)
{
goto Cleanup;
}
memcpy(pbIV, rgbIV, cbBlockLen);
if(!NT_SUCCESS(status = BCryptSetProperty(
hAesAlg,
BCRYPT_CHAINING_MODE,
(PBYTE)BCRYPT_CHAIN_MODE_CBC,
sizeof(BCRYPT_CHAIN_MODE_CBC),
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptSetProperty\n", status);
goto Cleanup;
}
// Generate the key from supplied input key bytes.

if(!NT_SUCCESS(status = BCryptGenerateSymmetricKey(
hAesAlg,
&hKey,
pbKeyObject,
cbKeyObject,
(PBYTE)rgbAES128Key,
sizeof(rgbAES128Key),
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptGenerateSymmetricKey\n", status);
goto Cleanup;
}
// Save another copy of the key for later.

if(!NT_SUCCESS(status = BCryptExportKey(
hKey,
NULL,
BCRYPT_OPAQUE_KEY_BLOB,
NULL,
0,
&cbBlob,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptExportKey\n", status);
goto Cleanup;
}
// Allocate the buffer to hold the BLOB.

pbBlob = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbBlob);
if(NULL == pbBlob)
{
goto Cleanup;
}
if(!NT_SUCCESS(status = BCryptExportKey(
hKey,
NULL,
pbBlob,
cbBlob,
&cbBlob,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptExportKey\n", status);
goto Cleanup;
}
cbPlainText = sizeof(rgbPlaintext);
pbPlainText = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbPlainText);
if(NULL == pbPlainText)
{
goto Cleanup;
}
memcpy(pbPlainText, rgbPlaintext, sizeof(rgbPlaintext));
//
// Get the output buffer size.
//
if(!NT_SUCCESS(status = BCryptEncrypt(
hKey,
pbPlainText,
cbPlainText,
NULL,
pbIV,
cbBlockLen,
NULL,
0,
&cbCipherText,
BCRYPT_BLOCK_PADDING)))
{
wprintf(L"**** Error 0x%x returned by BCryptEncrypt\n", status);
goto Cleanup;
}
pbCipherText = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbCipherText);

if(NULL == pbCipherText)
{
goto Cleanup;
}
// Use the key to encrypt the plaintext buffer.

// For block sized messages, block padding will add an extra block.
if(!NT_SUCCESS(status = BCryptEncrypt(
hKey,
pbPlainText,
cbPlainText,
NULL,
pbIV,
cbBlockLen,
pbCipherText,
cbCipherText,
&cbData,
{
wprintf(L"**** Error 0x%x returned by BCryptEncrypt\n", status);
goto Cleanup;
}
// Destroy the key and reimport from saved BLOB.

if(!NT_SUCCESS(status = BCryptDestroyKey(hKey)))
{
wprintf(L"**** Error 0x%x returned by BCryptDestroyKey\n", status);
goto Cleanup;
}
}
hKey = 0;
if(pbPlainText)
{
HeapFree(GetProcessHeap(), 0, pbPlainText);
}
pbPlainText = NULL;
// We can reuse the key object.

memset(pbKeyObject, 0 , cbKeyObject);
// Reinitialize the IV because encryption would have modified it.

memcpy(pbIV, rgbIV, cbBlockLen);
if(!NT_SUCCESS(status = BCryptImportKey(
hAesAlg,
NULL,
&hKey,
pbKeyObject,
cbKeyObject,
pbBlob,
cbBlob,
0)))
{
wprintf(L"**** Error 0x%x returned by BCryptGenerateSymmetricKey\n", status);
goto Cleanup;
}
//
// Get the output buffer size.
//
if(!NT_SUCCESS(status = BCryptDecrypt(
hKey,
pbCipherText,
cbCipherText,
NULL,
pbIV,
cbBlockLen,
NULL,
0,
&cbPlainText,
{
wprintf(L"**** Error 0x%x returned by BCryptDecrypt\n", status);
goto Cleanup;
}
pbPlainText = (PBYTE)HeapAlloc (GetProcessHeap (), 0, cbPlainText);

if(NULL == pbPlainText)
{
goto Cleanup;
}
if(!NT_SUCCESS(status = BCryptDecrypt(
hKey,
pbCipherText,
cbCipherText,
NULL,
pbIV,
cbBlockLen,
pbPlainText,
cbPlainText,
&cbPlainText,
&cbPlainText,
{
wprintf(L"**** Error 0x%x returned by BCryptDecrypt\n", status);
goto Cleanup;
}
if (0 != memcmp(pbPlainText, (PBYTE)rgbPlaintext, sizeof(rgbPlaintext)))

{
wprintf(L"Expected decrypted text comparison failed.\n");
goto Cleanup;
}
Cleanup:
if(hAesAlg)
{
BCryptCloseAlgorithmProvider(hAesAlg,0);
}
if (hKey)
{
BCryptDestroyKey(hKey);
}
if(pbCipherText)
{
HeapFree(GetProcessHeap(), 0, pbCipherText);
}
if(pbPlainText)
{
HeapFree(GetProcessHeap(), 0, pbPlainText);
}
if(pbKeyObject)
{
HeapFree(GetProcessHeap(), 0, pbKeyObject);
}
if(pbIV)
{
HeapFree(GetProcessHeap(), 0, pbIV);
}
Decrypting Data
To decrypt data, perform the following steps:
1. Open an algorithm provider that supports encryption, such as BCRYPT_DES_ALGORITHM .
2. Obtain the key that the data was encrypted with, and use that key to obtain a handle for the key.
3. Obtain the size of the decrypted data. This is based on the encryption algorithm, the padding scheme (if
any), and the size of the data to be decrypted. You can obtain the encrypted data size by using the
BCr yptDecr ypt function, passing NULL for the pbOutput parameter. The parameters that specify the
padding scheme and initialization vector (IV) must be the same as when the data was encrypted except for
the pbInput parameter, which is not used in this case.
4. Allocate a memory buffer for the decrypted data.
5. You can either decrypt the data in place by using the same buffer, or decrypt the data into a separate buffer.
If you want to decrypt the data in place, pass the ciphertext buffer pointer for both the pbInput and
pbOutput parameters in the BCr yptDecr ypt function.
If you want to decrypt the data into a separate buffer, allocate a memory buffer for the decrypted data by
using the size obtained in step 3.
6. Call the BCr yptDecr ypt function to decrypt the data. The parameters that specify the padding scheme and
IV must be the same as when the data was encrypted. This function will write the decrypted data to the
location provided in the pbOutput parameter.
7. Persist the decrypted data as needed.
8. Repeat steps 5 and 6 until all of the data has been decrypted.
The Cryptographic Next Generation (CNG) reference pages contain detailed descriptions of the CNG programming
elements. These pages include reference descriptions of the API for working with CNG.
Reference pages are divided into the following groups:
CNG Constants
CNG Cryptographic Configuration Functions
CNG Cryptographic Primitive Functions
CNG DPAPI Functions
CNG Helper Functions
CNG Key Storage Functions
CNG SSL Provider Functions
CNG Token Binding Functions
CNG Structures
CNG Enumerations
Cryptography API: Next Generation (CNG) defines the following constants.

CNG Algorithm Identifiers
CNG DPAPI Constants
CNG Interface Identifiers
Cr yptography Primitive Proper ty Identifiers
Key Storage Proper ty Identifiers
Beginning in Windows 10, CNG provides support for the following named elliptic curves (ANSI X9.62, X9.63, FIPS
186-2).
**BCRYPT\_ECC\_CURVE\_25519**
Nc
a u
mr
e v
e
2
5
5
1
9
S C
t u
a r
n v
d e
a 2
r 5
d 5
1
9
K 2
e 5
y 5
s
i
z
e
(
b
i
t
s
)
T
L
S
c
a
p
a
b
l
e
ON
b o
j n
e e
c
t
i
d
e
n
t
i
f
i
e
r
**BCRYPT\_ECC\_CURVE\_BRAINPOOLP160R1**
Nb
a r
ma
e i
n
p
o
o
l
P
1
6
0
r
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 1
e 6
y 0
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
1
**BCRYPT\_ECC\_CURVE\_BRAINPOOLP160T1**
Nb
a r
ma
e i
n
p
o
o
l
P
1
6
0
t
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 1
e 6
y 0
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
2
Nb
a r
ma
e i
n
p
o
o
l
P
1
9
2
r
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
3
Nb
a r
ma
e i
n
p
o
o
l
P
1
9
2
t
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
4
Nb
a r
ma
e i
n
p
o
o
l
P
2
2
4
r
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 2
e 2
y 4
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
5
Nb
a r
ma
e i
n
p
o
o
l
P
2
2
4
t
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 2
e 2
y 4
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
6
Nb
a r
ma
e i
n
p
o
o
l
P
2
5
6
r
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 2
e 5
y 6
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
7
Nb
a r
ma
e i
n
p
o
o
l
P
2
5
6
t
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 2
e 5
y 6
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
8
Nb
a r
ma
e i
n
p
o
o
l
P
3
2
0
r
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 3
e 2
y 0
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
9
**BCRYPT\_ECC\_CURVE\_BRAINPOOLP32
0T1**
Nb
a r
ma
e i
n
p
o
o
l
P
3
2
0
t
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 3
e 2
y 0
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
1
0
Nb
a r
ma
e i
n
p
o
o
l
P
3
8
4
r
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 3
e 8
y 4
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
1
1
Nb
a r
ma
e i
n
p
o
o
l
P
3
8
4
t
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 3
e 8
y 4
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
1
2
Nb
a r
ma
e i
n
p
o
o
l
P
5
1
2
r
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 5
e 1
y 2
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
1
3
Nb
a r
ma
e i
n
p
o
o
l
P
5
1
2
t
1
S E
t C
a C
n B
d r
a a
r i
d n
p
o
o
l
S
t
a
n
d
a
r
d
C
u
r
v
e
s
a
n
d
C
u
r
v
e
G
e
n
e
r
a
t
i
o
n
K 5
e 1
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 3
t 6
i .
d 3
e .
n 3
t .
i 2
f .
i 8
e .
r 1
.
1
.
1
4
**BCRYPT\_ECC\_CURVE\_EC192WAPI**
Ne
a c
m1
e 9
2
w
a
p
i
S C
t h
a i
n n
d e
a s
r e
d N
a
t
i
o
n
a
l
S
t
a
n
d
a
r
d
f
o
r
W
i
r
e
l
e
s
s
L
A
N
s
(
G
B
1
5
6
2
9
.
1
1
-
2
0
0
3
)
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 1
t 5
i 6
d .
e 1
n 1
t 2
i 3
f 5
i .
e 1
r .
1
.
2
.
1
**BCRYPT\_ECC\_CURVE\_NISTP192**
Nn
a i
ms
e t
P
1
9
2
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
s
f
o
r
F
e
d
e
r
a
l
G
o
v
e
r
n
m
e
n
t
U
s
e
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
1
Nn
a i
ms
e t
P
2
2
4
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
s
f
o
r
F
e
d
e
r
a
l
G
o
v
e
r
n
m
e
n
t
U
s
e
K 2
e 2
y 4
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 3
f
i
e
r
Nn
a i
ms
e t
P
2
5
6
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
s
f
o
r
F
e
d
e
r
a
l
G
o
v
e
r
n
m
e
n
t
U
s
e
K 2
e 5
y 6
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
7
Nn
a i
ms
e t
P
3
8
4
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
s
f
o
r
F
e
d
e
r
a
l
G
o
v
e
r
n
m
e
n
t
U
s
e
K 3
e 8
y 4
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 4
f
i
e
r
Nn
a i
ms
e t
P
5
2
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
s
f
o
r
F
e
d
e
r
a
l
G
o
v
e
r
n
m
e
n
t
U
s
e
K 5
e 2
y 1
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 5
f
i
e
r
**BCRYPT\_ECC\_CURVE\_NUMSP256T1**
Nn
a u
mm
e s
P
2
5
6
t
1
S S
t p
a e
n c
d i
a f
r i
d c
a
t
i
o
n
o
f
C
u
r
v
v
e
S
e
l
e
c
t
i
o
n
a
n
d
S
u
p
p
o
r
t
e
d
C
u
r
v
e
P
a
r
a
m
e
t
e
r
s
i
n
M
S
R
E
C
C
L
i
b
K 2
e 5
y 6
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
ON
b o
j n
e e
c
t
i
d
e
n
t
i
f
i
e
r
Nn
a u
mm
e s
P
3
8
4
t
1
S S
t p
a e
n c
d i
a f
r i
d c
a
t
i
o
n
o
f
C
u
r
v
v
e
S
e
l
e
c
t
i
o
n
a
n
d
S
u
p
p
o
r
t
e
d
C
u
r
v
e
P
a
r
a
m
e
t
e
r
s
i
n
M
S
R
E
C
C
L
i
b
K 3
e 8
y 4
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
ON
b o
j n
e e
c
t
i
d
e
n
t
i
f
i
e
r
Nn
a u
mm
e s
P
5
1
2
t
1
S S
t p
a e
n c
d i
a f
r i
d c
a
t
i
o
n
o
f
C
u
r
v
v
e
S
e
l
e
c
t
i
o
n
a
n
d
S
u
p
p
o
r
t
e
d
C
u
r
v
e
P
a
r
a
m
e
t
e
r
s
i
n
M
S
R
E
C
C
L
i
b
K 5
e 1
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
ON
b o
j n
e e
c
t
i
d
e
n
t
i
f
i
e
r
**BCRYPT\_ECC\_CURVE\_SECP160K1**
Ns
a e
mc
e P
1
6
0
k
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 1
e 6
y 0
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 9
i
f
i
e
r
**BCRYPT\_ECC\_CURVE\_SECP160R1**
Ns
a e
mc
e P
1
6
0
r
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 1
e 6
y 0
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 8
i
f
i
e
r
Ns
a e
mc
e P
1
6
0
r
2
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 1
e 6
y 0
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 0
f
i
e
r
Ns
a e
mc
e P
1
9
2
k
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 1
f
i
e
r
Ns
a e
mc
e P
1
9
2
r
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
1
Ns
a e
mc
e P
2
2
4
k
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 2
e 2
y 4
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 2
f
i
e
r
Ns
a e
mc
e P
2
2
4
r
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 2
e 2
y 4
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 3
f
i
e
r
Ns
a e
mc
e P
2
5
6
k
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 2
e 5
y 6
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 1
i 0
f
i
e
r
Ns
a e
mc
e P
2
5
6
r
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 2
e 5
y 6
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
7
Ns
a e
mc
e P
3
8
4
r
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 3
e 8
y 4
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 4
f
i
e
r
Ns
a e
mc
e P
5
2
1
r
1
S R
t e
a c
n o
d m
a m
r e
d n
d
e
d
E
l
l
i
p
t
i
c
C
u
r
v
e
D
o
m
a
i
n
P
a
r
a
m
e
t
e
r
s
K 5
e 2
y 1
s
i
z
e
(
b
i
t
s
)
T Y
L e
S s
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 5
f
i
e
r
**BCRYPT\_ECC\_CURVE\_WTLS12**
Nw
a t
ml
e s
1
2
S W
t T
a L
n S
d
a
r
d
K 2
e 2
y 4
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 3
f
i
e
r
Nw
a t
ml
e s
7
S W
t T
a L
n S
d
a
r
d
K 1
e 6
y 0
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 3
e .
c 1
t 3
i 2
d .
e 0
n .
t 3
i 0
f
i
e
r
Nw
a t
ml
e s
9
S W
t T
a L
n S
d
a
r
d
K 1
e 6
y 0
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O2
b .
j 2
e 3
c .
t 4
i 3
d .
e 1
n .
t 4
i .
f 9
i
e
r
**BCRYPT\_ECC\_CURVE\_X962P192V1**
Nx
a 9
m6
e 2
P
1
9
2
v
1
S A
t N
a S
n I
d X
a 9
r .
d 6
2
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
1
Nx
a 9
m6
e 2
P
1
9
2
v
2
S A
t N
a S
n I
d X
a 9
r .
d 6
2
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
2
Nx
a 9
m6
e 2
P
1
9
2
v
3
S A
t N
a S
n I
d X
a 9
r .
d 6
2
K 1
e 9
y 2
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
3
Nx
a 9
m6
e 2
P
2
3
9
v
1
S A
t N
a S
n I
d X
a 9
r .
d 6
2
K 2
e 3
y 9
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
4
Nx
a 9
m6
e 2
P
2
3
9
v
2
S A
t N
a S
n I
d X
a 9
r .
d 6
2
K 2
e 3
y 9
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
5
Nx
a 9
m6
e 2
P
2
3
9
v
3
S A
t N
a S
n I
d X
a 9
r .
d 6
2
K 2
e 3
y 9
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
6
Nx
a 9
m6
e 2
P
2
5
6
v
1
S A
t N
a S
n I
d X
a 9
r .
d 6
2
K 2
e 5
y 6
s
i
z
e
(
b
i
t
s
)
T N
L o
S
c
a
p
a
b
l
e
O1
b .
j 2
e .
c 8
t 4
i 0
d .
e 1
n 0
t 0
i 4
f 5
i .
e 3
r .
1
.
7
Remarks
To use a named curve, call BCr yptOpenAlgorithmProvider using either the BCRYPT_ECDSA_ALGORITHM or
the BCRYPT_ECDH_ALGORITHM as the algorithm ID. Then, call BCr yptSetProper ty and set the
BCRYPT_ECC_CURVE_NAME property to one of the above curves or any named curves registered on the
computer as shown by the certutil -displaytEccCurve command.
Requirements
Minimum supported client Windows 10 [desktop apps only]
Minimum supported server Windows Server 2016 [desktop apps only]
Header
Bcry
pt.h
See also
B
C
r
y
p
t
O
p
e
n
A
l
g
o
r
i
t
h
m
P
r
o
v
i
d
e
r
N
C
r
y
p
t
C
r
e
a
t
e
P
e
r
s
i
s
t
e
d
K
e
y
Beginning in Windows 10, CNG provides pre-defined algorithm handles for many algorithms. You can use these
handles in any situation that requires an algorithm handle.
Hash and Message Authentication Code (MAC) Algorithms

C O N STA N T DESC RIP T IO N
BCRYPT_MD2_ALG_HANDLE A handle for the MD2 hash algorithm. Standard: RFC 1319.
BCRYPT_SHA1_ALG_HANDLE A handle for the 160-bit secure hash algorithm. Standard: FIPS
180-2, FIPS 198.
180-2, FIPS 198.
180-2, FIPS 198.
180-2, FIPS 198.
BCRYPT_HMAC_MD2_ALG_HANDLE A handle for the hash-based message authentication code

using the MD2 hash algorithm. Standard: RFC 2104, RFC
1319.

1320.

1321.
BCRYPT_HMAC_SHA1_ALG_HANDLE A handle for the hash-based message authentication code

using the 160-bit secure hash algorithm. Standard: RFC 2014,
FIPS 180-2, FIPS 198.

FIPS 180-2, FIPS 198.

FIPS 180-2, FIPS 198.

FIPS 180-2, FIPS 198.
Stream Cipher Algorithms

BCRYPT_RC4_ALG_HANDLE A handle for the RC4 stream cipher algorithm. Standard:

Various.
Random Number Generator Algorithms

BCRYPT_RC4_ALG_HANDLE A handle for the random-number generator algorithm.

