windows - How to import private key in PEM format using WinCrypt and C++?

Question

I'm trying to use the WinCrypt API in C++.

My application need to cipher, decipher, sign and verify files, and I know how to do that once I have the correct keys. But my problem is actually that that is NOT the same application which generates those keys.

What I have is public and private keys in files in PEM format :

-----BEGIN RSA PRIVATE KEY-----
[Base64 encoded]
-----END RSA PRIVATE KEY-----

And :

-----BEGIN RSA PUBLIC KEY-----
[Base64 encoded]
-----END RSA PUBLIC KEY-----

After some research, I have found how to import the public key : here and here, using the following methods :

• CreateFile & ReadFile to read the file content
• CryptStringToBinary, with CRYPT_STRING_BASE64HEADER to convert from PEM format to DER format (remove header and footer and decode from base64)
• CryptDecodeObjectEx with X509_PUBLIC_KEY_INFO
• CryptImportPublicKeyInfo, to import the key

But now, my problem is to do the same thing whith the private key. Any help would be really really appreciated :) Thank you.

Answer 1

A PEM private key can be imported into CAPI by using CryptDecodeObjectEx with PKCS_RSA_PRIVATE_KEY and then calling CryptImportKey.

I have written a sample that shows how to use a PEM encoded RSA private key for signing data using CAPI. Here is a link to it : http://www.idrix.fr/Root/Samples/capi_pem.cpp

I hope this will help.