Solved

Problems with the Crypt functions.

Posted on 1998-08-13
2
342 Views
Last Modified: 2013-11-20
I am trying to encrypt small strings of data. I am trying to use the Crypt functions. I think the sequence that I use this functions is as follows -

Encryption
1/ CryptAcquireContext
2/ CryptGenKey
3/ CryptCreateHash
4/CryptHashData
5/ CryptEncrypt

Question 1/ Should ever one of these items be destroyed.
Question 2/ Is there a way that I can not use the Hash key, as it is not all that necessary. The Hash key is the digital signature??
Decryption
1/ call the CryptDecrypt function.

Question3 - How do you use the same key for the decryption as the encryption. When the application has being exited, and entered at a different date. Is the "cryptographic key from a key blob " involved.

N. B Question 4 - When I try to use the CryptAcquireContext function, there is a big problem. I used the code
#include <wincrypt.h>

      HCRYPTPROV hProv = 0;
if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))
AfxMessageBox("ERROR");

I get the error message, i.e. the context is not being created.
I am using Visual C++ version 5 professional edition.
 The operating system that I am using is Windows 95 on a Fujitsu machine. In the help files, it says that this function applies to windows 95 OSR2, seen as I am using win95 with fujitsu hardware, it should satisfy this requirment.
 In the wincrypt.h there is a #if statement who*s braces enclose the entire page of code -
#if(_WIN32_WINNT >= 0x0400)
If the OS is NT v4, or greater, the expression evaluates to false. By commenting out this line, the page of code is executed, i.e. the       HCRYPTPROV hProv = 0 declaration is recognized, It wasn*t before the #if was commented out.
I also tried the same thing on an NT machine that was version 4, and it didn*t work either. So what am I doing wrong, or is it possible to use these function at all in the environment that I using them.

Question 5 - Is there another way of doing encryption in VC. The level of encryption that I require is quite low.
0
Comment
Question by:martythegreat
2 Comments
 
LVL 6

Expert Comment

by:thresher_shark
ID: 1320771
Question 5 - You could always write your own encryption/decryption scheme.  It would probably provide and interesting challenge if you have nothing else to do :-)
0
 

Accepted Solution

by:
rsongco earned 50 total points
ID: 1320772
1. When you're done with your encryption and decryption tasks you should do some cleanup by destroying all the keys you have created and releasing the cryptographic context handle.  To destroy a key, use the function CryptDestroyKey(hKey).  To release the context handle, call CryptReleaseContext(hProv, 0).

2.  If you have no need for authentication, then you don't have to use a hash key and the hashing functions.

3. I would infer that you want to use a session key for this.  You need to export the session key into a key blob so that you can store it as ASCII characters (in a file, for example).  Then when you need the key again, read the key blob and extract the session key from it.  

To export the session key:
if RCRYPT_FAILED(CryptExportKey(hSesKey,
     hXchgKey, SIMPLEBLOB, 0, pBuffer, pdwBufferSize))
          AfxMessageBox("Error");

You need to pass a public key as one of the parameters (hXchgKey) in order to protect the session key that you're trying to extract.  pBuffer now contains the key blob representing your session key.  You can save this for later use.

Side note: to retrieve/create your public key,
if (RCRYPT_FAILED(CryptGetUserKey(hProv,
     AT_KEYEXCHANGE, &hXchgKey)))
          if (RCRYPT_FAILED(CryptGenKey(hProv, CALG_RSA_KEYX,                               CRYPT_EXPORTABLE, &hXchgKey)))
                    AfxMessageBox("Error");

The first function attempts to retrieve the public/private key pair from your system.  It fails if you have no key set.  You then create a new pair of keys.

To retrieve the session key:
if RCRYPT_FAILED(CryptImportKey(hProv, pBuffer, dwSize, NULL, 0, &hSesKey))
     AfxMessageBox("Error");

Here, your personal public key will be used to decrypt and retrieve the session key.  The public key associated with your account is permanent in your system unless you deliberately create a new one.

4. Use RCRYPT_FAILED instead of checking the value yourself.  Write it as follows:

if (RCRYPT_FAILED(CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))
// then if this crypt function fails, it means that there is as yet no existing key container  
// associated with your user account; so you create one
{
     if (RCRYPT_FAILED(CryptAcquireContext(&m_hProv, NULL, NULL,
          PROV_RSA_FULL, CRYPT_NEWKEYSET)))
               AfxMessageBox("ERROR");
}

5. To get around the preprocessor definition limiting the usage of CryptoAPI to NT4 machines or later, include the following in your source code:

#define _WIN32_WINNT      0x400


0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Introduction: Dialogs (2) modeless dialog and a worker thread.  Handling data shared between threads.  Recursive functions. Continuing from the tenth article about sudoku.   Last article we worked with a modal dialog to help maintain informat…
If you use Adobe Reader X it is possible you can't open OLE PDF documents in the standard. The reason is the 'save box mode' in adobe reader X. Many people think the protected Mode of adobe reader x is only to stop the write access. But this fe…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now