Standard: FIPS 186-2, FIPS 140-2, NIST SP 800-90. Note
Beginning with Windows Vista with SP1 and Windows Server
2008, the random number generator is based on the AES
counter mode specified in the NIST SP 800-90 standard.
Windows Vista: The random number generator is based on
the hash-based random number generator specified in the
FIPS 186-2 standard.
Windows 8: The RNG algorithm supports FIPS 186-3. Keys
less than or equal to 1024 bits adhere to FIPS 186-2 and keys
greater than 1024 to FIPS 186-3.
Asymmetric Algorithms
BCRYPT_RSA_ALG_HANDLE A handle for the RSA public key algorithm Standard: PKCS #1
v1.5 and v2.0.
Block Cipher and Cipher-based Message Authentication Code

Algorithms
BCRYPT_3DES_CBC_ALG_HANDLE A handle for the triple Data Encryption Standard algorithm

using Cipher Block Chaining mode (CBC). Standard: SP800-67,
SP800-38A.
BCRYPT_3DES_ECB_ALG_HANDLE A handle for the triple Data Encryption Standard algorithm

using Electronic Cookbook mode (ECB). Standard: SP800-67,
SP800-38A.
BCRYPT_3DES_CFB_ALG_HANDLE A handle for the triple Data Encryption Standard algorithm

using Cipher Feedback mode (CFB). Standard: SP800-67,
SP800-38A.
BCRYPT_3DES_112_CBC_ALG_HANDLE A handle for the 112-bit triple Data Encryption Standard

algorithm using Cipher Block Chaining mode (CBC). Standard:
SP800-67, SP800-38A.
BCRYPT_3DES_112_CBC_ALG_HANDLE A handle for the 112-bit triple Data Encryption Standard

algorithm using Cipher Block Chaining mode (CBC). Standard:
SP800-67, SP800-38A.
BCRYPT_3DES_112_ECB_ALG_HANDLE A handle for the 112-bit triple Data Encryption Standard

algorithm using Electronic Cookbook mode (ECB). Standard:
SP800-67, SP800-38A.
BCRYPT_3DES_112_CFB_ALG_HANDLE A handle for the 112-bit triple Data Encryption Standard

algorithm using Cipher Feedback mode (CFB). Standard:
SP800-67, SP800-38A.
BCRYPT_AES_CMAC_ALG_HANDLE A handle for the Advanced Encryption standard (AES) cipher-

based message authentication code (CMAC) algorithm.
Standard: SP800-38B.
BCRYPT_AES_CBC_ALG_HANDLE A handle for the Advanced Encryption Standard (AES)

algorithm using Cipher Block Chaining Mode (CBC). Standard:
FIPS 197.
BCRYPT_AES_ECB_ALG_HANDLE A handle for the Advanced Encryption Standard (AES)

algorithm using Electronic Cookbook Mode (ECB). Standard:
FIPS 197.
BCRYPT_AES_CFB_ALG_HANDLE A handle for the Advanced Encryption Standard (AES)

algorithm using Cipher Feedback Mode (CFB). Standard: FIPS
197.
BCRYPT_AES_CCM_ALG_HANDLE A handle for the Advanced Encryption Standard (AES)

algorithm using Counter with CBC-MAC Mode (CCM).
Standard: FIPS 197.
BCRYPT_AES_GCM_ALG_HANDLE A handle for the Advanced Encryption Standard (AES)

algorithm using Galois Counter Mode (GCM). Standard: FIPS
197.
BCRYPT_DES_CBC_ALG_HANDLE A handle for the Data Encryption Standard (DES) algorithm

using Cipher Block Chaining Mode (GCM). Standard: FIPS 46-
3, FIPS 81.
BCRYPT_DES_ECB_ALG_HANDLE A handle for the Data Encryption Standard (DES) algorithm

using Electronic Cookbook Mode (ECB). Standard: FIPS 46-3,
FIPS 81.
BCRYPT_DES_CFB_ALG_HANDLE A handle for the Data Encryption Standard (DES) algorithm

using Cipher Feedback Mode (CFB). Standard: FIPS 46-3, FIPS
81.
BCRYPT_3DES_ALG_HANDLE A handle for the Triple Data Encryption Standard symmetric

encryption algorithm. Standard: SP800-67, SP800-38A.
BCRYPT_3DES_112_ALG_HANDLE A handle for the 112-bit Triple Data Encryption Standard

symmetric encryption algorithm. Standard: SP800-67, SP800-
38A.
BCRYPT_AES_ALG_HANDLE A handle for the Advanced Encryption Standard (AES)

symmetric encryption algorithm. Standard: FIPS 197.
BCRYPT_AES_CMAC_ALG_HANDLE A handle for the Advanced Encryption Standard (AES) cipher

based message authentication code (CMAC) symmetric
encryption algorithm. Standard: SP 800-38B. **Windows 8: **
Support for this algorithm begins.
BCRYPT_AES_GMAC_ALG_HANDLE A handle for the Advanced Encryption Standard (AES) Galois

message authentication code (GMAC) symmetric encryption
algorithm. Standard: SP800-38D.**Windows Vista SP1: **
Support for this algorithm begins.
BCRYPT_CAPI_KDF_ALG_HANDLE A handle to the Crypto API (CAPI) key derivation function

algorithm. Used by the BCr yptKeyDerivation and
NCr yptKeyDerivation functions.
BCRYPT_DES_ALG_HANDLE A handle to the Data Encryption Standard (DES) symmetric

encryption algorithm. Standard: FIPS 46-3, FIPS 81.
BCRYPT_DESX_ALG_HANDLE A handle to the extended Data Encryption Standard (DES)

symmetric encryption algorithm. Standard: None.
BCRYPT_DH_ALG_HANDLE A handle to the Diffie-Hellman key exchange algorithm.

Standard: PKCS #3.
BCRYPT_DSA_ALG_HANDLE A handle to the Digital Signature Algorithm (DSA) digital

signature algorithm. Standard: FIPS 186-2.Note Beginning
with Windows 8, this algorithm supports FIPS 186-3. Keys less
than or equal to 1024 bits adhere to FIPS 186-2 and keys
BCRYPT_ECDH_P256_ALG_HANDLE A handle to the 256-bit prime elliptic curve Diffie-Hellman key

exchange algorithm. Standard: SP800-56A.


BCRYPT_ECDSA_P256_ALG_HANDLE A handle to the 256-bit prime elliptic curve digital signature

algorithm (FIPS 186-2). Standard: FIPS 186-2, X9.62.

algorithm (FIPS 186-2). Standard: FIPS 186-2, X9.62

algorithm (FIPS 186-2). Standard: FIPS 186-2, X9.62
BCRYPT_MD2_ALG_HANDLE A handle to the MD2 hash algorithm. Standard: RFC 1319

BCRYPT_RC2_ALG_HANDLE A handle to the RC2 block symmetric encryption algorithm.

Standard: RFC 2268.
BCRYPT_RC4_ALG_HANDLE A handle to the RC4 symmetric encryption algorithm.

Standard: Various
BCRYPT_RNG_ALG_HANDLE A handle to the random-number generator algorithm.Note

Beginning with Windows Vista with SP1 and Windows Server
2008, the random number generator is based on the AES
counter mode specified in the NIST SP 800-90 standard.
Windows 8: The RNG algorithm supports FIPS 186-3. Keys
less than or equal to 1024 bits adhere to FIPS 186-2 and keys
BCRYPT_RNG_FIPS186_DSA_ALG_HANDLE A handle to the random-number generator algorithm suitable

for DSA (Digital Signature Algorithm). Standard: FIPS 186-2
Windows 8: Support for FIPS 186-3 begins.
BCRYPT_RSA_ALG_HANDLE A handle to the RSA public key algorithm. Standard: PKCS #1

v1.5 and v2.0.
BCRYPT_RSA_SIGN_ALG_HANDLE A handle to the RSA signature algorithm. This algorithm is not

currently supported. You can use the
BCRYPT_RSA_ALG_HANDLE algorithm to perform RSA
signing operations. Standard: PKCS #1 v1.5 and v2.0.
BCRYPT_SHA1_ALG_HANDLE A handle to the 160-bit secure hash algorithm. Standard: FIPS

180-2, FIPS 198

180-2, FIPS 198

180-2, FIPS 198

180-2, FIPS 198
BCRYPT_SP800108_CTR_HMAC_ALG_HANDLE A handle to the Counter mode, hash-based message

authentication code (HMAC) key derivation function
algorithm. Used by the BCr yptKeyDerivation and
BCRYPT_SP80056A_CONCAT_ALG_HANDLE A handle to the SP800-56A key derivation function algorithm.

Used by the BCr yptKeyDerivation and
BCRYPT_PBKDF2_ALG_HANDLE A handle to the Password-based key derivation function 2

(PBKDF2) algorithm. Used by the BCr yptKeyDerivation and
Remarks
Beginning in Windows 10, CNG provides pre-defined algorithm handles for many algorithms. You can use these
handles in any situation that requires an algorithm handle. However, any call to BCr yptSetProper ty fails as the
algorithm handle is shared and cannot be modified. In addition, these handles cannot be used at IRQL=DISPATCH in
kernel mode.
Related topics
B
C
r
y
p
t
O
p
e
n
A
l
g
o
r
i
t
h
m
P
r
o
v
i
d
e
r
N
C
r
y
p
t
C
r
e
a
t
e
P
e
r
s
i
s
t
e
d
K
e
y
The following identifiers are used to identify standard encryption algorithms in various CNG functions and
structures, such as the CRYPT_INTERFACE_REG structure. Third party providers may have additional algorithms
that they support.
C O N STA N T / VA L UE DESC RIP T IO N
The triple data encryption standard symmetric encryption

BCR algorithm.
YPT Standard: SP800-67, SP800-38A
_3D
ES_
ALG
ORI
TH
M
"3D
ES"
The 112-bit triple data encryption standard symmetric

BCR encryption algorithm.
YPT Standard: SP800-67, SP800-38A
_3D
ES_
112
_AL
GO
RIT
HM
"3D
ES_1
12"
The advanced encryption standard symmetric encryption

BCR algorithm.
YPT Standard: FIPS 197
_AE
S_A
LG
ORI
TH
M
"AES
"
The advanced encryption standard (AES) cipher based

BCR message authentication code (CMAC) symmetric encryption
YPT algorithm.
_AE Standard: SP 800-38B
S_C Windows 8: Support for this algorithm begins.
MA
C_A
LG
ORI
TH
M
"AES
-
CM
AC"
The advanced encryption standard (AES) Galois message

BCR authentication code (GMAC) symmetric encryption algorithm.
YPT Standard: SP800-38D
_AE Windows Vista: This algorithm is supported beginning with
S_G Windows Vista with SP1.
MA
C_A
LG
ORI
TH
M
"AES
-
GM
AC"
Crypto API (CAPI) key derivation function algorithm. Used by

BCR the BCr yptKeyDerivation and NCr yptKeyDerivation
YPT functions.
_CA
PI_
KDF
_AL
GO
RIT
HM
L"C
API_
KDF
"
The data encryption standard symmetric encryption

BCR algorithm.
YPT Standard: FIPS 46-3, FIPS 81
_DE
S_A
LG
ORI
TH
M
"DE
S"
The extended data encryption standard symmetric encryption

BCR algorithm.
YPT Standard: None
_DE
SX_
ALG
ORI
TH
M
"DE
SX"
The Diffie-Hellman key exchange algorithm.

BCR Standard: PKCS #3
YPT
_D
H_A
LG
ORI
TH
M
"DH
"
The digital signature algorithm.

BCR Standard: FIPS 186-2
YPT Windows 8: Beginning with Windows 8, this algorithm
_DS supports FIPS 186-3. Keys less than or equal to 1024 bits
A_A adhere to FIPS 186-2 and keys greater than 1024 to FIPS
LG 186-3.
ORI
TH
M
"DS
A"
The 256-bit prime elliptic curve Diffie-Hellman key exchange

BCR algorithm.
YPT Standard: SP800-56A
_EC
DH
_P2
56_
ALG
ORI
TH
M
"EC
DH_
P25
6"

BCR algorithm.
_EC
DH
_P3
84_
ALG
ORI
TH
M
"EC
DH_
P38
4"

BCR algorithm.
_EC
DH
_P5
21_
ALG
ORI
TH
M
"EC
DH_
P52
1"
The 256-bit prime elliptic curve digital signature algorithm

BCR (FIPS 186-2).
YPT Standard: FIPS 186-2, X9.62
_EC
DS
A_P
256
_AL
GO
RIT
HM
"EC
DSA
_P2
56"

BCR (FIPS 186-2).
_EC
DS
A_P
384
_AL
GO
RIT
HM
"EC
DSA
_P3
84"

BCR (FIPS 186-2).
_EC
DS
A_P
521
_AL
GO
RIT
HM
"EC
DSA
_P5
21"
The MD2 hash algorithm.

BCR Standard: RFC 1319
YPT
_M
D2_
ALG
ORI
TH
M
"MD
2"

YPT
_M
D4_
ALG
ORI
TH
M
"MD
4"

YPT
_M
D5_
ALG
ORI
TH
M
"MD
5"
The RC2 block symmetric encryption algorithm.

YPT
_RC
2_A
LG
ORI
TH
M
"RC
2"
The RC4 symmetric encryption algorithm.

BCR Standard: Various
YPT
_RC
4_A
LG
ORI
TH
M
"RC
4"
The random-number generator algorithm.

BCR Standard: FIPS 186-2, FIPS 140-2, NIST SP 800-90
YPT
_RN [!Note]
G_A Beginning with Windows Vista with SP1 and Windows
LG Server 2008, the random number generator is based on
ORI the AES counter mode specified in the NIST SP 800-90
TH standard.
M
"RN
G"
Windows 8: Beginning with Windows 8, the RNG algorithm
supports FIPS 186-3. Keys less than or equal to 1024 bits
adhere to FIPS 186-2 and keys greater than 1024 to FIPS
186-3.
The dual elliptic curve random-number generator algorithm.

BCR Standard: SP800-90.
YPT Windows 8: Beginning with Windows 8, the EC RNG
_RN algorithm supports FIPS 186-3. Keys less than or equal to
G_ 1024 bits adhere to FIPS 186-2 and keys greater than 1024
DU to FIPS 186-3.
AL_ Windows 10: Beginning with Windows 10, the dual elliptic
EC_ curve random number generator algorithm has been
ALG removed. Existing uses of this algorithm will continue to work;
ORI however, the random number generator is based on the AES
TH counter mode specified in the NIST SP 800-90 standard. New
M code should use BCRYPT_RNG_ALGORITHM , and it is
"DU recommended that existing code be changed to use
ALE BCRYPT_RNG_ALGORITHM .
CRN
G"
The random-number generator algorithm suitable for DSA

BCR (Digital Signature Algorithm).
YPT Standard: FIPS 186-2.
_RN Windows 8: Support for FIPS 186-3 begins.
G_F
IPS
186
_DS
A_A
LG
ORI
TH
M
"FIP
S18
6DS
ARN
G"
The RSA public key algorithm.

BCR Standard: PKCS #1 v1.5 and v2.0.
YPT
_RS
A_A
LG
ORI
TH
M
"RS
A"
The RSA signature algorithm. This algorithm is not currently

BCR supported. You can use the BCRYPT_RSA_ALGORITHM
YPT algorithm to perform RSA signing operations.
_RS Standard: PKCS #1 v1.5 and v2.0.
A_S
IGN
_AL
GO
RIT
HM
"RS
A_SI
GN"
The 160-bit secure hash algorithm.

BCR Standard: FIPS 180-2, FIPS 198.
YPT
_SH
A1_
ALG
ORI
TH
M
"SH
A1"

YPT
_SH
A25
6_A
LG
ORI
TH
M
"SH
A25
6"

YPT
_SH
A38
4_A
LG
ORI
TH
M
"SH
A38
4"

YPT
_SH
A51
2_A
LG
ORI
TH
M
"SH
A51
2"
Counter mode, hash-based message authentication code

BCR (HMAC) key derivation function algorithm. Used by the
YPT BCr yptKeyDerivation and NCr yptKeyDerivation
_SP functions.
800
108
_CT
R_H
MA
C_A
LG
ORI
TH
M
L"SP
800
_10
8_C
TR_
HM
AC"
SP800-56A key derivation function algorithm. Used by the

BCR BCr yptKeyDerivation and NCr yptKeyDerivation
YPT functions.
_SP
800
56A
_C
ON
CAT
_AL
GO
RIT
HM
L"SP
800
_56
A_C
ON
CAT
"
Password-based key derivation function 2 (PBKDF2)

BCR algorithm. Used by the BCr yptKeyDerivation and
YPT NCr yptKeyDerivation functions.
_PB
KDF
2_A
LG
ORI
TH
M
L"PB
KDF
2"
Generic prime elliptic curve digital signature algorithm (see

BCR Remarks for more information).
YPT Standard: ANSI X9.62.
_EC
DS
A_A
LG
ORI
TH
M
"EC
DSA
"
Generic prime elliptic curve Diffie-Hellman key exchange

BCR algorithm (see Remarks for more information).
YPT Standard: SP800-56A.
_EC
DH
_AL
GO
RIT
HM
"EC
DH"
The advanced encryption standard symmetric encryption

