OpenSSL on Windows only supports loading RSA certificates from Windows Certificate Store

[anrossi]

When loading a certificate from the Windows Certificate Store into OpenSSL on Windows, the code assumes the certificate has an RSA key. This will fail to load non-RSA certificates.
Our OpenSSL-CAPI translation layer should at least support NIST curves for ECDH and ECDSA.

[anrossi]

@wfurt Do you have some experience here and could help us? There's a big comment here explaining how/why we do this for RSA, https://github.com/microsoft/msquic/blob/main/src/platform/cert_capi_openssl.c#L264

[wfurt]

@bartonjs would most likely know. He is out next two weeks so he may respond when he get back.

[wfurt]

One possible answer may be https://stosd.wordpress.com/2017/04/22/capi-openssl/
Use the "portable" path and use ASN as exchange format. That would take us out of low-level crypto fiddling.
and the TLV processing is reasonably efficient - and we do that once per server and rarely for client.

[bartonjs]

At around https://github.com/microsoft/msquic/blob/main/src/platform/cert_capi_openssl.c#L211 you'll want to do one of two things:

1. Change your export to be NCRYPT_PKCS8_PRIVATE_KEY_BLOB; read that in OpenSSL with something like

PKCS8_PRIV_KEY_INFO* p8info =
    d2i_PKCS8_PRIV_KEY_INFO(NULL, &buf, len);

EVP_PKEY* key = EVP_PKCS82PKEY(p8info);
PKCS8_PRIV_KEY_INFO_free(p8info);

EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(key, NULL);
Int check = EVP_PKEY_check(ctx);
EVP_PKEY_CTX_free(ctx);

if (check != 1 && check != -2) { error; }

return key;

or 2) ask the key what algorithm family it belongs to, and do the algorithm-appropriate export, instead of RSA. Then you'll have to decode all of the MS blob formats and turn it into something OpenSSL can read... or, do (1).

[bartonjs]

Oh, I see, you chose (1) 😄 Nevermind 😄

[anrossi]

haha yeah, I looked into doing (2) first, and it looked daunting, so I decided to do (1) instead.