/*
下面我們來看看如何哈希一個(gè)對話密鑰,這個(gè)密鑰可以用來對一個(gè)消息,文件進(jìn)行加密。我們依舊從一個(gè)程序開始。
*/
#include "stdafx.h"
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#pragma comment (lib, "crypt32.lib")
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)void MyHandleError(LPTSTR psz)
{_ftprintf(stderr, TEXT("An error occurred in the program. \n"));_ftprintf(stderr, TEXT("%s\n"), psz);_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());_ftprintf(stderr, TEXT("Program terminating. \n"));exit(1);
} // End of MyHandleError.void main()
{//--------------------------------------------------------------------// Copyright (c) Microsoft Corporation. All rights reserved.// Declare variables.HCRYPTPROV hCryptProv;HCRYPTHASH hHash;HCRYPTKEY hKey;//--------------------------------------------------------------------// Begin processing.printf("Process beginning. Creating a session key. \n");BYTE pData[11]="1234567890";if(CryptAcquireContext( // 首先依舊是獲取一個(gè)缺省的CSP句柄&hCryptProv, NULL, NULL, PROV_RSA_FULL, 0)) {printf("CryptAcquireContext complete. \n");}else{MyHandleError(TEXT("Acquisition of context failed."));}if(CryptCreateHash( // 創(chuàng)建一個(gè)CALG_MD5算法的HASH對象,這個(gè)hash對象用的是MD5算法hCryptProv, // 指定一個(gè)CSP句柄CALG_MD5, // 指定算法0, 0, &hHash)) {printf("An empty hash object has been created. \n");}else{MyHandleError(TEXT("Error during CryptBeginHash!\n"));}if(CryptGenKey( // 創(chuàng)建密鑰hCryptProv, // 傳入一個(gè)CSP句柄CALG_RC2, // 指明密鑰身成所用算法CRYPT_EXPORTABLE, // 說明密鑰是可以導(dǎo)出到CSP,用于這個(gè)應(yīng)用程序外的&hKey)) {printf("A random session key has been created. \n");}else{MyHandleError(TEXT("Error during CryptGenKey!\n"));}if(CryptHashSessionKey( //對生成的密鑰進(jìn)行hashhHash, hKey, 0)){printf("The session key has been hashed. \n");}else{MyHandleError(TEXT("Error during CryptHashSessionKey!\n"));}DWORD dwRead; //在這里就可以添加代碼,用生成的密鑰進(jìn)行加密if(hHash){if(!(CryptDestroyHash(hHash)))MyHandleError(TEXT("Error during CryptDestroyHash"));}if(hKey){if(!(CryptDestroyKey(hKey)))MyHandleError(TEXT("Error during CryptDestroyKey"));}// Release the CSP.if(hCryptProv){if(!(CryptReleaseContext(hCryptProv,0)))MyHandleError(TEXT("Error during CryptReleaseContext"));}printf("Create random session key completed without error. \n");
} // end main
實(shí)驗(yàn)6`````````````````````````````
/*
下面逐漸進(jìn)入主題了,現(xiàn)在來講講是如何對數(shù)據(jù)進(jìn)行Encoding and Decoding的。依舊是從一段程序中開始。
*/
#include "stdafx.h"
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#pragma comment (lib, "crypt32.lib")
#define MY_ENCODING_TYPE (X509_ASN_ENCODING | PKCS_7_ASN_ENCODING)void MyHandleError(LPTSTR psz)
{_ftprintf(stderr, TEXT("An error occurred in the program. \n"));_ftprintf(stderr, TEXT("%s\n"), psz);_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());_ftprintf(stderr, TEXT("Program terminating. \n"));exit(1);
} // End of MyHandleError.void main(void)
{HCRYPTMSG hMsg; //指向一個(gè)消息句柄BYTE* pbContent; //一個(gè)BYTE指針指向消息DWORD cbContent; //消息長度DWORD cbEncodedBlob; //ECODE的BLOB的大小BYTE *pbEncodedBlob; //一個(gè)BYTE指針指向ENCODE BLOBDWORD cbData = sizeof(DWORD); //數(shù)據(jù)大小DWORD cbDecoded; //Decode內(nèi)容大小BYTE *pbDecoded; //指向Decode的指針pbContent = (BYTE*)"Security is our only business";cbContent = strlen((char *) pbContent)+1;printf("The original message => %s\n",pbContent); if(cbEncodedBlob = CryptMsgCalculateEncodedLength(MY_ENCODING_TYPE, //指定Encode類型,在程序的開頭已經(jīng)預(yù)定義了,MY_ENCODING_TYPE 就是 PKCS_7_ASN_ENCODING | X509_ASN_ENCODING0, //FlagsCMSG_DATA, // 定義了數(shù)據(jù)的類型,這里指定為BYTE型的字符串NULL, NULL, cbContent)) // 內(nèi)容的大小//這里的的函數(shù)的作用是計(jì)算指定消息Encode所需要的最大的長度,通過計(jì)算,為一個(gè)BLOB分配內(nèi)存空間。