BCR algorithm in XTS mode.
YPT Standard: SP-800-38E, IEEE Std 1619-2007.
_XT Windows 10: Support for this algorithm begins.
S_A
ES_
ALG
ORI
TH
M
"XTS
-
AES"
Remarks
To use BCRYPT_ECDSA_ALGORITM or BCRYPT_ECDH_ALGORITHM , call BCr yptOpenAlgorithmProvider
with either BCRYPT_ECDSA_ALGORITHM or BCRYPT_ECDH_ALGORITHM as the pszAlgId. Then use
BCr yptSetProper ty to set the BCRYPT_ECC_CURVE_NAME property to a named algorithm listed in CNG
Named Curves.
To provider user-defined elliptic curve parameters directly, use BCr yptSetProper ty to set the
BCRYPT_ECC_PARAMETERS property. Download the Windows 10 Cryptographic Provider Developer Kit (CPDK)
for more information.
Requirements
Minimum supported client Windows Vista [desktop apps only]
Header
Bcry
pt.h
See also
B
C
r
y
p
t
O
p
e
n
A
l
g
o
r
i
t
h
m
P
r
o
v
i
d
e
r
N
C
r
y
p
t
C
r
e
a
t
e
P
e
r
s
i
s
t
e
d
K
e
y
The following constants are used by the CNG Data Protection API.
N
C L
R "
Y A
P N
T D
_ "
D C
E a
S n
C b
R e
_ u
D s
E e
L d
I t
M o
I t
T e
E s
R t
_ a
A p
N r
D o
t
e
c
t
i
o
n
d
e
s
c
r
i
p
t
o
r
s
t
r
i
n
g
f
o
r
a
n
A
N
D
d
e
l
i
m
i
t
e
r.
N
C L
R "
Y =
P "
T C
_ a
D n
E b
S e
C u
R s
_ e
E d
Q t
U o
A t
L e
s
t
a
p
r
o
t
e
c
t
i
o
n
d
e
s
c
r
i
p
t
o
r
s
t
r
i
n
g
f
o
r
a
n
e
q
u
a
l
s
s
i
g
n
.
N
C L
R "
Y O
P R
T "
_ C
D a
E n
S b
C e
R u
_ s
D e
E d
L
I t
M o
I t
T e
E s
R t
_ a
O p
R r
o
t
e
c
t
i
o
n
d
e
s
c
r
i
p
t
o
r
s
t
r
i
n
g
f
o
r
a
n
O
R
d
e
l
i
m
i
t
e
r.
N
C "
R L
Y O
P C
T A
_ L
K "
E
Y T
_ h
P e
R L
O O
T C
E A
C L
T p
I r
O o
N t
_ e
A c
L t
G i
O o
R n
I d
T e
H s
M c
_ r
L i
O p
C t
A o
L r
p
r
o
t
e
c
t
s
c
o
n
t
e
n
t
t
o
t
h
e
l
o
g
o
n
s
e
s
s
i
o
n
,
t
h
e
c
u
r
r
e
n
t
u
s
e
r,
o
r
t
h
e
l
o
c
a
l
m
a
c
h
i
n
e
a
s
i
d
e
n
t
i
f
i
e
d
b
y
t
h
e
f
o
l
l
o
w
i
n
g
c
o
n
s
t
a
n
t
s
:
NCRYPT_KEY
NCRYPT_KEY
NCRYPT_KEY
N
C "
R S
Y D
P D
T L
_ "
K P
E r
Y o
_ t
P e
R c
O t
T s
E
C c
T o
I n
O t
N e
_ n
A t
L t
G o
O a
R n
I S
T D
H D
M L
_ (
S S
D e
D c
L u
r
i
t
y
D
e
s
c
r
i
p
t
o
r
D
e
f
i
n
i
t
i
o
n
L
a
n
g
u
a
g
e
)
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
s
e
c
u
r
i
t
y
d
e
s
c
r
i
p
t
o
r
i
n
f
o
r
m
a
t
i
o
n
.
N
C "
R S
Y I
P D
T "
_
K T
E h
Y e
_ S
P I
R D
O p
T r
E o
C t
T e
I c
O t
N i
_ o
A n
L d
G e
O s
R c
I r
T i
H p
M t
_ o
S r
I c
D o
n
t
a
i
n
s
a
g
r
o
u
p
o
r
p
r
i
n
c
i
p
a
l
i
d
e
n
t
i
t
y
.
N
C "
R W
Y E
P B
T C
_ R
K E
E D
Y E
_ N
P T
R I
O A
T L
E S
C "
T P
I r
O o
N t
_ e
A c
L t
G s
O t
R o
I a
T u
H s
M e
_ r
W '
E s
B w
C e
R b
E
D a
E c
N c
T o
I u
A n
L t
S c
r
e
d
e
n
t
i
a
l
s
.
N
C "
R l
Y o
P g
T o
_ n
K "
E P
Y r
_ o
P t
R e
O c
T t
E s
C c
T o
I n
O t
N e
_ n
L t
O t
C o
A t
L h
_ e
L c
O u
G r
O
N r
e
n
t
l
o
g
o
n
s
e
s
s
i
o
n
.
U
s
e
r
s
w
i
l
l
n
o
t
b
e
a
b
l
e
t
o
d
e
c
r
y
p
t
t
h
e
p
r
o
t
e
c
t
e
d
c
o
n
t
e
n
t
a
f
t
e
r
l
o
g
o
f
f
o
r
r
e
b
o
o
t
.
N
C "
R m
Y a
P c
T h
_ i
K n
E e
Y "
_ P
P r
R o
O t
T e
E c
C t
T s
I c
O
N o
_ n
L t
O e
C n
A t
L t
_ o
M t
A h
C e
H l
I o
N c
E a
l
c
o
m
p
u
t
e
r.
A
l
l
u
s
e
r
s
o
n
t
h
e
l
o
c
a
l
c
o
m
p
u
t
e
r
c
a
n
d
e
c
r
y
p
t
t
h
e
p
r
o
t
e
c
t
e
d
c
o
n
t
e
n
t
.
N
C "
R u
Y s
P e
T r
_ "
K P
E r
Y o
_ t
P e
R c
O t
T s
E c
C o
T n
I t
O e
N n
_ t
L
O t
C o
A t
L h
_ e
U c
S u
E r
R r
e
n
t
u
s
e
r
s
e
s
s
i
o
n
.
O
n
l
y
t
h
i
s
u
s
e
r
o
n
t
h
e
l
o
c
a
l
c
o
m
p
u
t
e
r
w
i
l
l
b
e
a
b
l
e
t
o
d
e
c
r
y
p
t
t
h
e
p
r
o
t
e
c
t
e
d
c
o
n
t
e
n
t
.
M
S "
_ M
K i
E c
Y r
_ o
P s
R o
O f
T t
E K
C e
T y
I P
O r
N o
_ t
P e
R c
O t
V i
I o
D n
E P
R r
o
v
i
d
e
r
"
R
e
p
r
e
s
e
n
t
s
t
h
e
M
i
c
r
o
s
o
f
t
k
e
y
p
r
o
t
e
c
t
i
o
n
p
r
o
v
i
d
e
r
w
h
i
c
h
s
u
p
p
o
r
t
s
f
o
r
m
a
t
s
r
e
p
r
e
s
e
n
t
e
d
b
y
t
h
e
f
o
l
l
o
w
i
n
g
c
o
n
s
t
a
n
t
s
:
NCRYPT_KEY
NCRYPT_KEY
NCRYPT_KEY
W
I "
N W
D i
O n
W d
S o
_ w
C s
L C
I l
E i
N e
T n
_ t
K K
E e
Y y
_ P
P r
R o
O t
T e
E c
C t
T i
I o
O n
N P
_ r
P o
R v
O i
V d
I e
D r
E "
R
R
e
p
r
e
s
e
n
t
s
t
h
e
M
i
c
r
o
s
o
f
t
k
e
y
p
r
o
t
e
c
t
i
o
n
p
r
o
v
i
d
e
r
t
h
a
t
i
s
a
v
a
i
l
a
b
l
e
o
n
l
y
o
n
t
h
e
c
l
i
e
n
t
a
n
d
w
h
i
c
h
s
u
p
p
o
r
t
s
f
o
r
m
a
t
s
r
e
p
r
e
s
e
n
t
e
d
b
y
t
h
e
f
o
l
l
o
w
i
n
g
c
o
n
s
t
a
n
t
s
:
NCRYPT_KEY
Requirements
Header
NCr
yptp
rote
ct.h
The following identifiers are used to identify a CNG cryptographic interface. In CNG, an interface identifies the type
of cryptographic behavior that a provider supports. For example, a provider may be a random number generator
or it may be a hashing provider.
The symmetric cipher interface.

BCR
YPT
_CI
PHE
R_I
NTE
RFA
CE
0x0
000
000
1
The hash interface.

BCR
YPT
_HA
SH_
INT
ERF
ACE
0x0
000
000
2
The asymmetric encryption interface.

BCR
YPT
_AS
YM
ME
TRI
C_E
NC
RYP
TIO
N_I
NTE
RFA
CE
0x0
000
000
3
The secret agreement interface.

BCR
YPT
_SE
CRE
T_A
GRE
EM
ENT
_IN
TER
FAC
E
0x0
000
000
4
The signature interface.

BCR
YPT
_SI
GN
ATU
RE_
INT
ERF
ACE
0x0
000
000
5
The random number generator interface.

BCR
YPT
_RN
G_I
NTE
RFA
CE
0x0
000
000
6
The key storage interface.

NC
RYP
T_K
EY_
STO
RA
GE_
INT
ERF
ACE
0x0
001
000
1
The Schannel signature interface.

NC
RYP
T_S
CH
AN
NEL
_IN
TER
FAC
E
0x0
001
000
2
The Schannel cipher suite interface.

NC Windows Ser ver 2008, Windows Vista, Windows
RYP Ser ver 2003, Windows XP and Windows 2000: This
T_S value is not supported.
CH
AN
NEL
_SI
GN
ATU
RE_
INT
ERF
ACE
0x0
001
000
3
Requirements

