runtime: ECDiffieHellmanCng derivekey methods fail if the private key isn't a MicrosoftSoftwareKeyStorageProvider key

In the latest dotnet, the ECDiffieHellmanCng DeriveKeyFromHash and DeriveKeyMaterial methods will fail if the ECDH key isn’t a MicrosoftSoftwareKeyStorageProvider key. This is because these methods take the public key from any KSP provider and convert them to a MicrosoftSoftwareKeyStorageProvider public key before sending them to the native dll from the provider of the private key. This breaks the contract of NCryptSecretAgreement unless the private key provider is also MicrosoftSoftwareKeyStorageProvider. This issue came up when attempting to use a Hardware Security Module (HSM) protected non-exportable private ECDH key. The only work-around I found is to make an unsafe call to NCryptSecretAgreement etc. in my own code, by-passing these CNG methods. I think that the code fix would be to ensure that the CNG wrapper functions import the public key into the private key’s KSP provider before calling down to the ncrypt dll.

About this issue

  • Original URL
  • State: open
  • Created 2 years ago
  • Comments: 28 (16 by maintainers)

Most upvoted comments

This is right 😃