{printf("The length of the data has been calculated. \n");}else{MyHandleError(TEXT("Getting cbEncodedBlob length failed"));}//為encode blob分配內(nèi)存空間if(pbEncodedBlob = (BYTE *) malloc(cbEncodedBlob)){printf("Memory has been allocated for the signed message. \n");}else{MyHandleError(TEXT("Memory allocation failed"));}if(hMsg = CryptMsgOpenToEncode( //CryptMsgOpenToEncode為Encode,開一個(gè)消息MY_ENCODING_TYPE, // Encode類型,文件開始有說明0, // FlagsCMSG_DATA, // 指定Message的類型,CMSG_DATA說明類型沒用到NULL, // 現(xiàn)在沒有到,為NULLNULL, // 同上NULL)) // 不是流加密,這個(gè)參數(shù)為NULL{printf("The message to be encoded has been opened. \n");}else{MyHandleError(TEXT("OpenToEncode failed"));}if(CryptMsgUpdate( // CryptMsgUpdate將數(shù)據(jù)加到消息中,可以通過循環(huán),將數(shù)據(jù)一段段的加得到消息中hMsg, // 一個(gè)小心句柄pbContent, // 指向數(shù)據(jù)的指針cbContent, // 數(shù)據(jù)的大小TRUE)) // TRUE表明這個(gè)是最后一段數(shù)據(jù),在開個(gè)消息的時(shí)候,如果CMSG_DETACHED_FLAG有使用到,這設(shè)為FALSE,否則為TRUE。{printf("Content has been added to the encoded message. \n");}else{MyHandleError(TEXT("MsgUpdate failed"));}if(CryptMsgGetParam( // CryptMsgGetParam是獲取一個(gè)消息中的參數(shù)hMsg, // 一個(gè)消息句柄CMSG_BARE_CONTENT_PARAM, //指定要獲取的參數(shù)的類型0, pbEncodedBlob, // 一個(gè)接受數(shù)據(jù)的內(nèi)存地址&cbEncodedBlob)) // BLOB的大小,即是上面接受的數(shù)據(jù)的大小{printf("Message encoded successfully. \nencoded");printf("The message is %s.\n",(LPSTR)pbEncodedBlob);}else{MyHandleError(TEXT("MsgGetParam failed"));}//釋放消息句柄if(hMsg)CryptMsgClose(hMsg);//if(hMsg = CryptMsgOpenToDecode( //開個(gè)Decode的小心句柄,參數(shù)和上面的Encode一樣MY_ENCODING_TYPE, 0, CMSG_DATA, NULL, NULL, NULL)) {printf("The message to decode is open. \n");}else{MyHandleError(TEXT("OpenToDecode failed"));}//下面的過程和Encode類似,調(diào)用的函數(shù)和上面相同,只不過是過程逆向printf("\nThe length of the encoded message is %d.\n\n",cbEncodedBlob);if(CryptMsgUpdate(hMsg, // Handle to the messagepbEncodedBlob, // Pointer to the encoded BLOBcbEncodedBlob, // Size of the encoded BLOBTRUE)) // Last call{printf("The encoded BLOB has been added to the message. \n");}else{MyHandleError(TEXT("Decode MsgUpdate failed"));}if(CryptMsgGetParam( // CryptMsgGetParam的調(diào)用和上面有所不同,這里一共是調(diào)用兩次,第一次的作用主要是得到消息的大小,第二次是得到消息所在的內(nèi)存地址hMsg, //消息句柄CMSG_CONTENT_PARAM, // Parameter type0, NULL, // Address for returned // information&cbDecoded)) // Size of the returned// information{printf("The decoded message size is %d. \n", cbDecoded);}else{MyHandleError(TEXT("Decode CMSG_CONTENT_PARAM failed"));}if(pbDecoded = (BYTE *) malloc(cbDecoded)){printf("Memory has been allocated for the decoded message.\n");}else{MyHandleError(TEXT("Decoding memory allocation failed."));}if(CryptMsgGetParam(hMsg, // Handle to the messageCMSG_CONTENT_PARAM, // Parameter type0, // IndexpbDecoded, // Address for returned // information&cbDecoded)) // Size of the returned // information{printf("The message is %s.\n",(LPSTR)pbDecoded);}else{MyHandleError(TEXT("Decode CMSG_CONTENT_PARAM #2 failed"));}if(pbEncodedBlob)free(pbEncodedBlob);if(pbDecoded)free(pbDecoded);if(hMsg)CryptMsgClose(hMsg);printf("This program ran to completion without error. \n");} // End of main
實(shí)驗(yàn)5`````````````````````````````
/*
當(dāng)我們已經(jīng)生成了一個(gè)密鑰,我們下面要做的是如何保存,導(dǎo)出,導(dǎo)入一個(gè)對話密鑰。將一個(gè)密鑰保存起來,導(dǎo)出,保存到硬盤上。這樣,這個(gè)密鑰就可以在其它應(yīng)用程序上使用,而不會(huì)隨著生成密鑰程序的關(guān)閉而丟失了。下面這段程序就是用來演示如何保存,導(dǎo)出一個(gè)對話密鑰的。
*/
#include "stdafx.h"
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)void MyHandleError(LPTSTR psz)
{_ftprintf(stderr, TEXT("An error occurred in the program. \n"));_ftprintf(stderr, TEXT("%s\n"), psz);_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());_ftprintf(stderr, TEXT("Program terminating. \n"));exit(1);
} // End of MyHandleError.