Header
Bcry
pt.h;
Ncry
pt.h
The following values are used with the BCr yptGetProper ty and BCr yptSetProper ty functions to identify a
property.
B
C L
R "
Y A
P l
T g
_ o
A r
L i
G t
O h
R m
I N
T a
H m
M e
_ "
N A
A n
M u
E l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
n
a
m
e
o
f
t
h
e
a
l
g
o
r
i
t
h
m
.
B
C L
R "
Y A
P u
T t
_ h
A T
U a
T g
H L
_ e
T n
A g
G t
_ h
L "
E
N T
G h
T e
H a
u
t
h
e
n
t
i
c
a
t
i
o
n
t
a
g
l
e
n
g
t
h
s
t
h
a
t
a
r
e
s
u
p
p
o
r
t
e
d
b
y
t
h
e
a
l
g
o
r
i
t
h
m
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
a
B
C
R
Y
P
T
_
A
U
T
H
_
T
A
G
_
L
E
N
G
T
H
S
_
S
T
R
U
C
T
s
t
r
u
c
t
u
r
e
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
a
l
g
o
r
i
t
h
m
s
.
B
C L
R "
Y B
P l
T o
_ c
B k
L L
O e
C n
K g
_ t
L h
E "
N
G T
T h
H e
s
i
z
e
,
i
n
b
y
t
e
s
,
o
f
a
c
i
p
h
e
r
b
l
o
c
k
f
o
r
t
h
e
a
l
g
o
r
i
t
h
m
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
b
l
o
c
k
c
i
p
h
e
r
a
l
g
o
r
i
t
h
m
s
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
B
C L
R "
Y B
P l
T o
_ c
B k
L S
O i
C z
K e
_ L
S i
I s
Z t
E "
_ A
L l
I i
S s
T t
o
f
t
h
e
b
l
o
c
k
l
e
n
g
t
h
s
s
u
p
p
o
r
t
e
d
b
y
a
n
e
n
c
r
y
p
t
i
o
n
a
l
g
o
r
i
t
h
m
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
n
a
r
r
a
y
o
f
D
W
O
R
D
s
.
T
h
e
n
u
m
b
e
r
o
f
e
l
e
m
e
n
t
s
i
n
t
h
e
a
r
r
a
y
c
a
n
b
e
d
e
t
e
r
m
i
n
e
d
b
y
d
i
v
i
d
i
n
g
t
h
e
n
u
m
b
e
r
o
f
b
y
t
e
s
r
e
t
r
i
e
v
e
d
b
y
t
h
e
s
i
z
e
o
f
a
s
i
n
g
l
e
D
W
O
R
D
.
B
C L
R "
Y C
P h
T a
_ i
C n
H i
A n
I g
N M
I o
N d
G e
_ "
M A
O p
D o
E i
n
t
e
r
t
o
a
n
u
l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
r
e
p
r
e
s
e
n
t
s
t
h
e
c
h
a
i
n
i
n
g
m
o
d
e
o
f
t
h
e
e
n
c
r
y
p
t
i
o
n
a
l
g
o
r
i
t
h
m
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
b
e
s
e
t
o
n
a
n
a
l
g
o
r
i
t
h
m
h
a
n
d
l
e
o
r
a
k
e
y
h
a
n
d
l
e
t
o
o
n
e
o
f
t
h
e
f
o
l
l
o
w
i
n
g
v
a
l
u
e
s
.
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
BL
C"
RC
Yh
Pa
Ti
_n
Ci
Hn
Ag
IM
No
_d
Me
OC
DB
EC
_"
C
B
C
BL
C"
RI C
Yh
D
EP a
N
Ti
T
_I nV
FC Ai
IHLn
EA U
g
RE
IM
No
_d
Me
OC
DC
EM
_"
C
C
M
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
BL
C"
RC
Yh
Pa
Ti
_n
Ci
Hn
Ag
IM
No
_d
Me
OC
DF
EB
_"
C
F
B
I
D
E
N
T
I V
FA
I L
EU
RE
BL
C"
RC
Yh
Pa
Ti
_n
Ci
Hn
Ag
IM
No
_d
Me
OE
DC
EB
_"
E
C
B
BL
C"
RC
YI h
Pa
D
ET i
N
_n
T
CI iV
FHAn
IA Lg
EI U
M
RE
No
_d
Me
OG
DC
EM
_"
G
C
M
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
BL
C"
RC
Yh
Pa
Ti
_n
Ci
Hn
Ag
IM
No
_d
Me
ON
D/
EA
_"
N
A
B
C L
R "
Y D
P H
T P
_ a
D r
H a
_ m
P e
A t
R e
r
A s
M "
E
T S
E p
R e
S c
i
f
i
e
s
p
a
r
a
m
e
t
e
r
s
t
o
u
s
e
w
i
t
h
a
D
i
f
f
i
e
-
H
e
l
l
m
a
n
k
e
y
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
p
o
i
n
t
e
r
t
o
a
B
C
R
Y
P
T
_
D
H
_
P
A
R
A
M
E
T
E
R
_
H
E
A
D
E
R
s
t
r
u
c
t
u
r
e
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
s
e
t
a
n
d
m
u
s
t
b
e
s
e
t
f
o
r
t
h
e
k
e
y
b
e
f
o
r
e
t
h
e
k
e
y
i
s
c
o
m
p
l
e
t
e
d
.
B
C L
R "
Y D
P S
T A
_ P
D a
S r
A a
_ m
P e
A t
R e
A r
M s
E "
T S
E p
R e
S c
i
f
i
e
s
p
a
r
a
m
e
t
e
r
s
t
o
u
s
e
w
i
t
h
a
D
S
A
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
a
B
C
R
Y
P
T
_
D
S
A
_
P
A
R
A
M
E
T
E
R
_
H
E
A
D
E
R
o
r
a
B
C
R
Y
P
T
_
D
S
A
_
P
A
R
A
M
E
T
E
R
_
H
E
A
D
E
R
_
V
2
s
t
r
u
c
t
u
r
e
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
s
e
t
a
n
d
m
u
s
t
b
e
s
e
t
f
o
r
t
h
e
k
e
y
b
e
f
o
r
e
t
h
e
k
e
y
i
s
c
o
m
p
l
e
t
e
d
.
W
i
n
d
o
w
s
8
:
B
e
g
i
n
n
i
n
g
w
i
t
h
W
i
n
d
o
w
s
8
,
t
h
i
s
p
r
o
p
e
r
t
y
c
a
n
b
e
a
B
C
R
Y
P
T
_
D
S
A
_
P
A
R
A
M
E
T
E
R
_
H
E
A
D
E
R
_
V
2
s
t
r
u
c
t
u
r
e
.
U
s
e
t
h
i
s
s
t
r
u
c
t
u
r
e
i
f
t
h
e
k
e
y
s
i
z
e
e
x
c
e
e
d
s
1
0
2
4
b
i
t
s
a
n
d
i
s
l
e
s
s
t
h
a
n
o
r
e
q
u
a
l
t
o
3
0
7
2
b
i
t
s
.
I
f
t
h
e
k
e
y
s
i
z
e
i
s
g
r
e
a
t
e
r
t
h
a
n
o
r
e
q
u
a
l
t
o
5
1
2
b
u
t
l
e
s
s
t
h
a
n
o
r
e
q
u
a
l
t
o
1
0
2
4
b
i
t
s
,
u
s
e
t
h
e
B
C
R
Y
P
T
_
D
S
A
_
P
A
R
A
M
E
T
E
R
_
H
E
A
D
E
R
s
t
r
u
c
t
u
r
e
.
B
C L
R "
Y E
P f
T f
_ e
E c
F t
F i
E v
C e
T K
I e
V y
E L
_ e
K n
E g
Y t
_ h
L "
E
N T
G h
T e
H s
i
z
e
,
i
n
b
i
t
s
,
o
f
t
h
e
e
f
f
e
c
t
i
v
e
l
e
n
g
t
h
o
f
a
n
R
C
2
k
e
y
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
B
C L
R "
Y H
P a
T s
_ h
H B
A l
S o
H c
_ k
B L
L e
O n
C g
K t
_ h
L "
E T
N h
G e
T s
H i
z
e
,
i
n
b
y
t
e
s
,
o
f
t
h
e
b
l
o
c
k
f
o
r
a
h
a
s
h
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
h
a
s
h
a
l
g
o
r
i
t
h
m
s
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
B
C L
R "
Y H
P a
T s
_ h
H D
A i
S g
H e
_ s
L t
E L
N e
G n
T g
H t
h
"
T
h
e
s
i
z
e
,
i
n
b
y
t
e
s
,
o
f
t
h
e
h
a
s
h
v
a
l
u
e
o
f
a
h
a
s
h
p
r
o
v
i
d
e
r.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
B
C L
R "
Y H
P a
T s
_ h
H O
A I
S D
H L
_ i
O s
I t
D "
_ T
L h
I e
S l
T i
s
t
o
f
D
E
R
-
e
n
c
o
d
e
d
h
a
s
h
i
n
g
o
b
j
e
c
t
i
d
e
n
t
i
f
i
e
r
s
(
O
I
D
s
)
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
a
B
C
R
Y
P
T
_
O
I
D
_
L
I
S
T
s
t
r
u
c
t
u
r
e
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
r
e
a
d
.
B
C L
R "
Y I
P V
T "
_ C
I o
N n
I t
T a
I i
A n
L s
I t
Z h
A e
T i
I n
O i
N t
_ i
V a
E l
C i
T z
O a
R t
i
o
n
v
e
c
t
o
r
(
I
V
)
f
o
r
a
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
B
C L
R "
Y K
P e
T y
_ L
K e
E n
Y g
_ t
L h
E "
N T
G h
T e
H s
i
z
e
,
i
n
b
i
t
s
,
o
f
t
h
e
k
e
y
v
a
l
u
e
o
f
a
s
y
m
m
e
t
r
i
c
k
e
y
p
r
o
v
i
d
e
r.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
B
C L
R "
Y K
P e
T y
_ L
K e
E n
Y g
_ t
L h
E s
N "
G T
T h
H e
S k
e
y
l
e
n
g
t
h
s
t
h
a
t
a
r
e
s
u
p
p
o
r
t
e
d
b
y
t
h
e
a
l
g
o
r
i
t
h
m
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
a
B
C
R
Y
P
T
_
K
E
Y
_
L
E
N
G
T
H
S
_
S
T
R
U
C
T
s
t
r
u
c
t
u
r
e
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
a
l
g
o
r
i
t
h
m
s
.
B
C L
R "
Y K
P e
T y
_ O
K b
E j
Y e
_ c
O t
B L
J e
E n
C g
T t
_ h
L "
E T
N h
G i
T s
H p
r
o
p
e
r
t
y
i
s
n
o
t
u
s
e
d
.
T
h
e
B
C
R
Y
P
T
_
O
B
J
E
C
T
_
L
E
N
G
T
H
p
r
o
p
e
r
t
y
i
s
u
s
e
d
t
o
o
b
t
a
i
n
t
h
i
s
i
n
f
o
r
m
a
t
i
o
n
.
B
C L
R "
Y K
P e
T y
_ S
K t
E r
Y e
_ n
S g
T t
R h
E "
N T
G h
T e
H n
u
m
b
e
r
o
f
b
i
t
s
i
n
t
h
e
k
e
y
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
B
C L
R "
Y M
P e
T s
_ s
M a
E g
S e
S B
A l
G o
E c
_ k
B L
L e
O n
C g
K t
_ h
L "
E
N T
G h
T i
H s
c
a
n
b
e
s
e
t
o
n
a
n
y
k
e
y
h
a
n
d
l
e
t
h
a
t
h
a
s
t
h
e
C
F
B
c
h
a
i
n
i
n
g
m
o
d
e
s
e
t
.
B
y
d
e
f
a
u
l
t
,
t
h
i
s
p
r
o
p
e
r
t
y
i
s
s
e
t
t
o
1
f
o
r
8
-
b
i
t
C
F
B
.
S
e
t
t
i
n
g
i
t
t
o
t
h
e
b
l
o
c
k
s
i
z
e
i
n
b
y
t
e
s
c
a
u
s
e
s
f
u
l
l
-
b
l
o
c
k
C
F
B
t
o
b
e
u
s
e
d
.
F
o
r
X
T
S
k
e
y
s
i
t
i
s
u
s
e
d
t
o
s
e
t
t
h
e
s
i
z
e
,
i
n
b
y
t
e
s
,
o
f
t
h
e
X
T
S
D
a
t
a
U
n
i
t
(
c
o
m
m
o
n
l
y
5
1
2
o
r
4
0
9
6
)
.
B
C L
R "
Y M
P u
T l
_ t
M i
U O
L b
T j
I e
_ c
O t
B L
J e
E n
C g
T t
_ h
L "
E
N T
G h
T i
H s
p
r
o
p
e
r
t
y
r
e
t
u
r
n
s
a
B
C
R
Y
P
T
_
M
U
L
T
I
_
O
B
J
E
C
T
_
L
E
N
G
T
H
_
S
T
R
U
C
T
,
w
h
i
c
h
c
o
n
t
a
i
n
s
i
n
f
o
r
m
a
t
i
o
n
n
e
c
e
s
s
a
r
y
t
o
c
a
l
c
u
l
a
t
e
t
h
e
s
i
z
e
o
f
a
n
o
b
j
e
c
t
b
u
f
f
e
r.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
o
n
l
y
s
u
p
p
o
r
t
e
d
o
n
o
p
e
r
a
t
i
n
g
s
y
s
t
e
m
v
e
r
s
i
o
n
s
t
h
a
t
s
u
p
p
o
r
t
t
h
e
B
C
r
y
p
t
C
r
e
a
t
e
M
u
l
t
i
H
a
s
h
f
u
n
c
t
i
o
n
.
B
C L
R "
Y O
P b
T j
_ e
O c
B t
J L
E e
C n
T g
_ t
L h
E "
N T
G h
T e
H s
i
z
e
,
i
n
b
y
t
e
s
,
o
f
t
h
e
s
u
b
o
b
j
e
c
t
o
f
a
p
r
o
v
i
d
e
r.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
C
u
r
r
e
n
t
l
y
,
t
h
e
h
a
s
h
a
n
d
s
y
m
m
e
t
r
i
c
c
i
p
h
e
r
a
l
g
o
r
i
t
h
m
p
r
o
v
i
d
e
r
s
u
s
e
c
a
l
l
e
r
-
a
l
l
o
c
a
t
e
d
b
u
f
f
e
r
s
t
o
s
t
o
r
e
t
h
e
i
r
s
u
b
o
b
j
e
c
t
s
.
F
o
r
e
x
a
m
p
l
e
,
t
h
e
h
a
s
h
p
r
o
v
i
d
e
r
r
e
q
u
i
r
e
s
y
o
u
t
o
a
l
l
o
c
a
t
e
m
e
m
o
r
y
f
o
r
t
h
e
h
a
s
h
o
b
j
e
c
t
o
b
t
a
i
n
e
d
w
i
t
h
t
h
e
B
C
r
y
p
t
C
r
e
a
t
e
H
a
s
h
f
u
n
c
t
i
o
n
.
T
h
i
s
p
r
o
p
e
r
t
y
p
r
o
v
i
d
e
s
t
h
e
b
u
f
f
e
r
s
i
z
e
f
o
r
a
p
r
o
v
i
d
e
r
'
s
o
b
j
e
c
t
s
o
y
o
u
c
a
n
a
l
l
o
c
a
t
e
m
e
m
o
r
y
f
o
r
t
h
e
o
b
j
e
c
t
c
r
e
a
t
e
d
b
y
t
h
e
p
r
o
v
i
d
e
r.
B
C L
R "
Y P
P a
T d
_ d
P i
A n
D g
D S
I c
N h
G e
_ m
S e
C s
H "
E
M R
E e
S p
r
e
s
e
n
t
s
t
h
e
p
a
d
d
i
n
g
s
c
h
e
m
e
o
f
t
h
e
R
S
A
a
l
g
o
r
i
t
h
m
p
r
o
v
i
d
e
r.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
T
h
i
s
c
a
n
b
e
o
n
e
o
f
t
h
e
f
o
l
l
o
w
i
n
g
v
a
l
u
e
s
.
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
B0
Cx
R0
Y0
P0
T0
_0
S0
U0
P1
P
O
R
T
E
D
_
P
A
D
_
R
O
U
T
E
R
I
D
E
N
T
I V
FA
I L
EU
RE
B0
Cx
R0
Y0
P0
T0
_0
S0
U0
P2
P
O
R
T
E
D
_
P
A
D
_
P
K
C
S
1
_
E
N
C
I
D
E
N
T
I V
FA
I L
EU
RE
B0
Cx
R0
Y0
P0
T0
_0
S0
U0
P4
P
O
R
T
E
D
_
P
A
D
_
P
K
C
S
1
_
S
I
G
I
D
E
N
T
I V
FA
I L
EU
RE
B0
Cx
R0
Y0
P0
T0
_0
S0
U0
P8
P
O
R
T
E
D
_
P
A
D
_
O
A
E
P
I
D
E
N
T
I V
FA
I L
EU
RE
B0
Cx
R0
Y0
P0
T0
_0
S0
U1
P0
P
O
R
T
E
D
_
P
A
D
_
P
S
S
B
C L
R "
Y P
P r
T o
_ v
P i
R d
O e
V r
I H
D a
E n
R d
_ l
H e
A "
N
D T
L h
E e
h
a
n
d
l
e
o
f
t
h
e
C
N
G
p
r
o
v
i
d
e
r
t
h
a
t
c
r
e
a
t
e
d
t
h
e
o
b
j
e
c
t
p
a
s
s
e
d
i
n
t
h
e
h
O
b
j
e
c
t
p
a
r
a
m
e
t
e
r.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
B
C
R
Y
P
T
_
A
L
G
_
H
A
N
D
L
E
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
r
e
t
r
i
e
v
e
d
;
i
t
c
a
n
n
o
t
b
e
s
e
t
.
B
C L
R "
Y S
P i
T g
_ n
S a
I t
G u
N r
A e
T L
U e
R n
E g
_ t
L h
E "
N T
G h
T e
H s
i
z
e
,
i
n
b
y
t
e
s
,
o
f
t
h
e
l
e
n
g
t
h
o
f
a
s
i
g
n
a
t
u
r
e
f
o
r
a
k
e
y
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
D
W
O
R
D
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
r
e
t
r
i
e
v
e
d
;
i
t
c
a
n
n
o
t
b
e
s
e
t
.
Requirements
Header
Bcry
pt.h
The following values are used to identify a key storage property.
N
C L
R "
Y A
P l
T g
_ o
A r
L i
G t
O h
R m
I G
T r
H o
M u
_ p
G "
R A
O n
U u
P l
_ l
P -
R t
O e
P r
E m
R i
T n
Y a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
n
a
m
e
o
f
t
h
e
o
b
j
e
c
t
'
s
a
l
g
o
r
i
t
h
m
g
r
o
u
p
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
T
h
e
f
o
l
l
o
w
i
n
g
i
d
e
n
t
i
f
i
e
r
s
a
r
e
r
e
t
u
r
n
e
d
b
y
t
h
e
M
i
c
r
o
s
o
f
t
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r.
I
D
E
N
T
I V
FA
I L
EU
RE
N"
CR
RS
YA
P"
T
_
R
S
A
_
A
L
G
O
R
I
T
H
M
_
G
R
O
U
P
I
D
E
N
T
I V
FA
I L
EU
RE
N"
CD
RH
Y"
P
T
_
D
H
_
A
L
G
O
R
I
T
H
M
_
G
R
O
U
P
I
D
E
N
T
I V
FA
I L
EU
RE
N"
CD
RS
YA
P"
T
_
D
S
A
_
A
L
G
O
R
I
T
H
M
_
G
R
O
U
P
I
D
E
N
T
I V
FA
I L
EU
RE
N"
CE
RC
YD
PS
TA
_"
E
C
D
S
A
_
A
L
G
O
R
I
T
H
M
_
G
R
O
U
P
I
D
E
N
T
I V
FA
I L
EU
RE
N"
CE
RC
YD
PH
T"
_
E
C
D
H
_
A
L
G
O
R
I
T
H
M
_
G
R
O
U
P
N
C L
R "
Y A
P l
g
T o
_ r
A i
L t
G h
O m
R N
I a
T m
H e
M "
_
P A
R n
O u
P l
E l
R -
T t
Y e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
n
a
m
e
o
f
t
h
e
o
b
j
e
c
t
'
s
a
l
g
o
r
i
t
h
m
.
T
h
i
s
c
a
n
b
e
o
n
e
o
f
t
h
e
p
r
e
d
e
f
i
n
e
d
C
N
G
A
l
g
o
r
i
t
h
m
I
d
e
n
t
i
f
i
e
r
s
o
r
a
n
o
t
h
e
r
r
e
g
i
s
t
e
r
e
d
a
l
g
o
r
i
t
h
m
i
d
e
n
t
i
f
i
e
r.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
N
C L
R "
Y S
P m
T a
_ r
A t
S C
S a
O r
C d
I A
A s
T s
E o
D c
_ i
E a
C t
D e
H d
_ E
K C
E D
Y H
K
e
y
"
A
n
L
P
W
S
T
R
v
a
l
u
e
t
h
a
t
i
n
d
i
c
a
t
e
s
t
h
e
c
o
n
t
a
i
n
e
r
n
a
m
e
o
f
t
h
e
E
l
l
i
p
t
i
c
C
u
r
v
e
D
i
f
f
i
e
-
H
e
l
l
m
a
n
(
E
C
D
H
)
k
e
y
t
o
u
s
e
d
u
r
i
n
g
l
o
g
o
n
f
o
r
a
g
i
v
e
n
h
a
n
d
l
e
t
o
a
n
E
l
l
i
p
t
i
c
C
u
r
v
e
D
i
g
i
t
a
l
S
i
g
n
a
t
u
r
e
A
l
g
o
r
i
t
h
m
(
E
C
D
S
A
)
k
e
y
.
I
f
t
h
e
r
e
a
r
e
n
o
E
C
D
H
k
e
y
s
o
n
t
h
e
c
a
r
d
,
t
h
e
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
(
K
S
P
)
r
e
t
u
r
n
s
N
T
E
_
N
O
T
_
F
O
U
N
D
.
T
h
i
s
p
r
o
p
e
r
t
y
a
p
p
l
i
e
s
t
o
E
C
D
S
A
k
e
y
s
f
o
r
l
o
g
o
n
w
i
t
h
s
m
a
r
t
c
a
r
d
s
.
T
h
e
p
r
o
p
e
r
t
y
i
s
s
u
p
p
o
r
t
e
d
b
y
t
h
e
M
i
c
r
o
s
o
f
t
S
m
a
r
t
C
a
r
d
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
a
n
d
n
o
t
b
y
t
h
e
M
i
c
r
o
s
o
f
t
S
o
f
t
w
a
r
e
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r.
W
i
n
d
o
w
s
S
e
r
v
e
r
2
0
0
8
a
n
d
W
i
n
d
o
w
s
V
i
s
t
a
:
T
h
i
s
v
a
l
u
e
i
s
n
o
t
s
u
p
p
o
r
t
e
d
.
N
C L
R "
Y B
P l
T o
_ c
B k
L L
O e
C n
K g
_ t
L h
E "
N A
G D
T W
H O
_ R
P D
R t
O h
P a
E t
R c
T o
Y n
t
a
i
n
s
t
h
e
l
e
n
g
t
h
,
i
n
b
y
t
e
s
,
o
f
t
h
e
e
n
c
r
y
p
t
i
o
n
b
l
o
c
k
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
t
h
a
t
s
u
p
p
o
r
t
e
n
c
r
y
p
t
i
o
n
.
N
C L
R "
Y S
P m
T a
_ r
C t
E C
R a
T r
I d
F K
I e
C y
A C
T e
E r
_ t
P i
R f
O i
P c
E a
R t
T e
Y "
A
B
L
O
B
t
h
a
t
c
o
n
t
a
i
n
s
a
n
X
.
5
0
9
c
e
r
t
i
f
i
c
a
t
e
t
h
a
t
i
s
a
s
s
o
c
i
a
t
e
d
w
i
t
h
t
h
e
k
e
y
.
W
i
n
d
o
w
s
S
e
r
v
e
r
2
0
0
8
R
2
,
W
i
n
d
o
w
s
7
,
W
i
n
d
o
w
s
S
e
r
v
e
r
2
0
0
8
a
n
d
W
i
n
d
o
w
s
V
i
s
t
a
:
A
B
L
O
B
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
s
m
a
r
t
c
a
r
d
k
e
y
c
e
r
t
i
f
i
c
a
t
e
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
n
o
t
s
u
p
p
o
r
t
e
d
b
y
t
h
e
M
i
c
r
o
s
o
f
t
S
o
f
t
w
a
r
e
K
e
y
S
t
o
r
a
g
e
P
r
o
v
i
d
e
r.
N
C L
R "
Y D
P H
T P
_ a
D r
H a
_ m
P e
A t
R e
A r
M s
E "
T
E S
R p
S e
_ c
P i
R f
O i
P e
E s
R p
T a
Y r
a
m
e
t
e
r
s
t
o
u
s
e
w
i
t
h
a
D
i
f
f
i
e
-
H
e
l
l
m
a
n
k
e
y
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
p
o
i
n
t
e
r
t
o
a
B
C
R
Y
P
T
_
D
H
_
P
A
R
A
M
E
T
E
R
_
H
E
A
D
E
R
s
t
r
u
c
t
u
r
e
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
s
e
t
a
n
d
m
u
s
t
b
e
s
e
t
f
o
r
t
h
e
k
e
y
b
e
f
o
r
e
t
h
e
k
e
y
i
s
c
o
m
p
l
e
t
e
d
.
N
C L
R "
Y E
P x
T p
_ o
E r
X t
P P
O o
R l
T i
_ c
P y
O "
L A
I
C D
Y W
_ O
P R
R D
O t
P h
E a
R t
T c
Y o
n
t
a
i
n
s
a
s
e
t
o
f
f
l
a
g
s
t
h
a
t
s
p
e
c
i
f
y
t
h
e
e
x
p
o
r
t
p
o
l
i
c
y
f
o
r
a
p
e
r
s
i
s
t
e
d
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
T
h
i
s
c
a
n
c
o
n
t
a
i
n
z
e
r
o
o
r
a
c
o
m
b
i
n
a
t
i
o
n
o
f
o
n
e
o
r
m
o
r
e
o
f
t
h
e
f
o
l
l
o
w
i
n
g
v
a
l
u
e
s
.
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
A0
L0
L1
O
W
_
E
X
P
O
R
T
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
A0
L0
L2
O
W
_
P
L
A
I
N
T
E
X
T
_
E
X
P
O
R
T
_
F
L
A
G
N0
Cx
R0
Y0
P0
T0
_0
A0
L0
L4
O
W
_I
AD
RE
N
C
T
H
I V
IF A
VI L
EI U
RE
N
G
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
A0
L0
L8
O
W
_
P
L
A
I
N
T
E
X
T
_
A
R
C
H
I
V
I
N
G
_
F
L
A
G
G
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
I
D
E
N
T
I V
FA
I L
EU
RE
N
C L
R "
Y I
P m
T p
_ l
I T
M y
P p
L e
_ "
T A
Y D
P W
E O
_ R
P D
R t
O h
P a
E t
R c
T o
Y n
t
a
i
n
s
a
s
e
t
o
f
f
l
a
g
s
t
h
a
t
d
e
f
i
n
e
i
m
p
l
e
m
e
n
t
a
t
i
o
n
d
e
t
a
i
l
s
o
f
t
h
e
p
r
o
v
i
d
e
r.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
s
.
T
h
i
s
c
a
n
c
o
n
t
a
i
n
z
e
r
o
o
r
a
c
o
m
b
i
n
a
t
i
o
n
o
f
o
n
e
o
r
m
o
r
e
o
f
t
h
e
f
o
l
l
o
w
i
n
g
v
a
l
u
e
s
.
