📄 encryption.mht
字号:
<TR>
<TD vAlign=3Dcenter noWrap align=3Dright width=3D"60%">
<FORM style=3D"MARGIN: 0px" name=3DSearch =
action=3D/info/search.asp=20
method=3Dpost><B>Search </B><INPUT =
class=3DsmallText=20
style=3D"WIDTH: 200px" name=3Dtarget> <SELECT=20
style=3D"FONT-WEIGHT: bold; FONT-SIZE: 8pt" name=3Dst> =
<OPTION=20
value=3Dkw selected>Articles</OPTION> <OPTION=20
value=3Dau>Authors</OPTION></SELECT> <INPUT =
style=3D"FONT-WEIGHT: bold; FONT-SIZE: 8pt" type=3Dsubmit value=3D" Go! =
">=20
</FORM></TD>
<TD class=3DtinyText noWrap><A=20
=
href=3D"http://www.codeproject.com/info/search.asp">Advanced=20
Search</A><BR><A=20
=
href=3D"http://www.codeproject.com/script/articles/sections.asp">Sitemap<=
/A>=20
</TD></TR></TBODY></TABLE>
<TABLE width=3D"100%">
<TBODY>
<TR vAlign=3Dtop>
<TD class=3DSmallText noWrap>
<TABLE>
<TBODY>
<TR>
<TD class=3DsmallText noWrap><IMG=20
=
src=3D"http://www.codeproject.com/images/print.gif"=20
align=3DabsMiddle> <A=20
=
href=3D"http://www.codeproject.com/cpp/EncryptionCryptoAPI.asp?print=3Dtr=
ue"=20
target=3D_print>Print</A></TD>
<TD class=3DsmallText noWrap><IMG=20
=
src=3D"http://www.codeproject.com/script/images/sitebuild_icon.gif"=20
align=3DabsMiddle><A=20
=
href=3D"http://www.codeproject.com/script/submit/ReportProblem.asp?GUID=3D=
EncryptionCryptoAPI%2Fcpp9%2F8%2F2005">Broken=20
Article?</A></TD>
<TD class=3DsmallText noWrap><IMG=20
=
src=3D"http://www.codeproject.com/images/link.gif"=20
align=3DabsMiddle><A=20
=
href=3D"http://www.codeproject.com/script/profile/add_bookmark.asp?t=3D0&=
amp;ct=3D%2Fcpp%2FEncryptionCryptoAPI%2Easp&guid=3DEncryptionCryptoAP=
I%2Fcpp9%2F8%2F2005">Bookmark</A></TD>
<TD class=3DsmallText noWrap><IMG=20
=
src=3D"http://www.codeproject.com/images/mail_small.gif"=20
align=3DabsMiddle> <A=20
=
href=3D"http://www.codeproject.com/cpp/EncryptionCryptoAPI.asp#__comments=
">Discuss</A></TD>
<TD class=3DsmallText noWrap><IMG=20
=
src=3D"http://www.codeproject.com/images/mail.gif"=20
align=3DabsMiddle> <A=20
=
href=3D"http://www.codeproject.com/script/recommend/form.asp?guid=3DEncry=
ptionCryptoAPI%2Fcpp9%2F8%2F2005">Send=20
to a friend</A></TD></TR></TBODY></TABLE></TD>
<TD noWrap align=3Dright><A name=3D__top></A>
<TABLE>
<TBODY>
<TR>
<TD class=3DsmallText align=3Dright>7 votes for =
this=20
article.</TD>
<TD>
<TABLE cellSpacing=3D0 cellPadding=3D0 =
border=3D2>
<TBODY>
<TR>
<TD><IMG height=3D5=20
=
src=3D"http://www.codeproject.com/script/images/red.gif"=20
width=3D20 border=3D0></TD>
<TD><IMG height=3D5=20
=
src=3D"http://www.codeproject.com/script/images/red.gif"=20
width=3D20 border=3D0></TD>
<TD><IMG height=3D5=20
=
src=3D"http://www.codeproject.com/script/images/red.gif"=20
width=3D20 border=3D0></TD>
<TD><IMG height=3D5=20
=
src=3D"http://www.codeproject.com/script/images/red.gif"=20
width=3D14 border=3D0><IMG height=3D5=20
=
src=3D"http://www.codeproject.com/script/images/white.gif"=20
width=3D6 border=3D0></TD>
<TD><IMG height=3D5=20
=
src=3D"http://www.codeproject.com/script/images/white.gif"=20
width=3D20 =
border=3D0></TD></TR></TBODY></TABLE></TD></TR>
<TR>
<TD class=3DsmallText align=3Dright colSpan=3D2><A =
title=3D"Calculated as rating x Log10(# votes)"=20
=
href=3D"http://www.codeproject.com/script/articles/top_articles.asp?st=3D=
2">Popularity:=20
