[gnutls-devel] GnuTLS | System key usability issue (#1365)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Wed May 18 22:20:16 CEST 2022

Brian Wickman commented:

Ah I missed that the last round of output had the initialization call patched out. Reading through again, if the key is in the local computer store vs. the current user store, then it looks like the call to NCryptOpenKey (inside privkey_import_ncrypt on line 710) needs to have flag NCRYPT_MACHINE_KEY_FLAG passed as the last parameter (https://docs.microsoft.com/en-us/windows/win32/api/ncrypt/nf-ncrypt-ncryptopenkey) to succeed but right now it's hard coded to 0.
Windows API error codes are negative when interpreted as a signed integer so ret < 0 is failure.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1365#note_951835657
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220518/5463c2b2/attachment.html>

More information about the Gnutls-devel mailing list