void main(void)
{//--------------------------------------------------------------------// Declare and initialize variables.HCRYPTPROV hProv; // CSP handleHCRYPTKEY hSignKey; // Signature key pair handleHCRYPTKEY hXchgKey; // Exchange key pair handleHCRYPTKEY hKey; // Session key handleBYTE *pbKeyBlob; // Pointer to a simple key BLOBDWORD dwBlobLen; // The length of the key BLOB//--------------------------------------------------------------------// Acquire a cryptographic provider context handle.if(CryptAcquireContext( // 獲取一個(gè)缺省容器的CSP句柄&hProv, NULL, NULL, PROV_RSA_FULL, 0)) {printf("The CSP has been acquired. \n");}else{MyHandleError(TEXT("Error during CryptAcquireContext."));}if(CryptGetUserKey( // CryptGetUserKey是獲取一個(gè)密鑰//句柄的函數(shù),成功返回TRUEhProv, //指定容器的CSP模塊句柄AT_SIGNATURE, //指定私鑰的類型&hSignKey)) //原來接收獲取的密鑰句柄{_tprintf(TEXT("A signature key is available.\n"));}else{_tprintf(TEXT("No signature key is available.\n"));if(GetLastError() == NTE_NO_KEY) // NTE_NO_KEY意味著密鑰不存在,下面就生成一個(gè)密鑰{_tprintf(TEXT("The signature key does not exist.\n"));_tprintf(TEXT("Create a signature key pair.\n")); if(CryptGenKey( // CryptGenKey生成一個(gè)密鑰hProv, //指定CSP模塊的句柄AT_SIGNATURE, //對于公鑰密碼系統(tǒng),生成一個(gè)私鑰和一個(gè)公鑰,這個(gè)參數(shù)指定了這個(gè)密鑰是公鑰,于是生成了一個(gè)密碼對。如果不是公鑰系統(tǒng),則指定了密碼算法,具體看MSDN。0, //指定了生成密鑰的類型,這個(gè)參數(shù)的說明挺多的,想獲取更為詳盡的資料請看MSDN。&hSignKey)) {_tprintf(TEXT("Created a signature key pair.\n"));}else{MyHandleError(TEXT("Error occurred creating a ")TEXT("signature key.\n")); }}else{MyHandleError(TEXT("An error other than NTE_NO_KEY ")TEXT("getting a signature key.\n"));}} // End if.//--------------------------------------------------------------------if(CryptGetUserKey( // 獲取一個(gè)AT_KEYEXCHANGE,類型的密鑰句柄,保存在hXchgKey中hProv, AT_KEYEXCHANGE, &hXchgKey)) {printf("The key exchange key has been acquired. \n");}else{printf("Error during CryptGetUserKey exchange key.");}// Generate a session key.if (CryptGenKey( //生成一個(gè)CRYPT_EXPORTABLE(可導(dǎo)出的),CALG_RC4(指定算法)的密鑰,保存在hKeyhProv, CALG_RC4, CRYPT_EXPORTABLE, &hKey)){ printf("Original session key is created. \n");}else{MyHandleError(TEXT("ERROR -- CryptGenKey."));}if(CryptExportKey( // CryptExportKey導(dǎo)出一個(gè)密鑰hKey, // 將要導(dǎo)出的密鑰的句柄hXchgKey, //用戶最終使用到的密鑰的句柄SIMPLEBLOB, // 指定BLOB的類型,SIMPLEBLOB說明是 用來導(dǎo)出對話密鑰的0, // 指定密鑰的附加屬性NULL, &dwBlobLen)) // 當(dāng)時(shí)這個(gè)函數(shù)在這里的主要//目的是得到這個(gè)BLOB的長度{printf("Size of the BLOB for the session key determined. \n");}else{MyHandleError(TEXT("Error computing BLOB length."));}if(pbKeyBlob = (BYTE*)malloc(dwBlobLen)) {printf("Memory has been allocated for the BLOB. \n");}else{MyHandleError(TEXT("Out of memory. \n"));}if(CryptExportKey( //這是這個(gè)函數(shù)才是真正的導(dǎo)出密鑰hKey, hXchgKey, SIMPLEBLOB, 0, pbKeyBlob, &dwBlobLen)){printf("Contents have been written to the BLOB. \n");}else{MyHandleError(TEXT("Error during CryptExportKey."));}free(pbKeyBlob); //釋放內(nèi)存// Destroy the session key.if(hKey)CryptDestroyKey(hKey);// Destroy the signature key handle.if(hSignKey)CryptDestroyKey(hSignKey);// Destroy the key exchange key handle.if(hXchgKey)CryptDestroyKey(hXchgKey);// Release the provider handle.if(hProv) CryptReleaseContext(hProv, 0);printf("The program ran to completion without error. \n");}