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
I0
M0
P1
L
_
H
A
R
D
W
A
R
E
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
I0
M0
P2
L
_
S
O
F
T
W
A
R
E
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
I0
M0
P8
L
_
R
E
M
O
V
A
B
L
E
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
I0
M1
P0
L
_
H
A
R
D
W
A
R
E
_
R
N
G
_
F
L
A
G
N
C L
R "
Y K
P e
T y
_ T
K y
E p
Y e
_ "
T
Y A
P D
E W
_ O
P R
R D
O t
P h
E a
R t
T c
Y o
n
t
a
i
n
s
a
s
e
t
o
f
f
l
a
g
s
t
h
a
t
d
e
f
i
n
e
t
h
e
k
e
y
t
y
p
e
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
T
h
i
s
c
a
n
c
o
n
t
a
i
n
z
e
r
o
o
r
t
h
e
f
o
l
l
o
w
i
n
g
v
a
l
u
e
.
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
M0
A0
C1
H
I
N
E
_
K
E
Y
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N
L
C "
R K
Y e
P y
T U
_ s
K a
E g
Y e
_ "
U
S A
A D
G W
E O
_ R
P D
R t
O h
P a
E t
R c
T o
Y n
t
a
i
n
s
a
s
e
t
o
f
f
l
a
g
s
t
h
a
t
d
e
f
i
n
e
t
h
e
u
s
a
g
e
d
e
t
a
i
l
s
f
o
r
a
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
T
h
i
s
c
a
n
c
o
n
t
a
i
n
z
e
r
o
o
r
a
c
o
m
b
i
n
a
t
i
o
n
o
f
o
n
e
o
r
m
o
r
e
o
f
t
h
e
f
o
l
l
o
w
i
n
g
v
a
l
u
e
s
.
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
A0
L0
L1
O
W
_
D
E
C
R
Y
P
T
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
A0
L0
L2
O
W
_
S
I
G
N
I
N
G
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
P0
T0
_0
A0
L0
L4
O
W
_
K
E
Y
_
A
G
R
E
E
M
E
N
T
_
F
L
A
G
I
D
E
N
T
I V
FA
I L
EU
RE
N0
Cx
R0
Y0
Pf
Tf
_f
Af
Lf
Lf
O
W
_
A
L
L
_
U
S
A
G
E
S
N
C L
R "
Y M
P o
T d
_ i
L f
A i
S e
T d
_ "
M I
O n
D d
I i
F c
I a
E t
D e
_ s
P w
R h
O e
P n
E t
R h
T e
Y k
e
y
w
a
s
l
a
s
t
m
o
d
i
f
i
e
d
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
p
o
i
n
t
e
r
t
o
a
F
I
L
E
T
I
M
E
s
t
r
u
c
t
u
r
e
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
p
e
r
s
i
s
t
e
d
k
e
y
s
.
N
C L
R "
Y L
P e
T n
_ g
L t
E h
N "
G A
T D
H W
_ O
P R
R D
O t
P h
E a
R t
T c
Y o
n
t
a
i
n
s
t
h
e
l
e
n
g
t
h
,
i
n
b
i
t
s
,
o
f
t
h
e
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
N
C L
R "
Y L
P e
T n
_ g
L t
E h
N s
G "
T
H I
S n
_ d
P i
R c
O a
P t
E e
R s
T t
Y h
e
k
e
y
s
i
z
e
s
t
h
a
t
a
r
e
s
u
p
p
o
r
t
e
d
b
y
t
h
e
k
e
y
.
T
h
i
s
d
a
t
a
t
y
p
e
i
s
a
p
o
i
n
t
e
r
t
o
a
n
N
C
R
Y
P
T
_
S
U
P
P
O
R
T
E
D
_
L
E
N
G
T
H
S
s
t
r
u
c
t
u
r
e
t
h
a
t
c
o
n
t
a
i
n
s
t
h
i
s
i
n
f
o
r
m
a
t
i
o
n
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
k
e
y
s
.
N
C L
R "
Y M
P a
T x
_ N
M a
A m
X e
_ L
N e
A n
M g
E t
_ h
L "
E A
N D
G W
T O
H R
_ D
P t
R h
O a
P t
E c
R o
T n
Y t
a
i
n
s
t
h
e
m
a
x
i
m
u
m
l
e
n
g
t
h
,
i
n
c
h
a
r
a
c
t
e
r
s
,
o
f
t
h
e
n
a
m
e
o
f
a
p
e
r
s
i
s
t
e
n
t
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
a
p
r
o
v
i
d
e
r.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
p
r
i
m
a
r
i
l
y
i
n
t
e
n
d
e
d
t
o
b
e
u
s
e
d
b
y
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
s
t
h
a
t
s
t
o
r
e
t
h
e
i
r
k
e
y
s
o
n
a
d
e
v
i
c
e
t
h
a
t
h
a
s
a
l
i
m
i
t
e
d
a
m
o
u
n
t
o
f
a
v
a
i
l
a
b
l
e
m
e
m
o
r
y
,
s
u
c
h
a
s
a
s
m
a
r
t
c
a
r
d
.
N
C L
R "
Y N
P a
T m
_ e
N "
A A
M p
E o
_ i
P n
R t
O e
P r
E t
R o
T a
Y n
u
l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
n
a
m
e
o
f
t
h
e
o
b
j
e
c
t
.
N
C L
R "
Y S
P m
T a
_ r
P t
I C
N a
_ r
P d
R P
O i
M n
P P
T r
_ o
P m
R p
O t
P "
E
R T
T h
Y i
s
v
a
l
u
e
i
s
n
o
t
s
u
p
p
o
r
t
e
d
.
N
C L
R "
Y S
P m
T a
_ r
P t
I C
N a
_ r
P d
R P
O i
P n
E "
R
T A
Y p
o
i
n
t
e
r
t
o
a
n
u
l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
P
I
N
.
T
h
e
P
I
N
i
s
u
s
e
d
f
o
r
a
s
m
a
r
t
c
a
r
d
k
e
y
o
r
t
h
e
p
a
s
s
w
o
r
d
f
o
r
a
p
a
s
s
w
o
r
d
-
p
r
o
t
e
c
t
e
d
k
e
y
s
t
o
r
e
d
i
n
a
s
o
f
t
w
a
r
e
-
b
a
s
e
d
K
S
P
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
s
e
t
.
M
i
c
r
o
s
o
f
t
K
S
P
s
w
i
l
l
c
a
c
h
e
t
h
i
s
v
a
l
u
e
s
o
t
h
a
t
t
h
e
u
s
e
r
i
s
o
n
l
y
p
r
o
m
p
t
e
d
o
n
c
e
p
e
r
p
r
o
c
e
s
s
.
N
C L
R "
Y P
P r
T o
_ v
P i
R d
O e
V r
I H
D a
E n
R d
_ l
H e
A "
N
D A
L n
E N
_ C
P R
R Y
O P
P T
E _
R P
T R
Y O
V
_
H
A
N
D
L
E
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
h
a
n
d
l
e
o
f
t
h
e
C
N
G
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r.
W
h
e
n
y
o
u
a
r
e
f
i
n
i
s
h
e
d
u
s
i
n
g
t
h
e
h
a
n
d
l
e
,
y
o
u
m
u
s
t
c
a
l
l
N
C
r
y
p
t
F
r
e
e
O
b
j
e
c
t
t
o
r
e
l
e
a
s
e
i
t
.
N
C L
R "
Y S
P m
T a
_ r
R t
E C
A a
D r
E d
R R
_ e
P a
R d
O e
P r
E "
R A
T p
Y o
i
n
t
e
r
t
o
a
n
u
l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
n
a
m
e
o
f
t
h
e
s
m
a
r
t
c
a
r
d
r
e
a
d
e
r.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
s
e
t
.
N
C L
R "
Y S
P m
T a
_ r
R t
O c
O a
T r
_ d
C R
E o
R o
T t
S C
T e
O r
R t
E S
_ t
P o
R r
O e
P "
E A
R n
T H
Y
C
E
R
T
S
T
O
R
E
t
h
a
t
r
e
p
r
e
s
e
n
t
s
t
h
e
s
m
a
r
t
c
a
r
d
r
o
o
t
c
e
r
t
i
f
i
c
a
t
e
s
t
o
r
e
.
N
C L
R "
Y S
P m
T a
_ r
S t
C C
A a
R r
D d
_ P
P i
I n
N I
_ d
I "
D A
p
o
i
n
t
e
r
t
o
t
h
e
P
I
N
_
I
D
v
a
l
u
e
a
s
s
o
c
i
a
t
e
d
w
i
t
h
a
g
i
v
e
n
c
r
y
p
t
o
g
r
a
p
h
i
c
k
e
y
o
n
a
s
m
a
r
t
c
a
r
d
.
T
h
i
s
i
s
a
r
e
a
d
-
o
n
l
y
p
r
o
p
e
r
t
y
.
T
h
e
P
I
N
_
I
D
d
a
t
a
t
y
p
e
i
s
d
e
f
i
n
e
d
i
n
C
a
r
d
m
o
d
.
h
.
W
i
n
d
o
w
s
S
e
r
v
e
r
2
0
0
8
a
n
d
W
i
n
d
o
w
s
V
i
s
t
a
:
T
h
i
s
v
a
l
u
e
i
s
n
o
t
s
u
p
p
o
r
t
e
d
.
N
C L
R "
Y S
P m
T a
_ r
S t
C C
A a
R r
D d
_ P
P i
I n
N I
_ n
I f
N o
F "
O A
p
o
i
n
t
e
r
t
o
P
I
N
_
I
N
F
O
s
t
r
u
c
t
u
r
e
o
f
t
h
e
P
I
N
a
s
s
o
c
i
a
t
e
d
w
i
t
h
a
g
i
v
e
n
c
r
y
p
t
o
g
r
a
p
h
i
c
k
e
y
o
n
t
h
e
s
m
a
r
t
c
a
r
d
.
T
h
e
c
a
l
l
e
r
p
r
o
v
i
d
e
s
t
h
e
k
e
y
h
a
n
d
l
e
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
a
r
e
a
d
-
o
n
l
y
p
r
o
p
e
r
t
y
.
T
h
e
P
I
N
_
I
N
F
O
s
t
r
u
c
t
u
r
e
i
s
d
e
f
i
n
e
d
i
n
C
a
r
d
m
o
d
.
h
.
W
i
n
d
o
w
s
S
e
r
v
e
r
2
0
0
8
a
n
d
W
i
n
d
o
w
s
V
i
s
t
a
:
T
h
i
s
v
a
l
u
e
i
s
n
o
t
s
u
p
p
o
r
t
e
d
.
N
C L
R "
Y S
P m
T a
_ r
S t
E C
C a
U r
R d
E S
_ e
P c
I u
N r
_ e
P P
R i
O n
P "
E A
R p
T o
Y i
n
t
e
r
t
o
a
n
u
l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
s
m
a
r
t
c
a
r
d
s
e
s
s
i
o
n
P
I
N
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
s
e
t
.
W
i
n
d
o
w
s
V
i
s
t
a
:
T
h
i
s
p
r
o
p
e
r
t
y
i
s
n
o
t
s
u
p
p
o
r
t
e
d
.
N
C L
R "
Y S
P e
T c
_ u
S r
E i
C t
U y
R D
I e
T s
Y c
_ r
D "
E A
S p
C o
R i
_ n
P
R t
O e
P r
E t
R o
T a
Y S
E
C
U
R
I
T
Y
_
D
E
S
C
R
I
P
T
O
R
s
t
r
u
c
t
u
r
e
t
h
a
t
c
o
n
t
a
i
n
s
a
c
c
e
s
s
c
o
n
t
r
o
l
i
n
f
o
r
m
a
t
i
o
n
f
o
r
t
h
e
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
p
e
r
s
i
s
t
e
n
t
k
e
y
s
.
T
h
e
d
w
F
l
a
g
s
p
a
r
a
m
e
t
e
r
o
f
t
h
e
N
C
r
y
p
t
G
e
t
P
r
o
p
e
r
t
y
o
r
N
C
r
y
p
t
S
e
t
P
r
o
p
e
r
t
y
f
u
n
c
t
i
o
n
i
d
e
n
t
i
f
i
e
s
t
h
e
p
a
r
t
o
f
t
h
e
s
e
c
u
r
i
t
y
d
e
s
c
r
i
p
t
o
r
t
o
g
e
t
o
r
s
e
t
.
N
C L
R "
Y S
P e
T c
_ u
S r
E i
C t
U y
R D
I e
T s
Y c
_ r
D S
E u
S p
C p
R o
_ r
S t
U "
P
P I
O n
R d
T i
_ c
P a
R t
O e
P s
E w
R h
T e
Y t
h
e
r
t
h
e
p
r
o
v
i
d
e
r
s
u
p
p
o
r
t
s
s
e
c
u
r
i
t
y
d
e
s
c
r
i
p
t
o
r
s
f
o
r
k
e
y
s
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
a
D
W
O
R
D
t
h
a
t
c
o
n
t
a
i
n
s
1
i
f
t
h
e
p
r
o
v
i
d
e
r
s
u
p
p
o
r
t
s
s
e
c
u
r
i
t
y
d
e
s
c
r
i
p
t
o
r
s
f
o
r
k
e
y
s
.
I
f
t
h
i
s
p
r
o
p
e
r
t
y
c
o
n
t
a
i
n
s
a
n
y
o
t
h
e
r
v
a
l
u
e
,
o
r
i
f
t
h
e
N
C
r
y
p
t
G
e
t
P
r
o
p
e
r
t
y
f
u
n
c
t
i
o
n
r
e
t
u
r
n
s
N
T
E
_
N
O
T
_
S
U
P
P
O
R
T
E
D
,
t
h
e
n
t
h
e
p
r
o
v
i
d
e
r
d
o
e
s
n
o
t
s
u
p
p
o
r
t
s
e
c
u
r
i
t
y
d
e
s
c
r
i
p
t
o
r
s
f
o
r
k
e
y
s
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
p
r
o
v
i
d
e
r
s
.
N
C L
R "
Y S
P m
T a
_ r
S t
M C
A a
R r
T d
C G
A u
R i
D d
_ "
G A
U B
I L
D O
_ B
P t
R h
O a
P t
E c
R o
T n
Y t
a
i
n
s
t
h
e
i
d
e
n
t
i
f
i
e
r
o
f
t
h
e
s
m
a
r
t
c
a
r
d
.
N
C L
R "
Y U
P I
T P
_ o
U l
I i
_ c
P y
O "
L I
I f
C u
Y s
_ e
P d
R
O w
P i
E t
R h
T t
Y h
e
N
C
r
y
p
t
S
e
t
P
r
o
p
e
r
t
y
o
r
N
C
r
y
p
t
G
e
t
P
r
o
p
e
r
t
y
f
u
n
c
t
i
o
n
,
t
h
i
s
i
s
a
p
o
i
n
t
e
r
t
o
a
n
N
C
R
Y
P
T
_
U
I
_
P
O
L
I
C
Y
s
t
r
u
c
t
u
r
e
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
s
t
r
o
n
g
k
e
y
u
s
e
r
i
n
t
e
r
f
a
c
e
p
o
l
i
c
y
f
o
r
t
h
e
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
p
e
r
s
i
s
t
e
n
t
k
e
y
s
.
T
h
i
s
p
r
o
p
e
r
t
y
c
a
n
o
n
l
y
b
e
s
e
t
w
h
e
n
t
h
e
k
e
y
i
s
b
e
i
n
g
g
e
n
e
r
a
t
e
d
.
O
n
c
e
t
h
e
N
C
r
y
p
t
F
i
n
a
l
i
z
e
K
e
y
f
u
n
c
t
i
o
n
h
a
s
b
e
e
n
c
a
l
l
e
d
f
o
r
t
h
i
s
k
e
y
,
t
h
i
s
p
r
o
p
e
r
t
y
b
e
c
o
m
e
s
r
e
a
d
-
o
n
l
y
.
A
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
c
a
n
r
e
c
e
i
v
e
t
h
i
s
p
a
r
a
m
e
t
e
r
t
h
r
o
u
g
h
a
n
N
C
r
y
p
t
S
e
t
P
r
o
p
e
r
t
y
F
n
c
a
l
l
b
a
c
k
f
u
n
c
t
i
o
n
.
T
h
e
p
a
r
a
m
e
t
e
r
v
a
l
u
e
i
s
a
n
N
C
R
Y
P
T
_
U
I
_
P
O
L
I
C
Y
_
B
L
O
B
s
t
r
u
c
t
u
r
e
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
s
a
m
e
i
n
f
o
r
m
a
t
i
o
n
.
S
i
m
i
l
a
r
l
y
,
w
h
e
n
a
n
a
p
p
l
i
c
a
t
i
o
n
m
a
k
e
s
a
r
e
q
u
e
s
t
t
h
r
o
u
g
h
N
C
r
y
p
t
S
e
t
P
r
o
p
e
r
t
y
F
n
t
o
t
h
e
p
r
o
v
i
d
e
r
t
o
r
e
t
u
r
n
t
h
i
s
p
r
o
p
e
r
t
y
,
t
h
e
p
r
o
v
i
d
e
r
i
s
e
x
p
e
c
t
e
d
t
o
r
e
t
u
r
n
a
n
N
C
R
Y
P
T
_
U
I
_
P
O
L
I
C
Y
_
B
L
O
B
s
t
r
u
c
t
u
r
e
.
N
C L
R "
Y U
P n
T i
_ q
U u
N e
I N
Q a
U m
E e
_ "
N A
A p
M o
E i
_
P n
R t
O e
P r
E t
R o
T a
Y n
u
l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
u
n
i
q
u
e
n
a
m
e
o
f
t
h
e
o
b
j
e
c
t
.
T
h
i
s
i
s
a
n
a
l
t
e
r
n
a
t
e
n
a
m
e
t
h
a
t
c
a
n
b
e
u
s
e
d
w
h
e
n
a
c
c
e
s
s
i
n
g
t
h
e
k
e
y
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
u
s
e
d
w
h
e
n
i
t
i
s
t
h
o
u
g
h
t
t
h
a
t
t
h
e
k
e
y
n
a
m
e
o
r
i
g
i
n
a
l
l
y
p
a
s
s
e
d
t
o
N
C
r
y
p
t
C
r
e
a
t
e
P
e
r
s
i
s
t
e
d
K
e
y
i
s
n
o
t
u
n
i
q
u
e
e
n
o
u
g
h
t
o
r
e
l
i
a
b
l
y
i
d
e
n
t
i
f
y
t
h
e
p
e
r
s
i
s
t
e
d
k
e
y
.
T
h
e
M
i
c
r
o
s
o
f
t
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
w
i
l
l
r
e
t
u
r
n
t
h
e
f
i
l
e
n
a
m
e
o
f
t
h
e
k
e
y
a
s
t
h
i
s
p
r
o
p
e
r
t
y
.
N
C L
R "
Y U
P s
T e
_ C
U o
S n
E t
_ e
C x
O t
N "
T A
E p
X o
T i
_ n
P t
R e
O r
P
E t
R o
T a
Y n
u
l
l
-
t
e
r
m
i
n
a
t
e
d
U
n
i
c
o
d
e
s
t
r
i
n
g
t
h
a
t
d
e
s
c
r
i
b
e
s
t
h
e
c
o
n
t
e
x
t
o
f
t
h
e
o
p
e
r
a
t
i
o
n
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
n
o
t
p
e
r
s
i
s
t
e
n
t
a
n
d
c
a
n
b
e
s
e
t
o
n
e
i
t
h
e
r
a
p
r
o
v
i
d
e
r
o
r
a
k
e
y
.
A
k
e
y
d
o
e
s
n
o
t
h
a
v
e
a
c
c
e
s
s
t
o
t
h
e
N
C
R
Y
P
T
_
U
S
E
_
C
O
N
T
E
X
T
_
P
R
O
P
E
R
T
Y
p
r
o
p
e
r
t
y
o
f
t
h
e
p
r
o
v
i
d
e
r
b
e
c
a
u
s
e
t
h
e
p
r
o
p
e
r
t
y
i
s
s
p
e
c
i
f
i
c
o
n
l
y
t
o
t
h
e
h
a
n
d
l
e
i
t
i
s
s
e
t
f
o
r.
A
n
e
x
a
m
p
l
e
w
h
e
r
e
t
h
i
s
p
r
o
p
e
r
t
y
w
o
u
l
d
b
e
u
s
e
d
i
n
t
h
e
c
o
n
t
e
x
t
o
f
a
p
r
o
v
i
d
e
r
i
s
a
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
t
h
a
t
n
e
e
d
s
t
o
p
r
o
m
p
t
t
h
e
u
s
e
r
d
u
r
i
n
g
a
c
a
l
l
t
o
N
C
r
y
p
t
O
p
e
n
K
e
y
(
f
o
r
e
x
a
m
p
l
e
,
"
I
n
s
e
r
t
y
o
u
r
s
m
a
r
t
c
a
r
d
i
n
t
h
e
r
e
a
d
e
r.
"
)
.
B
e
c
a
u
s
e
t
h
e
k
e
y
h
a
n
d
l
e
i
s
n
o
t
a
v
a
i
l
a
b
l
e
u
n
t
i
l
a
f
t
e
r
N
C
r
y
p
t
O
p
e
n
K
e
y
r
e
t
u
r
n
s
,
t
h
e
a
p
p
l
i
c
a
t
i
o
n
s
h
o
u
l
d
s
e
t
t
h
i
s
p
r
o
p
e
r
t
y
o
n
t
h
e
p
r
o
v
i
d
e
r
h
a
n
d
l
e
p
r
i
o
r
t
o
c
a
l
l
i
n
g
N
C
r
y
p
t
O
p
e
n
K
e
y
.
A
n
e
x
a
m
p
l
e
w
h
e
r
e
t
h
i
s
p
r
o
p
e
r
t
y
w
o
u
l
d
b
e
u
s
e
d
i
n
t
h
e
c
o
n
t
e
x
t
o
f
a
k
e
y
h
a
n
d
l
e
i
s
a
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
t
h
a
t
n
e
e
d
s
t
o
p
r
o
m
p
t
t
h
e
u
s
e
r
d
u
r
i
n
g
a
n
o
p
e
r
a
t
i
o
n
u
s
i
n
g
t
h
e
k
e
y
(
f
o
r
e
x
a
m
p
l
e
,
"
T
h
i
s
a
p
p
l
i
c
a
t
i
o
n
n
e
e
d
s
t
o
u
s
e
t
h
i
s
k
e
y
t
o
s
i
g
n
a
d
o
c
u
m
e
n
t
.
"
)
.
T
h
e
p
r
o
v
i
d
e
r
c
o
u
l
d
t
h
e
n
r
e
l
a
y
t
h
i
s
c
o
n
t
e
x
t
i
n
f
o
r
m
a
t
i
o
n
t
o
t
h
e
u
s
e
r
i
n
a
n
y
u
s
e
r
i
n
t
e
r
f
a
c
e
s
h
o
w
n
d
u
r
i
n
g
t
h
e
o
p
e
r
a
t
i
o
n
.
N
C L
R "
Y E
P n
T a
_ b
U l
S e
E d
_ U
C s
O e
U C
N o
T u
_ n
E t
N "
A
B I
L n
E d
D i
_ c
P a
R t
O e
P s
E w
R h
T e
Y t
h
e
r
t
h
e
p
r
o
v
i
d
e
r
s
u
p
p
o
r
t
s
u
s
a
g
e
c
o
u
n
t
i
n
g
f
o
r
k
e
y
s
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
a
D
W
O
R
D
t
h
a
t
c
o
n
t
a
i
n
s
1
i
f
t
h
e
p
r
o
v
i
d
e
r
s
u
p
p
o
r
t
s
u
s
a
g
e
c
o
u
n
t
i
n
g
f
o
r
k
e
y
s
.
I
f
t
h
i
s
p
r
o
p
e
r
t
y
c
o
n
t
a
i
n
s
a
n
y
o
t
h
e
r
v
a
l
u
e
,
o
r
i
f
t
h
e
N
C
r
y
p
t
G
e
t
P
r
o
p
e
r
t
y
f
u
n
c
t
i
o
n
r
e
t
u
r
n
s
N
T
E
_
N
O
T
_
S
U
P
P
O
R
T
E
D
,
t
h
e
n
t
h
e
p
r
o
v
i
d
e
r
d
o
e
s
n
o
t
s
u
p
p
o
r
t
u
s
a
g
e
c
o
u
n
t
i
n
g
f
o
r
k
e
y
s
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
p
r
o
v
i
d
e
r
s
.
N
C L
R "
Y U
P s
T e
_ C
U o
S u
E n
_ t
C "
O A
U U
N L
T A
_ R
P G
R E
O _
P I
E N
R T
T E
Y G
E
R
v
a
r
i
a
b
l
e
t
h
a
t
c
o
n
t
a
i
n
s
t
h
e
n
u
m
b
e
r
o
f
o
p
e
r
a
t
i
o
n
s
t
h
a
t
t
h
e
s
p
e
c
i
f
i
e
d
p
r
i
v
a
t
e
k
e
y
h
a
s
p
e
r
f
o
r
m
e
d
.
T
h
i
s
p
r
o
p
e
r
t
y
i
s
o
p
t
i
o
n
a
l
a
n
d
m
a
y
n
o
t
b
e
s
u
p
p
o
r
t
e
d
b
y
a
l
l
p
r
o
v
i
d
e
r
s
.
P
r
o
v
i
d
e
r
s
t
h
a
t
s
u
p
p
o
r
t
t
h
i
s
p
r
o
p
e
r
t
y
o
n
k
e
y
s
s
h
o
u
l
d
a
l
s
o
s
u
p
p
o
r
t
t
h
e
N
C
R
Y
P
T
_
U
S
E
_
C
O
U
N
T
_
E
N
A
B
L
E
D
_
P
R
O
P
E
R
T
Y
p
r
o
p
e
r
t
y
o
n
t
h
e
p
r
o
v
i
d
e
r
h
a
n
d
l
e
.
T
h
e
M
i
c
r
o
s
o
f
t
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
d
o
e
s
n
o
t
s
u
p
p
o
r
t
t
h
i
s
p
r
o
p
e
r
t
y
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
p
e
r
s
i
s
t
e
n
t
k
e
y
s
.
N
C L
R "
Y S
P m
T a
_ r
U t
S C
E a
R r
_ d
C U
E s
R e
T r
S C
T e
O r
R t
E S
_ t
P o
R r
O e
P "
E
R A
T n
Y H
C
E
R
T
S
T
O
R
E
t
h
a
t
r
e
p
r
e
s
e
n
t
s
t
h
e
s
m
a
r
t
c
a
r
d
u
s
e
r
c
e
r
t
i
f
i
c
a
t
e
s
t
o
r
e
.
N
C L
R "
Y V
P e
T r
_ s
V i
E o
R n
S "
I A
O D
N W
_ O
P R
R D
O t
P h
E a
R t
T c
Y o
n
t
a
i
n
s
t
h
e
s
o
f
t
w
a
r
e
v
e
r
s
i
o
n
o
f
t
h
e
p
r
o
v
i
d
e
r.
T
h
e
h
i
g
h
w
o
r
d
c
o
n
t
a
i
n
s
t
h
e
m
a
j
o
r
v
e
r
s
i
o
n
a
n
d
t
h
e
l
o
w
w
o
r
d
c
o
n
t
a
i
n
s
t
h
e
m
i
n
o
r
v
e
r
s
i
o
n
.
F
o
r
e
x
a
m
p
l
e
,
0
x
0
0
0
3
0
0
3
3
=
3
.
5
1
.
T
h
i
s
p
r
o
p
e
r
t
y
o
n
l
y
a
p
p
l
i
e
s
t
o
p
r
o
v
i
d
e
r
s
.
N
C L
R "
Y H
P W
T N
_ D
W H
I a
N n
D d
O l
W e
_ "
H A
A p
N o
D i
L n
E t
_ e
P r
R t
O o
P t
E h
R e
T w
Y i
n
d
o
w
h
a
n
d
l
e
(
H
W
N
D
)
t
o
b
e
u
s
e
d
a
s
t
h
e
p
a
r
e
n
t
o
f
a
n
y
u
s
e
r
i
n
t
e
r
f
a
c
e
t
h
a
t
i
s
d
i
s
p
l
a
y
e
d
.
B
e
c
a
u
s
e
u
n
d
e
s
i
r
a
b
l
e
b
e
h
a
v
i
o
r
c
a
n
h
a
p
p
e
n
w
h
e
n
a
u
s
e
r
i
n
t
e
r
f
a
c
e
i
s
s
h
o
w
n
b
y
u
s
i
n
g
a
N
U
L
L
w
i
n
d
o
w
h
a
n
d
l
e
f
o
r
t
h
e
p
a
r
e
n
t
,
w
e
s
t
r
o
n
g
l
y
r
e
c
o
m
m
e
n
d
t
h
a
t
a
k
e
y
s
t
o
r
a
g
e
p
r
o
v
i
d
e
r
n
o
t
d
i
s
p
l
a
y
a
u
s
e
r
i
n
t
e
r
f
a
c
e
u
n
l
e
s
s
t
h
i
s
p
r
o
p
e
r
t
y
i
s
s
e
t
.
The following values are used to define limits of property data.
Specifies the maximum size of a property value, in bytes.

