Question: why NCRYPT_KEY_HANDLE is private?

Question

Question: why NCRYPT_KEY_HANDLE is private?

Closed this issue 2 years ago · 2 comments

I'm trying to export the certificate private key using the NCryptExportKey function but the needed key handle is private in the NcryptKey struct. Why? Does exist other ways how to obtain a private key handle?

Answer 1 · 2023-06-26T10:09:28.000Z

As there is the RawPointer trait a combination of RawPointer::as_ptr() and a simple cast should do the trick to get the handle for the windows crate:

let PrivateKey::NcryptKey(private_key) = my_cert.private_key().acquire().unwrap() else {panic!("not a ncrypt key")};
let pkey_handle = NCRYPT_KEY_HANDLE(unsafe { private_key.as_ptr() } as _);

However, the pkey_handle I get from this approach always results in a

thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Error { code: HRESULT(0x80090026), message: "The supplied handle is invalid." }', src\main.rs:31:10

Answer 2 · 2023-06-26T10:44:49.000Z

hm, got it