實(shí)驗(yàn)4`````````````````````````````
/*
講如何復(fù)制一個(gè)對話密鑰,照例是從一個(gè)程序講起,完成以下任務(wù)。獲取一個(gè)CSP句柄,
創(chuàng)建一個(gè)對話密鑰,復(fù)制密鑰。改變密鑰生成過程,隨機(jī)填充一個(gè)緩沖區(qū),銷毀密鑰句柄,釋放CSP句柄
*/
#include "stdafx.h"
#include <stdio.h>
#include <tchar.h>
#include <string.h>
#include <conio.h>
#include <windows.h>
#include <Wincrypt.h>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)void MyHandleError(LPTSTR psz)
{_ftprintf(stderr, TEXT("An error occurred in the program. \n"));_ftprintf(stderr, TEXT("%s\n"), psz);_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());_ftprintf(stderr, TEXT("Program terminating. \n"));exit(1);
} // End of MyHandleError.void GetConsoleInput(char* strInput, int intMaxChars)
{char ch;char minChar = ' ';minChar++;ch = getch();while (ch != '\r'){if (ch == '\b' && strlen(strInput) > 0){strInput[strlen(strInput)-1] = '\0';printf("\b \b");}else if (ch >= minChar && strlen(strInput) < intMaxChars){strInput[strlen(strInput)+1] = '\0';strInput[strlen(strInput)] = ch;putch('*');}ch = getch();}putch('\n');
}void main()
{//-------------------------------------------------------------------// Declare and initialize variables.HCRYPTPROV hCryptProv; // CSP句柄HCRYPTKEY hOriginalKey; // 源密鑰句柄HCRYPTKEY hDuplicateKey; // 復(fù)制后的密鑰句柄DWORD dwMode; BYTE pbData[16];printf("This program creates a session key and duplicates \n");printf("that key. Next, parameters are added to the original \n");printf("key. Finally, both keys are destroyed. \n\n");if(CryptAcquireContext( // 獲取CSP句柄,前面敘述過了,這里就不敘述了&hCryptProv,NULL,NULL,PROV_RSA_FULL,0)) { printf("CryptAcquireContext succeeded. \n");}else{MyHandleError(TEXT("Error during CryptAcquireContext!\n"));}//-------------------------------------------------------------------if (CryptGenKey( // 生成一個(gè)CALG_RC4算法生成的密鑰,保存在hOriginalKey中hCryptProv, CALG_RC4, // ALG_ID結(jié)構(gòu),指定生成這個(gè)密鑰使用的算法0, &hOriginalKey)){printf("Original session key is created. \n");}else{MyHandleError(TEXT("ERROR - CryptGenKey."));}if (CryptDuplicateKey( // 復(fù)制密鑰hOriginalKey, // 源密鑰NULL, // 保留參數(shù),必須為NULL0, // 保留參數(shù),必須為0&hDuplicateKey)) // 副本密鑰{printf("The session key has been duplicated. \n");}else{MyHandleError(TEXT("ERROR - CryptDuplicateKey"));}// 給源密鑰設(shè)置附加參數(shù)dwMode = CRYPT_MODE_ECB; //CRYPT_MODE_ECB是一個(gè)沒有反饋的塊加密模式 if(CryptSetKeyParam(hOriginalKey, KP_MODE, // KP_MODE指定密鑰的某種屬性被改變,// 意味著改變的是加密模式(BYTE*)&dwMode, // 指向一個(gè)已經(jīng)被初始化的緩沖區(qū)0)) {printf("Key Parameters set. \n");}else{MyHandleError(TEXT("Error during CryptSetKeyParam."));}if(CryptGenRandom( // 隨機(jī)填充一塊緩沖區(qū)hCryptProv, // CSP句柄8, // 緩沖區(qū)大小pbData)) // 緩沖區(qū)地址{printf("Random sequence generated. \n");}else{MyHandleError(TEXT("Error during CryptGenRandom."));}if(CryptSetKeyParam( //再次給密鑰設(shè)置屬性hOriginalKey, KP_IV, // KP_IV意味著,這個(gè)函數(shù)的第三個(gè)參數(shù)指向一個(gè)BYTE數(shù)組,數(shù)組大小為塊大小/8。