NC
RYP
T_
MA
X_P
RO
PER
TY_
DAT
A
0x1
000
00
Specifies the maximum size of a property name, in characters.

NC
RYP
T_
MA
X_P
RO
PER
TY_
NA
ME
64
Requirements
Header
Ncry
pt.h
See also
N
C
r
y
p
t
G
e
t
P
r
o
p
e
r
t
y
N
C
r
y
p
t
S
e
t
P
r
o
p
e
r
t
y
Cryptography API: Next Generation (CNG) defines the following functions that are used with the CNG
cryptographic configuration system.
BCr yptAddContextFunction
BCr yptConfigureContext
BCr yptConfigureContextFunction
BCr yptCreateContext
BCr yptDeleteContext
BCr yptEnumAlgorithms
BCr yptEnumContextFunctionProviders
BCr yptEnumContextFunctions
BCr yptEnumContexts
BCr yptEnumProviders
BCr yptEnumRegisteredProviders
BCr yptGetFipsAlgorithmMode
BCr yptQuer yContextConfiguration
BCr yptQuer yContextFunctionConfiguration
BCr yptQuer yContextFunctionProper ty
BCr yptQuer yProviderRegistration
BCr yptRegisterConfigChangeNotify(HANDLE*)
BCr yptRegisterConfigChangeNotify(PRKEVENT)
BCr yptRemoveContextFunction
BCr yptResolveProviders
BCr yptSetContextFunctionProper ty
BCr yptUnregisterConfigChangeNotify(HANDLE)
BCr yptUnregisterConfigChangeNotify(PRKEVENT)
Cryptography API: Next Generation (CNG) defines the following functions that are used for performing
cryptographic operations.
BCr yptCloseAlgorithmProvider
BCr yptCreateHash
BCr yptCreateMultiHash
BCr yptDecr ypt
BCr yptDeriveKey
BCr yptDestroyHash
BCr yptDestroyKey
BCr yptDestroySecret
BCr yptDuplicateHash
BCr yptDuplicateKey
BCr yptEncr ypt
BCr yptExpor tKey
BCr yptFinalizeKeyPair
BCr yptFinishHash
BCr yptFreeBuffer
BCr yptGenerateKeyPair
BCr yptGenerateSymmetricKey
BCr yptGenRandom
BCr yptGetProper ty
BCr yptHash
BCr yptHashData
BCr yptImpor tKey
BCr yptImpor tKeyPair
BCr yptKeyDerivation
BCr yptOpenAlgorithmProvider
BCr yptProcessMultiOperations
BCr yptSecretAgreement
BCr yptSetProper ty
BCr yptSignHash
BCr yptVerifySignature
Cryptography API: Next Generation (CNG) defines the following functions for the CNG Data Protection API.
NCr yptCreateProtectionDescriptor
NCr yptCloseProtectionDescriptor
NCr yptGetProtectionDescriptorInfo
NCr yptProtectSecret
NCr yptQuer yProtectionDescriptorName
NCr yptRegisterProtectionDescriptorName
NCr yptStreamClose
NCr yptStreamOpenToProtect
NCr yptStreamOpenToUnprotect
NCr yptStreamUpdate
NCr yptUnprotectSecret
PFNCr yptStreamOutputCallback
Cryptography API: Next Generation (CNG) defines the following helper functions that are used for performing
cryptographic operations.
BCr yptDeriveKeyCapi
BCr yptDeriveKeyPBKDF2
BCRYPT_INIT_AUTH_MODE_INFO
SystemPrng
[SystemPrng is available for use in the operating systems specified in the Requirements section. It may be altered
or unavailable in subsequent versions. Instead, use BCr yptGenRandom .]
The SystemPrng function retrieves a specified number of random bytes from the system random number
generator.
NOTE
This function has no associated header file or import library. To call this function, you must create a user-defined header file.
Syntax
BOOL SystemPrng(
_Out_ unsigned char pbRandomData,
_In_ size_t cbRandomData
);
Parameters
p A pointer to a buffer that receives the retrieved bytes.
b
R
a
n
d
o
m
D
a
t
a
[
o
u
t
]
c The number of bytes to retrieve.

b
R
a
n
d
o
m
D
a
t
a
[
i
n
]
Return value
Always returns TRUE .
Requirements
Minimum supported client Windows Vista with SP1 [desktop apps only]
DLL
Ksec
dd.s
ys
on
Win
dow
s
Serv
er
200
8
and
Win
dow
s
Vist
a
with
SP1;
Cng.
sys
on
Win
dow
s7
and
Win
dow
s
Serv
er
200
8 R2
Cryptography API: Next Generation (CNG) defines the following functions which are used to perform CNG key
storage operations.
NCr yptCreatePersistedKey
NCr yptDecr ypt
NCr yptDeleteKey
NCr yptDeriveKey
NCr yptEncr ypt
NCr yptEnumAlgorithms
NCr yptEnumKeys
NCr yptEnumStorageProviders
NCr yptExpor tKey
NCr yptFinalizeKey
NCr yptFreeBuffer
NCr yptFreeObject
NCr yptGetProper ty
NCr yptImpor tKey
NCr yptIsAlgSuppor ted
NCr yptIsKeyHandle
NCr yptNotifyChangeKey
NCr yptOpenKey
NCr yptOpenStorageProvider
NCr yptSecretAgreement
NCr yptSetProper ty
NCr yptSignHash
NCr yptTranslateHandle
NCr yptVerifySignature
CNG provides the following functions that are used by or with a CNG SSL provider:
SslChangeNotify
SslComputeClientAuthHash
SslComputeEapKeyBlock
SslComputeFinishedHash
SslCreateClientAuthHash
SslCreateEphemeralKey
SslCreateHandshakeHash
SslDecrementProviderReferenceCount
SslDecr yptPacket
SslEncr yptPacket
SslEnumCipherSuites
SslEnumProtocolProviders
SslExpor tKey
SslExpor tKeyingMaterial
SslFreeBuffer
SslFreeObject
SslGenerateMasterKey
SslGenerateSessionKeys
SslGetCipherSuitePRFHashAlgorithm
SslGetKeyProper ty
SslGetProviderProper ty
SslHashHandshake
SslImpor tKey
SslImpor tMasterKey
SslIncrementProviderReferenceCount
SslLookupCipherLengths
SslLookupCipherSuiteInfo
SslOpenPrivateKey
SslOpenProvider
SslSignHash
SslVerifySignature
The SslChangeNotify function is not implemented and cannot be used.
Syntax
SECURITY_STATUS WINAPI SslChangeNotify(
_In_ HANDLE hEvent,
_In_ DWORD dwFlags
);
Parameters
h This parameter is reserved for future use.
E
v
e
n
t
[
i
n
]
d This parameter is reserved for future use.

w
F
l
a
g
s
[
i
n
]
Return value
Returns NTE_NOT_SUPPORTED .
Requirements

Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslComputeClientAuthHash function computes a hash to use during certificate authentication.
Syntax
SECURITY_STATUS WINAPI SslComputeClientAuthHash(
_In_ NCRYPT_PROV_HANDLE hSslProvider,
_In_ NCRYPT_KEY_HANDLE hMasterKey,
_In_ NCRYPT_HASH_HANDLE hHandshakeHash,
_In_ LPCWSTR pszAlgId,
_Out_ PBYTE pbOutput,
_In_ DWORD cbOutput,
_Out_ DWORD *pcbResult,
_In_ DWORD dwFlags
);
Parameters
h The handle of the Secure Sockets Layer protocol (SSL) protocol provider instance.
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle of the master key object.

M
a
s
t
e
r
K
e
y
[
i
n
]
h The handle of the hash of the handshake computed so far.

H
a
n
d
s
h
a
k
e
H
a
s
h
[
i
n
]
p
s
z
A
l
g
I
d
[
i
n
]
A pointer to a null-terminated Unicode string that identifies the requested cryptographic algorithm. This can
be one of the standard CNG Algorithm Identifiers or the identifier for another registered algorithm.
p
b
O
u
t
p
u
t
[
o
u
t
]
The address of a buffer that receives the key BLOB. The cbOutput parameter contains the size of this buffer. If
this parameter is NULL , this function will place the required size, in bytes, in the DWORD pointed to by the
pcbResult parameter.
c The length, in bytes, of the pbOutput buffer.
b
O
u
t
p
u
t
[
i
n
]
p
c
b
R
e
s
u
l
t
[
o
u
t
]
A pointer to a DWORD value that specifies the length, in bytes, of the hash written to the pbOutput buffer.

w
F
l
a
g
s
[
i
n
]
Return value
If the function succeeds, it returns zero.
If the function fails, it returns a nonzero error value.
Possible return codes include, but are not limited to, the following.
RET URN C O DE/ VA L UE DESC RIP T IO N
One of the supplied handles is not valid.

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Remarks
The SslComputeClientAuthHash function computes the hash that is sent in the certificate verification message
of the SSL handshake. The hash value is computed by creating a hash that contains the master secret with a hash of
all previous handshake messages sent or received. For more information about the SSL handshake sequence, see
Description of the Secure Sockets Layer (SSL) Handshake.
The manner in which the hash is computed depends on the protocol and cipher suite used. In addition, the hash
depends on the type of client authentication key used; the pszAlgId parameter indicates the type of key used for
client authentication.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslComputeEapKeyBlock function computes the key block used by the Extensible Authentication Protocol
(EAP).
Syntax
SECURITY_STATUS WINAPI SslComputeEapKeyBlock(
_In_ PBYTE pbRandoms,
_In_ DWORD cbRandoms,
_Out_opt_ PBYTE pbOutput,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]

M
a
s
t
e
r
K
e
y
[
i
n
]
p
b
R
a
n
d
o
m
s
[
i
n
]
A pointer to a buffer that contains a concatenation of the client_random and server_random values of the SSL
session.
c The length, in bytes, of the pbRandoms buffer.

b
R
a
n
d
o
m
s
[
i
n
]
p
b
O
u
t
p
u
t
[
o
u
t
,
o
p
t
i
o
n
a
l
]
b
O
u
t
p
u
t
[
i
n
]
p
c
b
R
e
s
u
l
t
[
o
u
t
]
A pointer to a DWORD value that specifies the length, in bytes, of the hash written to the pbOutput buffer.
d Set to NCRYPT_SSL_SERVER_FL AG to indicate that this is a server call.

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslComputeFinishedHash function computes the hash sent in the finished message of the Secure Sockets
Layer protocol (SSL) handshake. For more information about the SSL handshake sequence, see Description of the
Secure Sockets Layer (SSL) Handshake.
Syntax
SECURITY_STATUS WINAPI SslComputeFinishedHash(
_In_ NCRYPT_HASH_HANDLE hHandshakeHash,
_In_ DWORD dwFlags
);
Parameters
h The handle of the SSL protocol provider instance.
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]

M
a
s
t
e
r
K
e
y
[
i
n
]
h The handle of the hash of the handshake messages.

H
a
n
d
s
h
a
k
e
H
a
s
h
[
i
n
]
p A pointer to a buffer that receives the hash for the finish message.
b
O
u
t
p
u
t
[
o
u
t
]

b
O
u
t
p
u
t
[
i
n
]
d One of the following constants.

w
F
l
a VA L UE M EA N IN G
g
s Specifies that
[ NC this is a client
i RYP call.
T_S
n SL_
] CLI
ENT
_FL
AG
0x0
000
000
1
Specifies that
NC this is a server
RYP call.
T_S
SL_
SER
VER
_FL
AG
0x0
000
000
2
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
214
807
351
0
(0x8
009
002
6)
Remarks
The SslComputeFinishedHash function is one of three functions used to generate a hash to use during the SSL
handshake.
1. The SslCreateHandshakeHash function is called to obtain a hash handle.
2. The SslHashHandshake function is called any number of times with the hash handle to add data to the hash.
3. The SslComputeFinishedHash function is called with the hash handle to obtain the digest of the hashed data.
The hash value is computed by hashing the master secret with a hash of all previous handshake messages sent or
received.
The value of cbOutput determines the length of the hash data. When the Transport Layer Security protocol (TLS)
1.0 protocol is used, this should always be 12 (bytes). For more information, see The TLS Protocol Version 1.0.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslCreateClientAuthHash function retrieves a handle to the handshake hash that is used for client
authentication.
Syntax
SECURITY_STATUS WINAPI SslCreateClientAuthHash(
_Out_ NCRYPT_HASH_HANDLE *phHandshakeHash,
_In_ DWORD dwProtocol,
_In_ DWORD dwCipherSuite,
_In_ LPCWSTR pszHashAlgId,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
p A pointer to an NCRYPT_HASH_HANDLE variable to receive the hash handle.

h
H
a
n
d
s
h
a
k
e
H
a
s
h
[
o
u
t
]
d One of the CNG SSL Provider Protocol Identifier values.

w
P
r
o
t
o
c
o
l
[
i
n
]
d One of the CNG SSL Provider Cipher Suite Identifier values.

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]
p One of the CNG Algorithm Identifiers values.

s
z
H
a
s
h
A
l
g
I
d
[
i
n
]
d This parameter is reserved for future use and must be set to zero.
w
F
l
a
g
s
[
i
n
]
Return value
The hSslProvider parameter contains a pointer that is not

NTE valid.
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phHandshakeHash parameter is set to NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
The selected function is not supported in the specified version

NTE of the interface.
_N
OT_
SUP
PO
RTE
D
0x8
009
002
9L
Insufficient memory to allocate buffers.

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL
The dwFlags parameter must be set to zero.

NTE
_BA
D_F
LA
GS
0x8
009
000
9L
Remarks
The SslCreateClientAuthHash function is called for Transport Layer Security protocol (TLS) 1.2 or later
conversations to create hash objects that are used to hash handshake messages. It is called once for each possible
hashing algorithm that can be used in the client authentication signature.
Requirements
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslCreateEphemeralKey function creates an ephemeral key for use during the authentication that occurs
during the Secure Sockets Layer protocol (SSL) handshake.
Syntax
SECURITY_STATUS WINAPI SslCreateEphemeralKey(
_Out_ NCRYPT_KEY_HANDLE *phEphemeralKey,
_In_ DWORD dwKeyType,
_In_ DWORD dwKeyBitLen,
_In_ PBYTE pbParams,
_In_ DWORD cbParams,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
p The handle of the ephemeral key.

h
E
p
h
e
m
e
r
a
l
K
e
y
[
o
u
t
]

w
P
r
o
t
o
c
o
l
[
i
n
]

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]
d
w
K
e
y
T
y
p
e
[
i
n
]
One of the CNG SSL Provider Key Type Identifier values. Set this parameter to zero for key types that are
not elliptic curve cryptography (ECC).
d The length, in bits, of the key.

w
K
e
y
B
i
t
L
e
n
[
i
n
]
p
b
P
a
r
a
m
s
[
i
n
]
A pointer to a buffer to contain parameters for the key that is to be created. If a Diffie-Hellman (ephemeral)
key-exchange algorithm (DHE) cipher suite is not used, set the pbParams parameter to NULL and the
cbParams parameter to zero.
c The length, in bytes, of the data in the pbParams buffer.
b
P
a
r
a
m
s
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value
There is insufficient memory to allocate the buffer.

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL
The hSslProvider handle is not valid.

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
One of the supplied parameters is not valid.

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Remarks
When using a DHE cipher suite, the internal SSL implementation passes server p and g parameters to the
SslCreateEphemeralKey function in the pbParams and cbParams parameters.
The format of the data in the pbParams buffer is the same as that used when setting the
BCRYPT_DH_PARAMETERS property, and it starts with a BCRYPT_DH_PARAMETER_HEADER structure.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslCreateHandshakeHash function obtains a hash handle that is used to hash handshake messages.
Syntax
SECURITY_STATUS WINAPI SslCreateHandshakeHash(
_Out_ NCRYPT_HASH_HANDLE *phHandshakeHash,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
p A hash handle that can be passed to other SSL provider functions.

h
H
a
n
d
s
h
a
k
e
H
a
s
h
[
o
u
t
]

w
P NOTE
r This function is not used with the SSL 2.0 protocol.
o
t
o
c
o
l
[
i
n
]

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value
There is insufficient memory to allocate the hash buffer.

