runtime: ECDiffieHellmanCng derivekey methods fail if the private key isn't a MicrosoftSoftwareKeyStorageProvider key
In the latest dotnet, the ECDiffieHellmanCng
DeriveKeyFromHash
and DeriveKeyMaterial
methods will fail if the ECDH key isn’t a MicrosoftSoftwareKeyStorageProvider
key. This is because these methods take the public key from any KSP provider and convert them to a MicrosoftSoftwareKeyStorageProvider
public key before sending them to the native dll from the provider of the private key. This breaks the contract of NCryptSecretAgreement unless the private key provider is also MicrosoftSoftwareKeyStorageProvider
.
This issue came up when attempting to use a Hardware Security Module (HSM) protected non-exportable private ECDH key. The only work-around I found is to make an unsafe call to NCryptSecretAgreement
etc. in my own code, by-passing these CNG methods.
I think that the code fix would be to ensure that the CNG wrapper functions import the public key into the private key’s KSP provider before calling down to the ncrypt dll.
About this issue
- Original URL
- State: open
- Created 2 years ago
- Comments: 28 (16 by maintainers)
This is right 😃