pbData, 0)) {printf("Parameter set with random sequence as ""initialization vector. \n");}else{MyHandleError(TEXT("Error during CryptSetKeyParam."));}//-------------------------------------------------------------------if (hOriginalKey) // 以下依次銷毀,釋放源密鑰句柄,副本句柄,CSP句柄,if (!CryptDestroyKey(hOriginalKey))MyHandleError(TEXT("Failed CryptDestroyKey\n"));if (hDuplicateKey)if (!CryptDestroyKey(hDuplicateKey))MyHandleError(TEXT("Failed CryptDestroyKey\n"));if(hCryptProv)if (!CryptReleaseContext(hCryptProv, 0))MyHandleError(TEXT("Failed CryptReleaseContext\n"));printf("\nThe program ran to completion without error. \n");} // End of main.
實(shí)驗(yàn)3`````````````````````````````
/*任務(wù)一:調(diào)用CryptAcquireContext,獲取一個(gè)缺省CSP和缺省密鑰容器的句柄任務(wù)二:用CryptCreateHash去創(chuàng)建一個(gè)空的哈希對象任務(wù)三:用CryptHashData.哈希密碼任務(wù)四:調(diào)用CryptDeriveKey獲取一個(gè)對話密鑰任務(wù)五:銷毀密碼和哈希后的數(shù)據(jù)任務(wù)六:釋放CSP
*/
#include "stdafx.h"
#include <stdio.h>
#include <tchar.h>
#include <string.h>
#include <conio.h>
#include <windows.h>
#include <Wincrypt.h>void MyHandleError(LPTSTR psz)
{_ftprintf(stderr, TEXT("An error occurred in the program. \n"));_ftprintf(stderr, TEXT("%s\n"), psz);_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());_ftprintf(stderr, TEXT("Program terminating. \n"));exit(1);
} // End of MyHandleError.void GetConsoleInput(char* strInput, int intMaxChars)
{char ch;char minChar = ' ';minChar++;ch = getch();while (ch != '\r'){if (ch == '\b' && strlen(strInput) > 0){strInput[strlen(strInput)-1] = '\0';printf("\b \b");}else if (ch >= minChar && strlen(strInput) < intMaxChars){strInput[strlen(strInput)+1] = '\0';strInput[strlen(strInput)] = ch;putch('*');}ch = getch();}putch('\n');
}
void main()
{HCRYPTPROV hCryptProv; // 定義CSP句柄HCRYPTKEY hKey; // 定義密鑰句柄HCRYPTHASH hHash; // 定義一個(gè)HASH對象的句柄CHAR szPassword[512] = ""; // 定義512大小的字符數(shù)組,用來保存密碼DWORD dwLength; // 保存密碼長度fprintf(stderr,"Enter a password to be used to create a key:");GetConsoleInput(szPassword, 512); // 獲取密碼,這個(gè)是自己寫的函數(shù),目的是在屏幕上顯示的是*。printf("The password has been stored.\n");dwLength = strlen(szPassword);if(CryptAcquireContext( //以下是獲取一個(gè)缺省的PROV_RSA_FULL CSP 句柄&hCryptProv, NULL, NULL, PROV_RSA_FULL, 0)) {printf("A context has been acquired. \n");}else{MyHandleError(TEXT("Error during CryptAcquireContext!"));}//--------------------------------------------------------------------if(CryptCreateHash( // 調(diào)用CryptCreateHash創(chuàng)建一個(gè)HASH對象hCryptProv, // 一個(gè)CSP句柄CALG_MD5, // 確定哈希算法 8003h0, //對于非密鑰算法,這個(gè)參數(shù)一定是0,如果是密鑰算法,那么這個(gè)參數(shù)就是密鑰0, // 保留參數(shù),為0&hHash)) // 一個(gè)哈希對象的指針{printf("An empty hash object has been created. \n");}else{MyHandleError(TEXT("Error during CryptCreateHash!"));}//--------------------------------------------------------------------if(CryptHashData( // 調(diào)用CryptHashData哈希密碼hHash, // 哈希對象(BYTE *)szPassword, // 指向緩沖區(qū)的地址dwLength, // 密碼長度0)) {printf("The password has been hashed. \n");}else{MyHandleError(TEXT("Error during CryptHashData!"));}//--------------------------------------------------------------------if(CryptDeriveKey( //調(diào)用CryptDeriveKey獲取對話密碼hCryptProv, // CSP句柄CALG_RC2, // 6602h 一個(gè)ALG_ID結(jié)構(gòu),用來指定對稱密鑰生成的算法hHash, // 哈希對象CRYPT_EXPORTABLE, //指定生成密鑰的類型,CRYPT_EXPORTABLE意味著這個(gè)程序生成的密鑰可以被其它程序調(diào)用,而不是僅僅限于這個(gè)程序當(dāng)中。