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phHandshakeHash is null.

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Remarks
The SslCreateHandshakeHash function is one of three functions used to generate a hash to use during the SSL
handshake.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslDecrementProviderReferenceCount function decrements the references to the Secure Sockets Layer
protocol (SSL) provider.
Syntax
SECURITY_STATUS WINAPI SslDecrementProviderReferenceCount(
_In_ NCRYPT_PROV_HANDLE hSslProvider
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
Return value
The SSL provider handle is not valid.

STA
TUS
_IN
VAL
ID_
HA
ND
LE
0xC
000
000
8L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
the SslDecr yptPacket function decrypts a single Secure Sockets Layer protocol (SSL) packet.
Syntax
SECURITY_STATUS WINAPI SslDecryptPacket(
_Inout_ NCRYPT_KEY_HANDLE hKey,
_In_ PBYTE *pbInput,
_In_ DWORD cbInput,
_In_ ULONGLONG SequenceNumber,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the key that is used to decrypt the packet.

K
e
y
[
i
n
,
o
u
t
]
p A pointer to the buffer that contains the packet to be decrypted.
b
I
n
p
u
t
[
i
n
]
c The length, in bytes, of the pbInput buffer.

b
I
n
p
u
t
[
i
n
]
p A pointer to a buffer to contain the decrypted packet.

b
O
u
t
p
u
t
[
o
u
t
]
c The length, bytes, of the pbOutput buffer.

b
O
u
t
p
u
t
[
i
n
]
p The number of bytes written to the pbOutput buffer.

c
b
R
e
s
u
l
t
[
o
u
t
]
S The sequence number that corresponds to this packet.

e
q
u
e
n
c
e
N
u
m
b
e
r
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value
One of the provided handles is not valid.

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Remarks
The length of the packet can be zero, such as when a "HelloRequest" message is decrypted.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslEncr yptPacket function encrypts a single Secure Sockets Layer protocol (SSL) packet.
Syntax
SECURITY_STATUS WINAPI SslEncryptPacket(
_Inout_ NCRYPT_KEY_HANDLE hKey,
_In_ PBYTE *pbInput,
_In_ DWORD cbInput,
_In_ ULONGLONG SequenceNumber,
_In_ DWORD dwContentType,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the key that is used to encrypt the packet.

K
e
y
[
i
n
,
o
u
t
]
p A pointer to the buffer that contains the packet to be encrypted.

b
I
n
p
u
t
[
i
n
]
c The length, in bytes, of the pbInput buffer.

b
I
n
p
u
t
[
i
n
]
p A pointer to a buffer to receive the encrypted packet.

b
O
u
t
p
u
t
[
o
u
t
]
c The length, bytes, of the pbOutput buffer.

b
O
u
t
p
u
t
[
i
n
]
p The number of bytes written to the pbOutput buffer.
c
b
R
e
s
u
l
t
[
o
u
t
]
S The sequence number that corresponds to this packet.

e
q
u
e
n
c
e
N
u
m
b
e
r
[
i
n
]
d
w
C
o
n
t
e
n
t
T
y
p
e
[
i
n
]
The content type that corresponds to this packet, which specifies the higher level protocol used to process the
enclosed packet.
VA L UE M EA N IN G
Indicates a change in the ciphering strategy.

CT_
CH
AN
GE_
CIP
HER
_SP
EC
20
Indicates that the enclosed packet contains an alert.

CT_
ALE
RT
21
Indicates that the enclosed packet is part of the handshake

CT_ protocol.
HA
ND
SH
AKE
22
Indicates that the packet contains application data.

CT_
APP
LIC
ATI
ON
DAT
A
23

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslEnumCipherSuites function enumerates the cipher suites supported by a Secure Sockets Layer protocol
(SSL) protocol provider.
Syntax
SECURITY_STATUS WINAPI SslEnumCipherSuites(
_In_opt_ NCRYPT_KEY_HANDLE hPrivateKey,
_Out_ NCRYPT_SSL_CIPHER_SUITE **ppCipherSuite,
_Inout_ PVOID *ppEnumState,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h
P
r
i
v
a
t
e
K
e
y
[
i
n
,
o
p
t
i
o
n
a
l
]
The handle of a private key. When a private key is specified, SslEnumCipherSuites enumerates the cipher
suites that are compatible with the private key. For example, if the private key is a DSS key, then only the
DSS_DHE cipher suites are returned. If the private key is an RSA key, but it does not support raw decryption
operations, then the SSL2 cipher suites are not returned.
Set this parameter to NULL when you are not specifying a private key.
NOTE
A hPrivateKey handle is obtained by calling the SslOpenPrivateKey function. Handles obtained from the
NCr yptOpenKey function are not supported.
p
p
C
i
p
h
e
r
S
u
i
t
e
[
o
u
t
]
A pointer to a NCRYPT_SSL_CIPHER_SUITE structure to receive the address of the next cipher suite in the
list.
p
p
E
n
u
m
S
t
a
t
e
[
i
n
,
o
u
t
]
A pointer to a buffer that indicates the current position in the list of cipher suites.
Set the pointer to NULL on the first call to SslEnumCipherSuites . On each subsequent call, pass the
unmodified value back to SslEnumCipherSuites .
When there are no more cipher suites available, you should free ppEnumState by calling the SslFreeBuffer
function.

w
F
l
a
g
s
[
i
n
]
Return value
Not enough memory is available to allocate necessary buffers.

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
No additional cipher suites are supported.

NTE
_N
O_
MO
RE_
ITE
MS
0x8
009
002
AL
Remarks
To enumerate all cipher suites supported by the SSL provider, call the SslEnumCipherSuites function in a loop
until NTE_NO_MORE_ITEMS is returned.
Requirements
Header
Sslp
rovi
der.
h
Library
Ncry
pt.li
b
DLL
Ncry
pt.dl
l
See also
N
C
R
Y
P
T
_
S
S
L
_
C
I
P
H
E
R
_
S
U
I
T
E
The SslEnumProtocolProviders function returns an array of installed Secure Sockets Layer protocol (SSL)
protocol providers.
Syntax
SECURITY_STATUS WINAPI SslEnumProtocolProviders(
_Out_ DWORD *pdwProviderCount,
_Out_ NCryptProviderName **ppProviderList,
_In_ DWORD dwFlags
);
Parameters
p A pointer to a DWORD value to receive the number of protocol providers returned.
d
w
P
r
o
v
i
d
e
r
C
o
u
n
t
[
o
u
t
]
p A pointer to a buffer that receives the array of NCr yptProviderName structures.

p
P
r
o
v
i
d
e
r
L
i
s
t
[
o
u
t
]

w
F
l
a
g
s
[
i
n
]
Return value
The dwFlags parameter is not zero.

NTE
_BA
D_F
LA
GS
0x8
009
000
9L

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL
The pdwProviderCount or ppProviderList parameter is NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Remarks
When you have finished using the array of NCr yptProviderName structures, call the SslFreeBuffer function to
free the array.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslExpor tKey function returns an Secure Sockets Layer protocol (SSL) session key or public ephemeral key
into a serialized BLOB.
Syntax
SECURITY_STATUS WINAPI SslExportKey(
_In_ NCRYPT_KEY_HANDLE hKey,
_In_ LPCWSTR pszBlobType,
_Out_opt_ PBYTE pbOutput,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h
K
e
y
[
i
n
]
The handle of the key to export.

When you are not specifying a key, set this parameter to NULL .
NOTE
A hKey handle is obtained by calling the SslOpenPrivateKey function. Handles obtained from the NCr yptOpenKey
function are not supported.
p
s
z
B
l
o
b
T
y
p
e
[
i
n
]
A null-terminated Unicode string that contains an identifier that specifies the type of BLOB to export. This can
be one of the following values.
VA L UE M EA N IN G
Export a Diffie-Hellman public key. The pbOutput buffer

BCR receives a BCRYPT_DH_KEY_BLOB structure immediately
YPT followed by the key data.
_D
H_P
UBL
IC_
BLO
B
Export an elliptic curve cryptography (ECC) public key. The

BCR pbOutput buffer receives a BCRYPT_ECCKEY_BLOB
YPT structure immediately followed by the key data.
_EC
CP
UBL
IC_
BLO
B
Export a symmetric key in a format that is specific to a

BCR single cryptographic service provider (CSP). Opaque BLOBs
YPT are not transferable and must be imported by using the
_OP same cryptographic service provider (CSP) that generated
AQ the BLOB.
UE_
KEY
_BL
OB
VA L UE M EA N IN G
Export an RSA public key. The pbOutput buffer receives a

BCR BCRYPT_RSAKEY_BLOB structure immediately followed
YPT by the key data.
_RS
AP
UBL
IC_
BLO
B
p
b
O
u
t
p
u
t
[
o
u
t
,
o
p
t
i
o
n
a
l
]
c The size, in bytes, of the pbOutput buffer.
b
O
u
t
p
u
t
[
i
n
]
p
c
b
R
e
s
u
l
t
[
o
u
t
]
The address of a DWORD variable that receives the number of bytes copied to the pbOutput buffer. If the
pbOutput parameter is set to NULL when the function is called, the required size for the pbOutput buffer, in
bytes, is returned in the DWORD pointed to by this parameter.
d Reserved for future use.

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Remarks
The SslExpor tKey function facilitates transporting session keys from one process to another as well as exporting
the public portion an ephemeral key.
When exporting session keys, the BLOB type is opaque, meaning that the format of the BLOB is irrelevant as long
as both the SslExpor tKey and SslImpor tKey functions can interpret it.
When exporting the public portion of an ephemeral key the BLOB type must be the appropriate type, such as
NCRYPT_DH_PUBLIC_BLOB or NCRYPT_ECCPUBLIC_BLOB .
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
Exports keying material per the RFC 5705 standard. This function uses the TLS pseudorandom function to produce
a byte buffer of keying material. It takes a reference to the master secret, the disambiguating ASCII label, client and
server random values, and optionally the application context data.
Syntax
SECURITY_STATUS WINAPI SslExportKeyingMaterial(
_In_ PCHAR sLabel,
_In_ PBYTE pbRandoms,
_In_ DWORD cbRandoms,
_In_opt_ PBYTE pbContextValue,
_In_ WORD cbContextValue,
_In_ DWORD dwFlags
);
Parameters
h The handle of the TLS protocol provider instance.
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle of the master key object that will be used to create the keying material to br exported.
M
a
s
t
e
r
K
e
y
[
i
n
]
s
L
a
b
e
l
[
i
n
]
a NUL-terminated ASCII label string. Schannel will remove the terminating NUL character before passing it to
the pseudorandom function.
p
b
R
a
n
d
o
m
s
[
i
n
]
A pointer to a buffer that contains a concatenation of the client_random and server_random values of the TLS
connection.
c The length, in bytes, of the pbRandoms buffer.

b
R
a
n
d
o
m
s
[
i
n
]
p
b
C
o
n
t
e
x
t
V
a
l
u
e
[
i
n
,
o
p
t
i
o
n
a
l
]
A pointer to a buffer that contains the application context. If pbContextValue is NULL , cbContextValue must
be zero.
c The length, in bytes, of the pbContextValue buffer.

b
C
o
n
t
e
x
t
V
a
l
u
e
[
i
n
]
p
b
O
u
t
p
u
t
[
o
u
t
]
The address of a buffer that receives the exported keying material. The cbOutput parameter contains the size
of this buffer. This value cannot be NULL .
c The length, in bytes, of the pbOutput buffer. Must be greater than zero.
b
O
u
t
p
u
t
[
i
n
]
d Not used. Must be set to zero.

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslFreeBuffer function is used to free memory that was allocated by one of the Secure Sockets Layer
protocol (SSL) provider functions.
Syntax
SECURITY_STATUS WINAPI SslFreeBuffer(
_In_ PVOID pvInput
);
Parameters
p A pointer to the memory buffer to be freed.
v
I
n
p
u
t
[
i
n
]
Return value
The pdwProviderCount or ppProviderList parameter is NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslFreeObject function frees a key, hash, or provider object.
Syntax
SECURITY_STATUS WINAPI SslFreeObject(
_In_ NCRYPT_HANDLE hObject,
_In_ DWORD dwFlags
);
Parameters
h The handle of the object to free.
O
b
j
e
c
t
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value
An internal handle is not valid.

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The provided handle is not valid.

STA
TUS
_IN
VAL
ID_
HA
ND
LE
0xC
000
000
8L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslGenerateMasterKey function computes the Secure Sockets Layer protocol (SSL) master secret key.
Syntax
SECURITY_STATUS WINAPI SslGenerateMasterKey(
_In_ NCRYPT_KEY_HANDLE hPrivateKey,
_In_ NCRYPT_KEY_HANDLE hPublicKey,
_Out_ NCRYPT_KEY_HANDLE *phMasterKey,
_In_ PNCryptBufferDesc pParameterList,
_In_ DWORD dwFlags
);
Parameters
h The handle to the SSL protocol provider instance.
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the private key used in the exchange.

P
r
i
v
a
t
e
K
e
y
[
i
n
]
h The handle to the public key used in the exchange.

P
u
b
l
i
c
K
e
y
[
i
n
]
p A pointer to the handle to the generated master key.

h
M
a
s
t
e
r
K
e
y
[
o
u
t
]

w
P
r
o
t
o
c
o
l
[
i
n
]

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]
p
P
a
r
a
m
e
t
e
r
L
i
s
t
[
i
n
]
A pointer to an array of NCr yptBuffer buffers that contain information used as part of the key exchange
operation. The precise set of buffers is dependent on the protocol and cipher suite that is used. At the
minimum, the list will contain buffers that contain the client and server supplied random values.
p
b
O
u
t
p
u
t
[
o
u
t
]
The address of a buffer that receives the premaster secret encrypted with the public key of the server. The
cbOutput parameter contains the size of this buffer. If this parameter is NULL , this function returns the
required size, in bytes, in the DWORD pointed to by the pcbResult parameter.
NOTE
This buffer is used when performing a RSA key exchange.
c The size, in bytes, of the pbOutput buffer.

b
O
u
t
p
u
t
[
i
n
]
p A pointer to a DWORD value in which to place number of bytes written to the pbOutput buffer.
c
b
R
e
s
u
l
t
[
o
u
t
]
d Specifies whether this function is being used for client-side or server-side key exchange.
w
F VA L UE M EA N IN G
l
a Specifies a client-side key exchange.
NC
g RYP
s T_S
[ SL_
CLI
i ENT
n _FL
] AG
0x0
000
000
1
VA L UE M EA N IN G
Specifies a server-side key exchange.

NC
RYP
T_S
SL_
SER
VER
_FL
AG
0x0
000
000
2
Return value

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phMasterKey or hPublicKey parameter is not valid.

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslGenerateSessionKeys function generates a set of Secure Sockets Layer protocol (SSL) session keys.
Syntax
SECURITY_STATUS WINAPI SslGenerateSessionKeys(
_Out_ NCRYPT_KEY_HANDLE *phReadKey,
_Out_ NCRYPT_KEY_HANDLE *phWriteKey,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the master key object.

M
a
s
t
e
r
K
e
y
[
i
n
]
p A pointer to the returned read key handle.
h
R
e
a
d
K
e
y
[
o
u
t
]
p A pointer to the returned write key handle.

h
W
r
i
t
e
K
e
y
[
o
u
t
]
p
P
a
r
a
m
e
t
e
r
L
i
s
t
[
i
n
]
w
F
l
a
g
s
[
i
n
]
Return value

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phReadKey or phWriteKey parameter is null.

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslGetCipherSuitePRFHashAlgorithm function returns the Cryptography API: Next Generation (CNG)
Algorithm Identifier of the hashing algorithm that is used for the Transport Layer Security protocol (TLS) pseudo-
random function (PRF) for the input protocol, cipher suite, and key type.
Syntax
SECURITY_STATUS WINAPI SslGetCipherSuitePRFHashAlgorithm(
_Out_ WCHAR szPRFHash[NCRYPT_SSL_MAX_NAME_SIZE],
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]

w
P
r
o
t
o
c
o
l
[
i
n
]

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]
d
w
K
e
y
T
y
p
e
[
i
n
]
One of the CNG SSL Provider Key Type Identifier values. For key types that are not elliptic curve
cryptography (ECC), set this parameter to zero.
s One of the CNG Algorithm Identifiers for the hash that will be used for the TLS PRF.
z
P
R
F
H
a
s
h
[
o
u
t
]
w
F
l
a
g
s
[
i
n
]
Return value

NTE valid.
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The szPRFHash parameter is set to NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
The selected function is not supported in the specified version

NTE of the interface.
_N
OT_
SUP
PO
RTE
D
0x8
009
002
9L

NTE
_BA
D_F
LA
GS
0x8
009
000
9L
Remarks
This SslGetCipherSuitePRFHashAlgorithm function is called for TLS 1.2 or later conversations to query the
hashing algorithm that will be used in the TLS PRF.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslGetKeyProper ty function retrieves the value of a named property for a Secure Sockets Layer protocol
(SSL) provider key object.
Syntax
SECURITY_STATUS WINAPI SslGetKeyProperty(
_In_ NCRYPT_KEY_HANDLE hKey,
_In_ LPCWSTR pszProperty,
_Out_ PBYTE ppbOutput,
_Out_ DWORD *pcbOutput,
_In_ DWORD dwFlags
);
Parameters
h The handle of the SSL provider.
K
e
y
[
i
n
]
p
s
z
P
r
o
p
e
r
t
y
[
i
n
]
A pointer to a null-terminated Unicode string that contains the name of the property to retrieve. This can be
one of the predefined Key Storage Proper ty Identifiers or a custom property identifier.
p
p
b
O
u
t
p
u
t
[
o
u
t
]
A pointer to a buffer that receives the property value. The caller of the function must free this buffer by
calling the SslFreeBuffer function.
p The size, in bytes, of the pbOutput buffer.

c
b
O
u
t
p
u
t
[
o
u
t
]

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslGetProviderProper ty function retrieves the value of a specified provider property.
Syntax
SECURITY_STATUS WINAPI SslGetProviderProperty(
_In_ LPCWSTR pszProperty,
_Out_ PBYTE ppbOutput,
_Out_ DWORD *pcbOutput,
_Inout_ PVOID *ppEnumState,
_In_ DWORD dwFlags
);
Parameters
h The handle of the Secure Sockets Layer protocol (SSL) provider for which to retrieve the property.
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
p A pointer to a null-terminated Unicode string that contains the name of the property to retrieve.
s
z
P
r
o
p
e
r
t
y
[
i
n
]
p The address of a buffer that receives the property value.

p
The caller of the function must free this buffer by calling the SslFreeBuffer function.
b
O
u
t
p
u
t
[
o
u
t
]
p The size, in bytes, of the pbOutput buffer.

c
b
O
u
t
p
u
t
[
o
u
t
]
p
p
E
n
u
m
S
t
a
t
e
[
i
n
,
o
u
t
]
The address of a VOID pointer that receives enumeration state information that is used in subsequent calls to
this function. This information only has meaning to the SSL provider and is opaque to the caller. The SSL
provider uses this information to determine which item is next in the enumeration. If the variable pointed to
by this parameter contains NULL , the enumeration is started from the beginning.
The caller of the function must free this memory by calling the SslFreeBuffer function.

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslHashHandshake function returns a handle to the handshake hash.
Syntax
SECURITY_STATUS WINAPI SslHashHandshake(
_Inout_ NCRYPT_HASH_HANDLE hHandshakeHash,
_Out_ PBYTE pbInput,
_In_ DWORD cbInput,
_In_ DWORD dwFlags
);
Parameters
h The handle to the Secure Sockets Layer protocol (SSL) protocol provider instance.
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the hash object.