3.12</A>. Rating: <B>3.69</B> out of=20
=
5.</TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></TD></TR>
<TR>
<TD class=3DArticlePane><SPAN id=3DintelliTXT>
<DIV id=3Dcontentdiv><!-- Article Starts -->
<UL class=3Ddownload>
<LI><A=20
=
href=3D"http://www.codeproject.com/cpp/EncryptionCryptoAPI/EncryptionCryp=
toAPISrc.zip">Download=20
source code - 14 Kb</A>=20
<LI><A=20
=
href=3D"http://www.codeproject.com/cpp/EncryptionCryptoAPI/EncryptionCryp=
toAPISample.zip">Download=20
sample - 5.48 Kb</A> </LI></UL>
<H2>Introduction</H2>
<P>Using information technology today gets more and more=20
sophisticated. The information that is being transferred and =
stored=20
are often classified material of some kind and it is often =
necessary=20
to prevent it from being read by third parties. The keyword =
for this=20
particular problem is (both logical and physical) security. =
A part=20
of the security aspect is encryption. Often people think =
that=20
security is =93just=94 something you plug in afterwards =96 =
it is=20
definitely not!</P>
<P>A few rules of thumb when encryption is going to be =
included in=20
the final product can be summarised into the following =
basics:</P>
<OL>
<LI>Do not base the encryption on the algorithm itself.=20
<LI>Make the algorithm public and the key private. =
</LI></OL>
<H3>RSA Encryption</H3>
<P>One of the most well known encryptions today is the RSA=20
encryption. This form for encryption uses asymmetric keys. =
This=20
means that you cannot evaluate the second key if you have =
the first=20
one and vice versa.</P>
<P>The RSA encryption is a public-key crypto system, which =
uses two=20
algorithms (E, D), one for encryption and one for =
decryption. You=20
have a key pair containing: a secret key (sk) and a public =
key=20
(pk).</P>
<P>m =3D D <SUB>sk</SUB> (E <SUB>pk</SUB> (m)) <BR>m =3D =
c<SUP>d</SUP>=20
mod n AND c =3D m<SUP>e</SUP> mod n <=3D> <BR>m =3D =
(m<SUP>e</SUP>=20
mod n)<SUP>d</SUP> mod n</P>
<H3>CBC Mode</H3>
<P>The RSA encryption is typically using CBC mode (Cipher =
Block=20
Chaining mode) when encrypting. This means the text that is =
being=20
encrypted is divided into blocks. Each block is chained =
together,=20
using the XOR operator, and then encrypted.</P>
<P align=3Dcenter><IMG height=3D229 alt=3D"Sample =
screenshot"=20
=
src=3D"http://www.codeproject.com/cpp/EncryptionCryptoAPI/cbcmode.jpg"=20
width=3D380></P>
<P>When using the CBC mode of operation it is required that =
all=20
blocks have the same size. If the last block has a size less =
than=20
the others then it will be necessary to use padding. The =
padding=20
will then fill the block until it has the same size as the =
others.=20
Formally the CBC mode operates in the following way, where =
we start=20
with y<SUB>0</SUB>, which is a 64-bit <I>initialisation</I>=20
<I>vector</I>:</P>
<P>y <SUB>i</SUB> =3D e <SUB>k</SUB> (y <SUB>i-1</SUB> XOR x =
<SUB>i</SUB>), i >=3D 1</P>
<P>Doing the decryption, the entire operation is just =
reversed. This=20
means that the cipher blocks are decrypted and then XORed. =
In this=20
way we will end up with the clear text again.</P>
<P>x <SUB>i</SUB> =3D y <SUB>i-1</SUB> XOR (d <SUB>k</SUB> =
(y=20
<SUB>i</SUB>)) , i >=3D 1</P>
<H2>Using the code</H2>
<P>The Win32 Crypto API does provide some functionality, =