但是它不能用于非對稱密碼中。&hKey)) {printf("The key has been derived. \n");}else{MyHandleError(TEXT("Error during CryptDeriveKey!"));}if(hHash) // 銷毀哈希對象{if(!(CryptDestroyHash(hHash)))MyHandleError(TEXT("Error during CryptDestroyHash"));}if(hKey) // 銷毀密鑰句柄{if(!(CryptDestroyKey(hKey)))MyHandleError(TEXT("Error during CryptDestroyKey"));}if(hCryptProv) // 銷毀CSP句柄{if(!(CryptReleaseContext(hCryptProv, 0)))MyHandleError(TEXT("Error during CryptReleaseContext"));}printf("The program to derive a key completed without error. \n");
} // end main
實(shí)驗(yàn)2`````````````````````````````
/*這個(gè)程序演示了以下內(nèi)容和幾個(gè)函數(shù)。一. 用CryptAcquireContext獲取一個(gè)缺省容器的缺省CSP的句柄。如果缺省容器不存在,用CryptAcquireContext創(chuàng)建一個(gè)。二. 用CryptGetProvParam獲取CSP和容器的信息。三. 用CryptContextAddRef增加CSP的引用計(jì)數(shù)器的數(shù)值。四. 用CryptAcquireContext創(chuàng)建一個(gè)指定的容器五. 用CryptAcquireContext刪除一個(gè)容器六. 用一個(gè)新創(chuàng)建的容器獲取一個(gè)CSP的句柄。
*/
#include <stdio.h>
#include "stdafx.h"
#include <tchar.h>
#include <windows.h>
#include <Wincrypt.h>void MyHandleError(LPTSTR psz)
{_ftprintf(stderr, TEXT("An error occurred in the program. \n"));_ftprintf(stderr, TEXT("%s\n"), psz);_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());_ftprintf(stderr, TEXT("Program terminating. \n"));exit(1);
} // End of MyHandleError.void main(void)
{HCRYPTPROV hCryptProv; //定義CSP句柄if(CryptAcquireContext(&hCryptProv, NULL, //缺省容器NULL, //缺省CSPPROV_RSA_FULL, 0)) {_tprintf(TEXT("CryptAcquireContext succeeded.\n"));}else{if (GetLastError() == NTE_BAD_KEYSET) //同樣,如果當(dāng)不存在這樣的容器的時(shí)候,創(chuàng)建一個(gè){if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) {_tprintf(TEXT("CryptAcquireContext succeeded.\n"));}else{MyHandleError(TEXT("Could not create the default ")TEXT("key container.\n"));}}else{MyHandleError(TEXT("A general error running ")TEXT("CryptAcquireContext."));}}CHAR pszName[1000];DWORD cbName;cbName = 1000;if(CryptGetProvParam(hCryptProv, //CSP模塊句柄PP_NAME, //指定獲取哪些信息,這里是指定獲取CSP名字的信息(BYTE*)pszName, //緩沖區(qū)接受信息返回值&cbName, 0)){_tprintf(TEXT("CryptGetProvParam succeeded.\n"));printf("Provider name: %s\n", pszName);}else{MyHandleError(TEXT("Error reading CSP name.\n"));}//---------------------------------------------------------------// Read the name of the key container.cbName = 1000;if(CryptGetProvParam(hCryptProv, PP_CONTAINER, //獲取容器名字(BYTE*)pszName, &cbName, 0)){_tprintf(TEXT("CryptGetProvParam succeeded.\n"));printf("Key Container name: %s\n", pszName);}else{MyHandleError(TEXT("Error reading key container name.\n"));}//增加CSP的引用計(jì)數(shù)器的數(shù)值。if(CryptContextAddRef( // CryptContextAddRef是向一個(gè)CSP的引用計(jì)數(shù)器增加一個(gè)值的函數(shù)hCryptProv, NULL, //保留值,必須為NULL0)) //保留值,必須為0{_tprintf(TEXT("CryptcontextAddRef succeeded.\n"));}else{MyHandleError(TEXT("Error during CryptContextAddRef!\n"));}//---------------------------------------------------------------// The reference count on hCryptProv is now greater than one. // The first call to CryptReleaseContext will not release the // provider handle. //---------------------------------------------------------------// Release the context once.if (CryptReleaseContext(hCryptProv, 0)) // CryptReleaseContext是用來釋放CSP句柄的,當(dāng)這個(gè)函數(shù)調(diào)用一次的時(shí)候,CSP里面的引用計(jì)數(shù)就減少一,當(dāng)引用計(jì)數(shù)減少的0的時(shí)候。