H
a
n
d
s
h
a
k
e
H
a
s
h
[
i
n
,
o
u
t
]
p The address of a buffer that contains the data to be hashed.

b
I
n
p
u
t
[
o
u
t
]
c The size, in bytes, of the pbInput buffer.

b
I
n
p
u
t
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value
Remarks
The SslHashHandshake function is one of three functions used to generate a hash to use during the SSL
handshake.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslImpor tKey function imports a key into the Secure Sockets Layer protocol (SSL) protocol provider.
Syntax
SECURITY_STATUS WINAPI SslImportKey(
_Out_ NCRYPT_KEY_HANDLE *phKey,
_In_ LPCWSTR pszBlobType,
_In_ PBYTE pbKeyBlob,
_In_ DWORD cbKeyBlob,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
p A pointer to the handle of the cryptographic key to receive the imported key.
h
K
e
y
[
o
u
t
]
p
s
z
B
l
o
b
T
y
p
e
[
i
n
]
A null-terminated Unicode string that contains an identifier that specifies the type of BLOB that is contained
in the pbInput buffer. This can be one of the following values.
VA L UE M EA N IN G
Export a Diffie-Hellman public key. The pbOutput buffer

BCR receives a BCRYPT_DH_KEY_BLOB structure immediately
YPT followed by the key data.
_D
H_P
UBL
IC_
BLO
B
Export an elliptic curve cryptography (ECC) public key. The

BCR pbOutput buffer receives a BCRYPT_ECCKEY_BLOB
YPT structure immediately followed by the key data.
_EC
CP
UBL
IC_
BLO
B
Export a symmetric key in a format that is specific to a

BCR single cryptographic service provider (CSP). Opaque BLOBs
YPT are not transferable and must be imported by using the
_OP same CSP that generated the BLOB.
AQ
UE_
KEY
_BL
OB
Export an RSA public key. The pbOutput buffer receives a

BCR BCRYPT_RSAKEY_BLOB structure immediately followed
YPT by the key data.
_RS
AP
UBL
IC_
BLO
B
p A pointer to the buffer that contains the key BLOB.

b
K
e
y
B
l
o
b
[
i
n
]
c The size, in bytes, of the pbKeyBlob buffer.

b
K
e
y
B
l
o
b
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phKey parameter is NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Remarks
You can use the SslImpor tKey function to import session keys as a part of the process of transferring session
keys from one process to another.
Requirements

Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslImpor tMasterKey function performs a server-side Secure Sockets Layer protocol (SSL) key exchange
operation.
Syntax
SECURITY_STATUS WINAPI SslImportMasterKey(
_Out_ NCRYPT_KEY_HANDLE *phMasterKey,
_In_ PBYTE pbEncryptedKey,
_In_ DWORD cbEncryptedKey,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the private key used in the exchange.

P
r
i
v
a
t
e
K
e
y
[
i
n
]
p A pointer to the handle to receive the master key.

h
M
a
s
t
e
r
K
e
y
[
o
u
t
]

w
P
r
o
t
o
c
o
l
[
i
n
]
d One of the CNG SSL Provider Cipher Suite Identifiers values.

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]
p
P
a
r
a
m
e
t
e
r
L
i
s
t
[
i
n
]
p
b
E
n
c
r
y
p
t
e
d
K
e
y
[
i
n
]
A pointer to a buffer that contains the encrypted premaster secret key encrypted with the public key of the
server.
c The size, in bytes, of the pbEncryptedKey buffer.

b
E
n
c
r
y
p
t
e
d
K
e
y
[
i
n
]
d Set this parameter to NCRYPT_SSL_SERVER_FL AG to indicate that this is a server call.

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phMasterKey parameter is NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Remarks
This function decrypts the premaster secret, computes the SSL master secret, and returns a handle to this object to
the caller. This master key can then be used to derive the SSL session key and finish the SSL handshake.
NOTE
This function is used when the RSA key exchange algorithm is being used. When DH is used, then the server code calls
SslGenerateMasterKey instead.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslIncrementProviderReferenceCount function increments the reference count to a Secure Sockets Layer
protocol (SSL) provider instance.
Syntax
SECURITY_STATUS WINAPI SslIncrementProviderReferenceCount(
_In_ NCRYPT_PROV_HANDLE hSslProvider
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslLookupCipherLengths function returns an NCRYPT_SSL_CIPHER_LENGTHS structure that contains

the header and trailer lengths of the input protocol, cipher suite, and key type.
Syntax
SECURITY_STATUS WINAPI SslLookupCipherLengths(
_Out_ NCRYPT_SSL_CIPHER_LENGTHS *pCipherLengths,
_In_ DWORD cbCipherLengths,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]

w
P
r
o
t
o
c
o
l
[
i
n
]

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]
d
w
K
e
y
T
y
p
e
[
i
n
]
One of the CNG SSL Provider Key Type Identifier values. For key types that are not elliptic curve
cryptography (ECC), set this parameter to zero.
p A pointer to a buffer to receive the NCRYPT_SSL_CIPHER_LENGTHS structure.
C
i
p
h
e
r
L
e
n
g
t
h
s
[
o
u
t
]
c The length, in bytes, of the buffer pointed to by the pCipherLengths parameter.

b
C
i
p
h
e
r
L
e
n
g
t
h
s
[
i
n
]
w
F
l
a
g
s
[
i
n
]
Return value

NTE valid.
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The pCipherLengths parameter is set to NULL or the buffer

NTE length specified by the cbCipherLengths is too short.
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L

NTE
_BA
D_F
LA
GS
0x8
009
000
9L
Remarks
The SslLookupCipherLengths function is called for Transport Layer Security protocol (TLS) 1.1 or later
conversations to query the header and trailer lengths for the requested protocol, cipher suite, and key type.
Requirements

Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslLookupCipherSuiteInfo function retrieves the cipher suite information for a specified protocol, cipher
suite, and key type set.
Syntax
SECURITY_STATUS WINAPI SslLookupCipherSuiteInfo(
_Out_ NCRYPT_SSL_CIPHER_SUITE *pCipherSuite,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]

w
P
r
o
t
o
c
o
l
[
i
n
]
d One of the CNG SSL Provider Cipher Suite Identifiers values.

w
C
i
p
h
e
r
S
u
i
t
e
[
i
n
]
d One of the CNG SSL Provider Key Type Identifiers values.

w
K
e
y
T
y
p
e
[
i
n
]
p
C
i
p
h
e
r
S
u
i
t
e
[
o
u
t
]
The address of a buffer that contains a NCRYPT_SSL_CIPHER_SUITE structure in which to write the cipher
suite information.

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslOpenPrivateKey function opens a handle to a private key.
Syntax
SECURITY_STATUS WINAPI SslOpenPrivateKey(
_Out_ NCRYPT_KEY_HANDLE *phPrivateKey,
_In_ PCCERT_CONTEXT pCertContext,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
p
h
P
r
i
v
a
t
e
K
e
y
[
o
u
t
]
The address of a buffer in which to write the handle to the private key.
When you have finished using the key, you should free phPrivateKey by calling the SslFreeObject function.
p The address of the certificate from which to obtain the private key.
C
e
r
t
C
o
n
t
e
x
t
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_N
O_
ME
MO
RY
0x8
009
000
EL

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phPrivateKey or pCertContext parameter is NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L
Remarks
The private key obtained is part of a public/private key pair within a certificate. This function merely extracts the
private key from the certificate specified by the pCertContext parameter.
Requirements

Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslOpenProvider function opens a handle to the specified Secure Sockets Layer protocol (SSL) protocol
provider.
Syntax
SECURITY_STATUS WINAPI SslOpenProvider(
_Out_ NCRYPT_PROV_HANDLE *phSslProvider,
_In_ LPCWSTR pszProviderName,
_In_ DWORD dwFlags
);
Parameters
p The address of an NCRYPT_PROV_HANDLE in which to write the provider handle.
h
When you have finished using the handle, you should free it by calling the SslFreeObject function.
S
s
l
P
r
o
v
i
d
e
r
[
o
u
t
]
p
s
z
P
r
o
v
i
d
e
r
N
a
m
e
[
i
n
]
A pointer to a Unicode string that contains the provider name. If the value of this parameter is NULL , a
handle to the MS_SCHANNEL_PROVIDER is returned.
d This parameter is reserved for future use, and it must be set to zero.
w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
The phSslProvider or ppProviderList parameter is NULL .

NTE
_IN
VAL
ID_
PAR
AM
ETE
R
0x8
009
002
7L

STA
TUS
_N
O_
ME
MO
RY
0xC
000
001
7L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslSignHash function signs a hash by using the specified private key. The signing process is performed on the
server.
Syntax
SECURITY_STATUS WINAPI SslSignHash(
_In_ PBYTE pbHashValue,
_In_ DWORD cbHashValue,
_Out_ PBYTE pbSignature,
_In_ DWORD cbSignature,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the private key to use to sign the hash.

P
r
i
v
a
t
e
K
e
y
[
i
n
]
p A pointer to a buffer that contains the hash to sign.

b
H
a
s
h
V
a
l
u
e
[
i
n
]
c The size, in bytes, of the pbHashValue buffer.

b
H
a
s
h
V
a
l
u
e
[
i
n
]
p
b
S
i
g
n
a
t
u
r
e
[
o
u
t
]
The address of a buffer that receives the signature of the hash. The cbSignature parameter contains the size
of this buffer. To determine the required sized size of the buffer, set the pbSignature parameter to NULL . The
required size of the buffer will be returned in the pcbResult parameter.
c The size, in bytes, of the pbSignature buffer.

b
S
i
g
n
a
t
u
r
e
[
i
n
]
p
c
b
R
e
s
u
l
t
[
o
u
t
]
A pointer to a value that, upon completion, contains the actual number of bytes written to the pbSignature
buffer.

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
The SslVerifySignature function verifies the specified signature by using the supplied hash and the public key.
Syntax
SECURITY_STATUS WINAPI SslVerifySignature(
_In_ NCRYPT_KEY_HANDLE hPublicKey,
_In_ PBYTE pbHashValue,
_In_ DWORD cbHashValue,
_In_ PBYTE pbSignature,
_In_ DWORD cbSignature,
_In_ DWORD dwFlags
);
Parameters
S
s
l
P
r
o
v
i
d
e
r
[
i
n
]
h The handle to the public key.

P
u
b
l
i
c
K
e
y
[
i
n
]
p A pointer to a buffer that contains the hash to use to verify the signature.
b
H
a
s
h
V
a
l
u
e
[
i
n
]
c The size, in bytes, of the pbHashValue buffer.

b
H
a
s
h
V
a
l
u
e
[
i
n
]
p A pointer to a buffer that contains the signature to verify.

b
S
i
g
n
a
t
u
r
e
[
i
n
]
c The size, in bytes, of the pbSignature buffer.

b
S
i
g
n
a
t
u
r
e
[
i
n
]

w
F
l
a
g
s
[
i
n
]
Return value

NTE
_IN
VAL
ID_
HA
ND
LE
0x8
009
002
6L
Remarks
The SslVerifySignature function is not currently called by Windows. This function is a required part of the SSL
Provider interface and should be fully implemented to ensure forward compatibility.
Current implementations of the server side of the Transport Layer Security protocol (TLS) connection call the
NCr yptVerifySignature function during the client authentication to process the certificate verify message.
Requirements
Header
Sslp
rovi
der.
h
DLL
Ncry
pt.dl
l
Cryptography API: Next Generation (CNG) defines the following functions which are used to perform CNG Token
Binding operations.
TokenBindingDeleteBinding
TokenBindingGenerateBinding
TokenBindingGenerateMessage
TokenBindingGetKeyTypesClient
TokenBindingGetKeyTypesSer ver
TokenBindingVerifyMessage
Cryptography API: Next Generation (CNG) defines the following structures.

BCRYPT_ALGORITHM_IDENTIFIER
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
BCRYPT_DH_KEY_BLOB
BCRYPT_DH_PARAMETER_HEADER
BCRYPT_DSA_KEY_BLOB
BCRYPT_DSA_KEY_BLOB_V2
BCRYPT_DSA_PARAMETER_HEADER
BCRYPT_DSA_PARAMETER_HEADER_V2
BCRYPT_ECCKEY_BLOB
BCRYPT_INTERFACE_VERSION
BCRYPT_KEY_BLOB
BCRYPT_KEY_DATA_BLOB_HEADER
BCRYPT_KEY_LENGTHS_STRUCT
BCRYPT_MULTI_HASH_OPERATION
BCRYPT_MULTI_OBJECT_LENGTH_STRUCT
BCRYPT_OAEP_PADDING_INFO
BCRYPT_OID
BCRYPT_OID_LIST
BCRYPT_PKCS1_PADDING_INFO
BCRYPT_PROVIDER_NAME
BCRYPT_PSS_PADDING_INFO
BCRYPT_RSAKEY_BLOB
BCr yptBuffer
BCr yptBufferDesc
CRYPT_CONTEXT_CONFIG
CRYPT_CONTEXT_FUNCTION_CONFIG
CRYPT_CONTEXT_FUNCTION_PROVIDERS
CRYPT_CONTEXT_FUNCTIONS
CRYPT_CONTEXTS
CRYPT_IMAGE_REF
CRYPT_IMAGE_REG
CRYPT_INTERFACE_REG
CRYPT_PROPERTY_REF
CRYPT_PROVIDER_REF
CRYPT_PROVIDER_REFS
CRYPT_PROVIDER_REG
CRYPT_PROVIDERS
NCRYPT_ALLOC_PARA
NCRYPT_KEY_BLOB_HEADER
NCRYPT_PROTECT_STREAM_INFO
NCRYPT_SUPPORTED_LENGTHS
NCRYPT_UI_POLICY
NCRYPT_UI_POLICY_BLOB
NCr yptAlgorithmName
NCr yptBuffer
NCr yptBufferDesc
NCr yptKeyName
NCr yptProviderName
TOKENBINDING_IDENTIFIER
TOKENBINDING_KEY_TYPES
TOKENBINDING_RESULT_DATA
TOKENBINDING_RESULT_LIST
The NCRYPT_UI_POLICY_BLOB structure is used with the NCRYPT_UI_POLICY_PROPERTY property to

contain user interface information for a key.
Syntax
typedef struct __NCRYPT_UI_POLICY_BLOB {
DWORD dwVersion;
DWORD dwFlags;
DWORD cbCreationTitle;
DWORD cbFriendlyName;
DWORD cbDescription;
} NCRYPT_UI_POLICY_BLOB;
Members
d The version number of the structure. This member must contain 1.
w
V
e
r
s
i
o
n
d A set of flags that provide additional user interface information or requirements.

w
F VA L UE M EA N IN G
l
a Display the strong key user interface as
NC needed.
g RYP
s T_U
I_P
ROT
ECT
_KE
Y_F
LA
G
0x0
000
000
1
VA L UE M EA N IN G
Force high protection.

NC
RYP
T_U
I_F
OR
CE_
HIG
H_P
ROT
ECT
ION
_FL
AG
0x0
000
000
2
c
b
C
r
e
a
t
i
o
n
T
i
t
l
e
The length, in bytes, of the creation title. The creation title is a null-terminated Unicode string that specifies
the text that is used as the title of the strong key dialog box when the key is completed. The creation title must
be placed immediately following the NCRYPT_UI_POLICY_BLOB structure. If the value of the
cbCreationTitle member is set to 0, a default creation title is used for the title of the strong key dialog box.
This member is only used on key finalization.
c
b
F
r
i
e
n
d
l
y
N
a
m
e
The length, in bytes, of the friendly name of the key. The friendly name is a null-terminated Unicode string
that contains the text that is displayed in the strong key dialog box as the name of the key. The friendly name
must be placed immediately following the creation title in this BLOB. If the value of the cbFriendlyName
member is set to 0, a default name is used in the strong key dialog box. This member is used both when the
key is completed and when the key is used.
c
b
D
e
s
c
r
i
p
t
i
o
n
The length, in bytes, of the key description. The key description is a null-terminated Unicode string that
contains the text that is displayed in the strong key dialog box as the description of the key. The description
value must be placed immediately following the friendly name in this BLOB. If the value of the
cbDescription member is set to 0, a default description is used in the strong key dialog box. This member is
used both when the key is completed and when the key is used.
Remarks
This structure is included in the Ncrypt_provider.h header. To use the structure, you must download the
Cryptographic Provider Development Kit from Microsoft Connect.
Requirements
Header
Ncry
pt_p
rovi
der.
h
Cryptography API: Next Generation (CNG) defines the following enumeration types.
BCRYPT_HASH_OPERATION_TYPE
BCRYPT_MULTI_OPERATION_TYPE
DSAFIPSVERSION_ENUM
HASHALGORITHM_ENUM
TOKENBINDING_EXTENSION_FORMAT
TOKENBINDING_TYPE

CNG - Crypt Ne Gen

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CNG - Crypt Ne Gen

Uploaded by

Copyright:

Available Formats

Contents

Cryptography API: Next Generation

About CNG Describes CNG features, cryptographic primitives, and key

Using CNG Explains how to use the cryptography configuration features

CNG Reference Detailed descriptions of the CNG programming elements.

Key Storage and Retrieval

Key Import and Export

Data Protection API: Next Generation

CNG has the following features.

Certification and Compliance

Kernel Mode Support

Replaceable Random Number Generators

ECB (Electronic Codebook) BCRYPT_CHAIN_MODE_E Symmetric block ciphers SP800-38A

CBC (Cipher Block Chaining) BCRYPT_CHAIN_MODE_C Symmetric block ciphers SP800-38A

CFB (Cipher Feedback) BCRYPT_CHAIN_MODE_C Symmetric block ciphers SP800-38A

CCM (Counter with CBC) BCRYPT_CHAIN_MODE_C AES SP800-38C

GCM (Galois/Counter Mode) BCRYPT_CHAIN_MODE_ AES SP800-38D

A L GO RIT H M C L A SS DESC RIP T IO N

Random number generator Pluggable random number generation (RNG).

Hashing Algorithms used for hashing, such as SHA1 and SHA2.

Asymmetric encryption Asymmetric (public key) algorithms that support encryption,

Secret agreement Secret agreement algorithms such as Diffie-Hellman (DH) and

Key Storage Architecture

Key Storage Architecture

RSA 512 to 16384, in 64 bit increments

DH 512 to 16384, in 64 bit increments

DSA 512 to 1024, in 64 bit increments

ECDSA P-256, P-384, P-521 (NIST Curves)

ECDH P-256, P-384, P-521 (NIST Curves)

Key Directories and Files

User private %APPDATA%\Microsoft\Crypto\RSA\User SID\

Local system private %ALLUSERSPROFILE%\Application

Local service private %ALLUSERSPROFILE%\Application

Network service private %ALLUSERSPROFILE%\Application

Shared private %ALLUSERSPROFILE%\Application

CNG stores private keys in the following directories.

User private %APPDATA%\Microsoft\Crypto\Keys

Local system private %ALLUSERSPROFILE%\Application

Local service private %WINDIR%\ServiceProfiles\LocalService

Network service private %WINDIR%\ServiceProfiles\NetworkService

Shared private %ALLUSERSPROFILE%\Application

Protector-and = providerName EQUALS providerAttributes

providerAttribute = string | hexstring

; The following characters are to be escaped when they appear

leadchar = LUTF1 / UTFMB

trailchar = TUTF1 / UTFMB

stringchar = SUTF1 / UTFMB

pair = ESC ( ESC / special / hexpair )

descr = leadkeychar *keychar

ALPHA = %x41-5A / %x61-7A ; "A"-"Z" / "a"-"z"

NULL = %x00 ; null (0)

; Any UTF-8 [RFC3629] encoded Unicode [Unicode] character

OCTET = %x00-FF ; Any octet (8-bit data unit)

Using the Cryptography Configuration Features of CNG

// Get the required size of the buffer.

// Free the memory that was allocated.

Getting Provider Registration Information

Opening the Algorithm Provider

Getting or Setting Algorithm Properties

Creating or Importing a Key

Performing Cryptographic Operations

Closing the Algorithm Provider

Creating a Hashing Object

// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF