I'm having issues in acquiring private key handles when the key is backed by nCipher KSP. For example when calling
cert.GetECDsaPrivateKey();
the call succeeds and the key is usable, however this call generates 5 (five) entries in Windows EventLog:
ERROR: NCCNG_NCryptGetKeyProperty: unsupported flags 0x40000000 (supported 0x00000040)
a quick research suggested that .NET API calls NCryptGetProperty with NCRYPT_PERSIST_ONLY_FLAG flags in dwFlags parameter and nCipher KSP does not support NCRYPT_PERSIST_ONLY_FLAG. I was unable to find a way to suppress these errors in nCipher configuration.
Is this a .NET or nCipher issue? What are other workarounds apart from directly introping CryptAcquireCertificatePrivateKey, NCryptOpenStorageProvider and NCryptOpenKey CryptoAPI functions?