CSP將不能再被這個(gè)程序中的任何函數(shù)調(diào)用了。{_tprintf(TEXT("The first call to CryptReleaseContext ")TEXT("succeeded.\n"));}else{MyHandleError(TEXT("Error during ")TEXT("CryptReleaseContext #1!\n"));}if (CryptReleaseContext(hCryptProv, 0)) //再次釋放CSP模塊{_tprintf(TEXT("The second call to CryptReleaseContext ")TEXT("succeeded.\n"));}else{MyHandleError(TEXT("Error during ")TEXT("CryptReleaseContext #2!\n"));}//下面是從PROV_RSA_FULL的CSP模塊中創(chuàng)建一個(gè)自己的容器LPCTSTR pszContainerName = TEXT("My Sample Key Container");hCryptProv = NULL;if(CryptAcquireContext(&hCryptProv, pszContainerName,NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) {_tprintf(TEXT("CryptAcquireContext succeeded. \n"));_tprintf(TEXT("New key set created. \n")); //-----------------------------------------------------------// Release the provider handle and the key container.if(hCryptProv){if(CryptReleaseContext(hCryptProv, 0)) {hCryptProv = NULL;_tprintf(TEXT("CryptReleaseContext succeeded. \n"));}else{MyHandleError(TEXT("Error during ")TEXT("CryptReleaseContext!\n"));}}}else{if(GetLastError() == NTE_EXISTS){_tprintf(TEXT("The named key container could not be ")TEXT("created because it already exists.\n"));}else{MyHandleError(TEXT("Error during CryptAcquireContext ")TEXT("for a new key container."));}}if(CryptAcquireContext(&hCryptProv, pszContainerName, NULL, PROV_RSA_FULL,0)) {_tprintf(TEXT("Acquired the key set just created. \n"));}else{MyHandleError(TEXT("Error during CryptAcquireContext!\n"));}//---------------------------------------------------------------// Perform cryptographic operations.//---------------------------------------------------------------if(CryptReleaseContext(hCryptProv, 0)) {_tprintf(TEXT("CryptReleaseContext succeeded. \n"));}else{MyHandleError(TEXT("Error during CryptReleaseContext!\n"));}if(CryptAcquireContext(&hCryptProv, pszContainerName, NULL, PROV_RSA_FULL,CRYPT_DELETEKEYSET)) //CRYPT_DELETEKEYSET意味著CryptAcquireContex刪除一個(gè)指定的容器{_tprintf(TEXT("Deleted the key container just created. \n"));}else{MyHandleError(TEXT("Error during CryptAcquireContext!\n"));}
}
實(shí)驗(yàn)1`````````````````````````````
#include "stdafx.h"
#include <stdio.h>
#include <tchar.h>
#include <windows.h>
#include <Wincrypt.h>/*
任務(wù)一:獲取一個(gè)指定的密鑰容器,如果這個(gè)容器不存在,創(chuàng)建一個(gè)。
任務(wù)二:如果容器中不存在一個(gè)簽名密鑰對,創(chuàng)建一個(gè)
任務(wù)三:如果容器中不存在一個(gè)交換密鑰對,創(chuàng)建一個(gè)
*/
void MyHandleError(LPTSTR psz)
{_ftprintf(stderr, TEXT("An error occurred in the program. \n"));_ftprintf(stderr, TEXT("%s\n"), psz);_ftprintf(stderr, TEXT("Error number %x.\n"), GetLastError());_ftprintf(stderr, TEXT("Program terminating. \n"));exit(1);
} // End of MyHandleError.int _tmain(int argc, _TCHAR* argv[])
