using CryptSetKeyParam()

[hahaha]

Hi!
I wanna set the key length for RSA signature

the code is something like

//aquire the handle of key container

(CryptAcquireContext(&hCryptProv,NULL,MS_ENHANCED_PROV, PROV_RSA_FULL, 0))
--------
--------
//then create handle of signature key pair

if (!CryptGetUserKey(hCryptProv, AT_SIGNATURE, &hKey))
-------
------now i wana set the key pair length which i believe can b done through
CryptSetKeyParam()....but im not able to do so.Any ideas???

[Armen]

I think you need to generate RSA signature key pairs using CryptGenKey function.
The key size is set in 3-rd parameter (dwFlags) of CryptGenKey which may be (or may not) combined by OR with other flags.
Note that key length need to be set with higher word of the value, the lower word need to be 0.
For example if you want to set key length 2048 which is 0x800 in hex you need to specify 0x8000000 in dwFlags parameter, for 1024 key length you can specify 0x4000000 in dwFlags (though 1024 is a default key length for
Microsoft Enhanced Crypto Provider).

[hahaha]

Thanx for reply Armen.Well ill follow ur suggestion but wanna ask something first.In msdn i read that MS enhanced Cryptographic provider is released in USA and Canada only.What that means??
+ u know if curent VC ++ 6.0 supports elliptic curve cryptography??
coz in cryptaquirecontext the have given flag for example PROV_EC_ECDSA_SIG.

[Armen]

Originally post by hahaha

In msdn i read that MS enhanced Cryptographic provider is released in USA and Canada only.What that means??

It was US government export restriction on strong cryptography.
But as I remember this is not valid since 2001 (or 2002).

Originally post by hahaha

u know if curent VC ++ 6.0 supports elliptic curve cryptography??

What you mean saying VC ++ 6.0 supports elliptic curve cryptography?
Regarding to Crypto API I can say just it depends on Crypto Provider you have selected in CryptAcquireContext.
I don't know Microsoft Enhanced Cryptographic Provider supports elliptic curve cryptography or not, but there should be some Crypto provider which support mentioned cryptography.

[hahaha]

Well Im using Enhanced provider but seems it does not support ECC.Can u help me finding out which provider shud I use for ECC.
Thanx for ur help .

[Armen]

Originally post by hahaha

Well Im using Enhanced provider but seems it does not support ECC.Can u help me finding out which provider shud I use for ECC.

Most likely Microsoft Enhansed provider doesn't support Elliptic Curve Cryptography (I'm not sure since I never used ECC) because it has PROV_RSA_FULL type.
Anyway Cryptographic Service Providers (CSPs) can be written by third party companies which can implement ECC in their CSPs and define some new provider type constant. You can purchase one of such crypto provider or you can write your own CSP and give it to Microsoft for signing, because Windows doesn't work with not signed (by Microsoft) CSPs.
You can check which providers present on your system by looking the subkeys in the Registry under following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider

See also Cryptographic Service Providers in MSDN.

[hahaha]

Well Armen i used CryptGen key to generate keys of specific length but when i call CryptGetKeyParam to print the length of the key it doesnt show.
actually i give user choices of keylength in a combo box whos variable is passed in the CryptGenKey function.
The code is like

int m_keysize;

if (!CryptGenKey(hCryptProv, AT_SIGNATURE,DWORD(m_keysize), &hKey))
{
// Error during CryptGenKey!

}

if(CryptGetKeyParam(
hKey,
KP_KEYLEN,
pbData,
&dwCount,
0))
{
MessageBox((LPCTSTR)pbData,"Key size",MB_OK);
}


All the variables are declared and keys are successfully generated as well.but the key length is not shown in the message box.