I am in the processing of implementing a CNG ECDH and then I am trying to use the BCRYPT_KDF_SP80056A_CONCAT KDF to derive a symmetric AES256 key (BCryptDeriveKey()). I am having a problem (i always get back 0xc000000d status returned.) i have generated a shared secret successfully and I have created the buffer desc "BCryptBufferDesc" which has an array of "BCryptBuffer" with 1 AlgorithmID, 1 PartyU and 1 PartyV "other info". I think I have the structures all defined and populated properly. I am just picking some "values" for PartyU and PartyV bytes (i tried 1 byte and 16 bytes for each but i get the same result). NIST documentation gives no details about what the other info should be.. i have followed the Microsoft web site for creating these structures, using the defined strings, defines, etc. I tried with the standard L"HASH" kdf and it works and i get the same derived key on both "sides", but with the concatenation KDF i always get the same 0xC000000D status back.. Has anybody else been able to successfully use BCRYPT_KDF_SP80056A_CONCAT CNG KDF? If you did, do you have any hints? I have yet to find any "example" of proper usage of this KDF..

Hi, Please check this article: BCryptDeriveKey function http://msdn.microsoft.com/en-us/library/windows/desktop/aa375393(v=vs.85).aspx If you need further assistance, I would like to suggest that you initiate a new thread in one of the MSDN forum for better and accurate answer to the question. The community members and support professionals there are more familiar with coding and can help you in a more efficient way. MSDN forum http://social.msdn.microsoft.com/Forums/en-US/categories/ Thanks for your understanding. Regards, Bruce