Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Problems with the Crypt functions.

Posted on 1998-08-13
2
Medium Priority
?
369 Views
Last Modified: 2013-11-20
I am trying to encrypt small strings of data. I am trying to use the Crypt functions. I think the sequence that I use this functions is as follows -

Encryption
1/ CryptAcquireContext
2/ CryptGenKey
3/ CryptCreateHash
4/CryptHashData
5/ CryptEncrypt

Question 1/ Should ever one of these items be destroyed.
Question 2/ Is there a way that I can not use the Hash key, as it is not all that necessary. The Hash key is the digital signature??
Decryption
1/ call the CryptDecrypt function.

Question3 - How do you use the same key for the decryption as the encryption. When the application has being exited, and entered at a different date. Is the "cryptographic key from a key blob " involved.

N. B Question 4 - When I try to use the CryptAcquireContext function, there is a big problem. I used the code
#include <wincrypt.h>

      HCRYPTPROV hProv = 0;
if(!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))
AfxMessageBox("ERROR");

I get the error message, i.e. the context is not being created.
I am using Visual C++ version 5 professional edition.
 The operating system that I am using is Windows 95 on a Fujitsu machine. In the help files, it says that this function applies to windows 95 OSR2, seen as I am using win95 with fujitsu hardware, it should satisfy this requirment.
 In the wincrypt.h there is a #if statement who*s braces enclose the entire page of code -
#if(_WIN32_WINNT >= 0x0400)
If the OS is NT v4, or greater, the expression evaluates to false. By commenting out this line, the page of code is executed, i.e. the       HCRYPTPROV hProv = 0 declaration is recognized, It wasn*t before the #if was commented out.
I also tried the same thing on an NT machine that was version 4, and it didn*t work either. So what am I doing wrong, or is it possible to use these function at all in the environment that I using them.

Question 5 - Is there another way of doing encryption in VC. The level of encryption that I require is quite low.
0
Comment
Question by:martythegreat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 6

Expert Comment

by:thresher_shark
ID: 1320771
Question 5 - You could always write your own encryption/decryption scheme.  It would probably provide and interesting challenge if you have nothing else to do :-)
0
 

Accepted Solution

by:
rsongco earned 100 total points
ID: 1320772
1. When you're done with your encryption and decryption tasks you should do some cleanup by destroying all the keys you have created and releasing the cryptographic context handle.  To destroy a key, use the function CryptDestroyKey(hKey).  To release the context handle, call CryptReleaseContext(hProv, 0).

2.  If you have no need for authentication, then you don't have to use a hash key and the hashing functions.

3. I would infer that you want to use a session key for this.  You need to export the session key into a key blob so that you can store it as ASCII characters (in a file, for example).  Then when you need the key again, read the key blob and extract the session key from it.  

To export the session key:
if RCRYPT_FAILED(CryptExportKey(hSesKey,
     hXchgKey, SIMPLEBLOB, 0, pBuffer, pdwBufferSize))
          AfxMessageBox("Error");

You need to pass a public key as one of the parameters (hXchgKey) in order to protect the session key that you're trying to extract.  pBuffer now contains the key blob representing your session key.  You can save this for later use.

Side note: to retrieve/create your public key,
if (RCRYPT_FAILED(CryptGetUserKey(hProv,
     AT_KEYEXCHANGE, &hXchgKey)))
          if (RCRYPT_FAILED(CryptGenKey(hProv, CALG_RSA_KEYX,                               CRYPT_EXPORTABLE, &hXchgKey)))
                    AfxMessageBox("Error");

The first function attempts to retrieve the public/private key pair from your system.  It fails if you have no key set.  You then create a new pair of keys.

To retrieve the session key:
if RCRYPT_FAILED(CryptImportKey(hProv, pBuffer, dwSize, NULL, 0, &hSesKey))
     AfxMessageBox("Error");

Here, your personal public key will be used to decrypt and retrieve the session key.  The public key associated with your account is permanent in your system unless you deliberately create a new one.

4. Use RCRYPT_FAILED instead of checking the value yourself.  Write it as follows:

if (RCRYPT_FAILED(CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0))
// then if this crypt function fails, it means that there is as yet no existing key container  
// associated with your user account; so you create one
{
     if (RCRYPT_FAILED(CryptAcquireContext(&m_hProv, NULL, NULL,
          PROV_RSA_FULL, CRYPT_NEWKEYSET)))
               AfxMessageBox("ERROR");
}

5. To get around the preprocessor definition limiting the usage of CryptoAPI to NT4 machines or later, include the following in your source code:

#define _WIN32_WINNT      0x400


0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is to be the first in a series of articles demonstrating the development of a complete windows based application using the MFC classes.  I’ll try to keep each article focused on one (or a couple) of the tasks that one may meet.   Introductio…
Have you tried to learn about Unicode, UTF-8, and multibyte text encoding and all the articles are just too "academic" or too technical? This article aims to make the whole topic easy for just about anyone to understand.
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question