which can=20
be used to perform an encryption. The advantage using the =
Crypto API=20
is that you don=92t need to use/find any third party =
cryptographic=20
provider and figure out how it is installed and used. Simply =
use the=20
one that sticks to the operating system. The disadvantage is =
clear =96=20
it is not simple to change to another operation system.</P>
<P align=3Dcenter><IMG height=3D159 alt=3D"Sample =
screenshot"=20
=
src=3D"http://www.codeproject.com/cpp/EncryptionCryptoAPI/screen1.jpg"=20
width=3D354></P>
<P>Before any functionality can be used it is necessary to =
create a=20
context. This context is used several times when doing the=20
encryption, so it is important that the handle is kept open =
until=20
the encryption is done.</P><PRE><SPAN =
class=3Dcpp-keyword>if</SPAN> (!CryptAcquireContext(&hProv, NULL, =
MS_DEF_PROV, PROV_RSA_FULL, <SPAN class=3Dcpp-literal>0</SPAN>))
{
dwResult =3D GetLastError();
<SPAN class=3Dcpp-keyword>if</SPAN> (dwResult =3D=3D NTE_BAD_KEYSET)
{
<SPAN class=3Dcpp-keyword>if</SPAN> =
(!CryptAcquireContext(&hProv,=20
NULL, MS_DEF_PROV, PROV_RSA_FULL,=20
CRYPT_NEWKEYSET))
{
dwResult =3D GetLastError();
MessageBox(<SPAN class=3Dcpp-string>"Error [0x%x]: =
CryptAcquireContext() failed."</SPAN>,=20
<SPAN class=3Dcpp-string>"Information"</SPAN>, =
MB_OK);
<SPAN class=3Dcpp-keyword>return</SPAN>;
}
}
<SPAN class=3Dcpp-keyword>else</SPAN> {
dwResult =3D GetLastError();
<SPAN class=3Dcpp-keyword>return</SPAN>;
}
}</PRE>
<P>When we get the context, we need to get a (session) key, =
which we=20
are going to use when doing the encryption. The key can be =
created=20
from scratch or it can be imported from a file. In the =
following=20
code snip, the <CODE>pbBlob</CODE> is (if not =
<CODE>NULL</CODE>) a=20
binary that contains the key, which is fetched from a =
file.</P><PRE><SPAN class=3Dcpp-keyword>if</SPAN> (pbBlob) {
<SPAN class=3Dcpp-keyword>if</SPAN> (!CryptImportKey(hProv, pbBlob, =
cbBlob, <SPAN class=3Dcpp-literal>0</SPAN>, <SPAN =
class=3Dcpp-literal>0</SPAN>, &hSessionKey))
{
dwResult =3D GetLastError();
MessageBox(<SPAN class=3Dcpp-string>"Error [0x%x]: =
CryptImportKey() failed."</SPAN>,=20
<SPAN =
class=3Dcpp-string>"Information"</SPAN>, MB_OK);
<SPAN class=3Dcpp-keyword>return</SPAN>;
}
}
<SPAN class=3Dcpp-keyword>else</SPAN> {=20
<SPAN class=3Dcpp-keyword>if</SPAN> (!CryptImportKey(hProv, =
PrivateKeyWithExponentOfOne,=20
<SPAN =
class=3Dcpp-keyword>sizeof</SPAN>(PrivateKeyWithExponentOfOne), <SPAN =
class=3Dcpp-literal>0</SPAN>, <SPAN class=3Dcpp-literal>0</SPAN>, =
&hKey))
{
dwResult =3D GetLastError();
MessageBox(<SPAN class=3Dcpp-string>"Error CryptImportKey() =
failed."</SPAN>,=20
<SPAN =
class=3Dcpp-string>"Information"</SPAN>, MB_OK);
<SPAN class=3Dcpp-keyword>return</SPAN>;
}
<SPAN class=3Dcpp-keyword>if</SPAN> (!CryptGenKey(hProv, CALG_RC4, =
CRYPT_EXPORTABLE, &hSessionKey))
{
dwResult =3D GetLastError();
MessageBox(<SPAN class=3Dcpp-string>"Error CryptGenKey() =
failed."</SPAN>,=20
<SPAN =
class=3Dcpp-string>"Information"</SPAN>, MB_OK);
<SPAN class=3Dcpp-keyword>return</SPAN>;
}
}</PRE>
<P>It is always a good idea to use the PKCS#7 standard, when =
storing=20
the key. Please note that the project enclosed with this =
article=20
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -