Partilhar via


Authenticated Encryption - CAPI2 does not support authenticated encryption mode

Authenticated Encryption (AE) or Authenticated Encryption with Associated Data (AEAD) is a block cipher mode of operation which simultaneously provides confidentiality, integrity, and authenticity assurances on the data; decryption is combined in single step with integrity verification. - Referenced from Wikipedia. See reference below.

Crypto API’s or CAPI2 does not support authenticated encryption mode. This means there are no API's in CAPI2 that can be used to implement authenticated encryption.
It can only be done using CNG where BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO structure can be passed to CNG API’s for example BCryptEncrypt() to implement authenticated encryption.

Additional Info:

CryptoAPI’s such as CMS functions – they don’t have a way to pass an authenticated cipher mode structure. The API CryptMsgOpenToEncode or CryptMsgUpdate bails out with CRYPT_E_INVALID_MSG_TYPE when CMS encrypted message type is passed to it.

The open forum "Authenticated Symmetric Encryption in .NET" (Link: blogs.msdn.com/b/shawnfa/rss.aspx?Tags=Cryptography) shows a way to implement authenticated encryption in .Net. The open source also uses the implementation of AuthenticatedAesCng which is in Security.Cryptography.dll and is built on top of CNG.

In summary, authenticated encryption was implemented over CNG's BCrypt APIs.

References:
https://msdn.microsoft.com/en-us/library/windows/desktop/cc562981(v=vs.85).aspx
https://en.wikipedia.org/wiki/Authenticated_encryption