Problems with the Crypt functions.

Posted on 1998-08-13
Last Modified: 2013-11-20
I am trying to encrypt small strings of data. I am trying to use the Crypt functions. I think the sequence that I use this functions is as follows -

1/ CryptAcquireContext
2/ CryptGenKey
3/ CryptCreateHash
5/ CryptEncrypt

Question 1/ Should ever one of these items be destroyed.
Question 2/ Is there a way that I can not use the Hash key, as it is not all that necessary. The Hash key is the digital signature??
1/ call the CryptDecrypt function.

Question3 - How do you use the same key for the decryption as the encryption. When the application has being exited, and entered at a different date. Is the "cryptographic key from a key blob " involved.

N. B Question 4 - When I try to use the CryptAcquireContext function, there is a big problem. I used the code
#include <wincrypt.h>

      HCRYPTPROV hProv = 0;
if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))

I get the error message, i.e. the context is not being created.
I am using Visual C++ version 5 professional edition.
 The operating system that I am using is Windows 95 on a Fujitsu machine. In the help files, it says that this function applies to windows 95 OSR2, seen as I am using win95 with fujitsu hardware, it should satisfy this requirment.
 In the wincrypt.h there is a #if statement who*s braces enclose the entire page of code -
#if(_WIN32_WINNT >= 0x0400)
If the OS is NT v4, or greater, the expression evaluates to false. By commenting out this line, the page of code is executed, i.e. the       HCRYPTPROV hProv = 0 declaration is recognized, It wasn*t before the #if was commented out.
I also tried the same thing on an NT machine that was version 4, and it didn*t work either. So what am I doing wrong, or is it possible to use these function at all in the environment that I using them.

Question 5 - Is there another way of doing encryption in VC. The level of encryption that I require is quite low.
Question by:martythegreat

Expert Comment

ID: 1320771
Question 5 - You could always write your own encryption/decryption scheme.  It would probably provide and interesting challenge if you have nothing else to do :-)

Accepted Solution

rsongco earned 50 total points
ID: 1320772
1. When you're done with your encryption and decryption tasks you should do some cleanup by destroying all the keys you have created and releasing the cryptographic context handle.  To destroy a key, use the function CryptDestroyKey(hKey).  To release the context handle, call CryptReleaseContext(hProv, 0).

2.  If you have no need for authentication, then you don't have to use a hash key and the hashing functions.

3. I would infer that you want to use a session key for this.  You need to export the session key into a key blob so that you can store it as ASCII characters (in a file, for example).  Then when you need the key again, read the key blob and extract the session key from it.  

To export the session key:
if RCRYPT_FAILED(CryptExportKey(hSesKey,
     hXchgKey, SIMPLEBLOB, 0, pBuffer, pdwBufferSize))

You need to pass a public key as one of the parameters (hXchgKey) in order to protect the session key that you're trying to extract.  pBuffer now contains the key blob representing your session key.  You can save this for later use.

Side note: to retrieve/create your public key,
if (RCRYPT_FAILED(CryptGetUserKey(hProv,
     AT_KEYEXCHANGE, &hXchgKey)))
          if (RCRYPT_FAILED(CryptGenKey(hProv, CALG_RSA_KEYX,                               CRYPT_EXPORTABLE, &hXchgKey)))

The first function attempts to retrieve the public/private key pair from your system.  It fails if you have no key set.  You then create a new pair of keys.

To retrieve the session key:
if RCRYPT_FAILED(CryptImportKey(hProv, pBuffer, dwSize, NULL, 0, &hSesKey))

Here, your personal public key will be used to decrypt and retrieve the session key.  The public key associated with your account is permanent in your system unless you deliberately create a new one.

4. Use RCRYPT_FAILED instead of checking the value yourself.  Write it as follows:

if (RCRYPT_FAILED(CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))
// then if this crypt function fails, it means that there is as yet no existing key container  
// associated with your user account; so you create one
     if (RCRYPT_FAILED(CryptAcquireContext(&m_hProv, NULL, NULL,

5. To get around the preprocessor definition limiting the usage of CryptoAPI to NT4 machines or later, include the following in your source code:

#define _WIN32_WINNT      0x400


Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction: Finishing the grid – keyboard support for arrow keys to manoeuvre, entering the numbers.  The PreTranslateMessage function is to be used to intercept and respond to keyboard events. Continuing from the fourth article about sudoku. …
Introduction: The undo support, implementing a stack. Continuing from the eigth article about sudoku.   We need a mechanism to keep track of the digits entered so as to implement an undo mechanism.  This should be a ‘Last In First Out’ collec…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question