{HCRYPTPROV hCryptProv; //定義一個(gè)CSP模塊的句柄。“CSP模塊,請查看《加密解密二》222頁,那里有簡單的說明,這里就不說了。 LPCTSTR pszContainerName = TEXT("My Sample Key Container");//用一個(gè)TEXT宏定義一個(gè)容器的名字,if(CryptAcquireContext( //這個(gè)函數(shù)是獲取有某個(gè)容器的CSP模塊的指針,成功返回TRUE。&hCryptProv, //指向一個(gè)CSP模塊句柄指針,里面用指定的容器pszContainerName, //指定容器的名稱NULL, //這個(gè)參數(shù)這里用的是缺省值,指得是缺省得CSP模塊,你也可以傳入一個(gè)LPCTSTR類型的字符串,指定CSP模塊PROV_RSA_FULL, //確定密鑰的類型0)) //常設(shè)為0,還有些其他的類型,請看MSDN{_tprintf(TEXT("A crypto context with the %s key container ")TEXT("has been acquired.\n"), pszContainerName);}else{ //不成功的處理段if(GetLastError() == NTE_BAD_KEYSET)// NTE_BAD_KEYSET意味著密鑰容器不存在,//下面就去創(chuàng)建一個(gè)//新的密鑰容器{if(CryptAcquireContext(&hCryptProv, pszContainerName, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) // CRYPT_NEWKEYSET意味著當(dāng)指定容器不存在的時(shí)候,去創(chuàng)建一個(gè)容器。{_tprintf(TEXT("A new key container has been ")TEXT("created.\n"));}else{MyHandleError(TEXT("Could not create a new key ")TEXT("container.\n"));}}else{MyHandleError(TEXT("CryptAcquireContext failed.\n"));}}HCRYPTKEY hKey; //創(chuàng)建一個(gè)密鑰句柄if(CryptGetUserKey( // CryptGetUserKey是獲取一個(gè)密鑰//句柄的函數(shù),成功返回TRUEhCryptProv, //指定容器的CSP模塊句柄AT_SIGNATURE, //指定私鑰的類型&hKey)) //原來接收獲取的密鑰句柄{_tprintf(TEXT("A signature key is available.\n"));}else{_tprintf(TEXT("No signature key is available.\n"));if(GetLastError() == NTE_NO_KEY) // NTE_NO_KEY意味著密鑰不存在,下面就生成一個(gè)密鑰{_tprintf(TEXT("The signature key does not exist.\n"));_tprintf(TEXT("Create a signature key pair.\n")); if(CryptGenKey( // CryptGenKey生成一個(gè)密鑰hCryptProv, //指定CSP模塊的句柄AT_SIGNATURE, //對于公鑰密碼系統(tǒng),生成一個(gè)私鑰和一個(gè)公鑰,這個(gè)參數(shù)指定了這個(gè)密鑰是公鑰,于是生成了一個(gè)密碼對。如果不是公鑰系統(tǒng),則指定了密碼算法,具體看MSDN。0, //指定了生成密鑰的類型,這個(gè)參數(shù)的說明挺多的,想獲取更為詳盡的資料請看MSDN。&hKey)) {_tprintf(TEXT("Created a signature key pair.\n"));}else{MyHandleError(TEXT("Error occurred creating a ")TEXT("signature key.\n")); }}else{MyHandleError(TEXT("An error other than NTE_NO_KEY ")TEXT("getting a signature key.\n"));}} // End if._tprintf(TEXT("A signature key pair existed, or one was ")TEXT("created.\n\n"));if(hKey) //將密鑰句柄銷毀{if(!(CryptDestroyKey(hKey))){MyHandleError(TEXT("Error during CryptDestroyKey."));}hKey = NULL;} //下面這部分和上面是類似的,只不過密鑰類型不相同而已。if(CryptGetUserKey(hCryptProv,AT_KEYEXCHANGE,&hKey)) {_tprintf(TEXT("An exchange key exists.\n"));}else{_tprintf(TEXT("No exchange key is available.\n"));// Check to determine whether an exchange key // needs to be created.if(GetLastError() == NTE_NO_KEY) { // Create a key exchange key pair._tprintf(TEXT("The exchange key does not exist.\n"));_tprintf(TEXT("Attempting to create an exchange key ")TEXT("pair.\n"));if(CryptGenKey(hCryptProv,AT_KEYEXCHANGE,0,&hKey)) {_tprintf(TEXT("Exchange key pair created.\n"));}else{MyHandleError(TEXT("Error occurred attempting to ")TEXT("create an exchange key.\n"));}}else{MyHandleError(TEXT("An error other than NTE_NO_KEY ")TEXT("occurred.\n"));}}// Destroy the exchange key.if(hKey){if(!(CryptDestroyKey(hKey))){MyHandleError(TEXT("Error during CryptDestroyKey."));}hKey = NULL;}// Release the CSP.if(hCryptProv){if(!(CryptReleaseContext(hCryptProv, 0))){MyHandleError(TEXT("Error during CryptReleaseContext."));}} _tprintf(TEXT("Everything is okay. A signature key "));_tprintf(TEXT("pair and an exchange key exist in "));_tprintf(TEXT("the %s key container.\n"), pszContainerName); return 0;
}
