#define ENCRYPT_BLOCK_SIZE 8
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
bool DecipherData(BYTE *deinData,int deinLen,
BYTE *deoutData, int &deoutLen,
LPWSTR sePara1,LPWSTR pswzCertSubject)
{
HCRYPTPROV hCryptProv;
HCERTSTORE hStoreHandle;
DWORD dwKeySpec;
// Open the My system certificate store.
hStoreHandle = CertOpenStore(
CERT_STORE_PROV_SYSTEM,
0,
NULL,
CERT_SYSTEM_STORE_LOCAL_MACHINE,
sePara1);
if(!hStoreHandle)
{
return false;
}
PCCERT_CONTEXT pRecipientCert;
// Get the signer's certificate. This certificate must be in the
// My store, and its private key must be available.
pRecipientCert = CertFindCertificateInStore(
hStoreHandle,
MY_ENCODING_TYPE,
0,
CERT_FIND_SUBJECT_STR,
pswzCertSubject,
NULL);
if(!pRecipientCert)
{
return false;
}
DWORD cbEncryptedBlob =*(DWORD*)(deinData +deinLen -sizeof(DWORD));
if(!( CryptAcquireCertificatePrivateKey(
pRecipientCert,
0,
NULL,
&hCryptProv,
&dwKeySpec,
NULL)))
{
return false;
}
HCRYPTKEY hssKey;
PBYTE tempBuffer;
DWORD dwBlockLen;
DWORD dwBufferLen;
DWORD dwPending;
DWORD tempCount;
//--------------------------------------------------------------------
// Decrypt the file with the saved session key.
if(!CryptImportKey(
hCryptProv,
deinData +deinLen -sizeof(DWORD) -cbEncryptedBlob,
cbEncryptedBlob,
0,
0,
&hssKey))
{
return false;
}
//--------------------------------------------------------------------
// The decryption key is now available, either having been imported
// from a BLOB read in from the source file or having been created
// using the password. This point in the program is not reached if
// the decryption key is not available.
//--------------------------------------------------------------------
// Determine the number of bytes to decrypt at a time.
// This must be a multiple of ENCRYPT_BLOCK_SIZE.
dwBlockLen = 1000 - 1000 % ENCRYPT_BLOCK_SIZE;
dwBufferLen = dwBlockLen;
dwPending = deinLen -sizeof(DWORD) -cbEncryptedBlob;
//--------------------------------------------------------------------
// Allocate memory.
if(!(tempBuffer = (BYTE *)malloc(dwBufferLen)))
{
return false;
}
DWORD dwinCursor =0;
do {
tempCount = min(dwPending-dwinCursor , dwBlockLen);
memcpy(tempBuffer, deinData+dwinCursor, tempCount);
dwinCursor +=tempCount;
if(!CryptDecrypt(
hssKey,
0,
dwinCursor == dwPending,
0,
tempBuffer,
&tempCount))
{
return false;
}
memcpy(deoutData+deoutLen,tempBuffer,tempCount);
deoutLen +=tempCount;
}
while(dwinCursor < dwPending);
if(hssKey)
{
CryptDestroyKey(hssKey);
}
//---------------------------------------------------------------
// Clean up.
if(pRecipientCert )
{
CertFreeCertificateContext(pRecipientCert);
}
CertCloseStore(hStoreHandle, 0);
return true;
}
bool ScrambleData(BYTE *seinData,int seinLen,
BYTE *seoutData,int &seoutLen,
LPWSTR sePara1,LPWSTR pswzCertSubject)
{
HCRYPTPROV hCryptProv;
HCRYPTKEY hssKey;
HCRYPTKEY hPubKey;
// Acquire a cryptographic provider context handle.
if(CryptAcquireContext(
&hCryptProv,
NULL,
NULL,
PROV_RSA_FULL,
0))
{
AfxTrace("CryptAcquireContext complete. \n");
}
else
{
return false;
}
// Create a random session key.
if(CryptGenKey(
hCryptProv,
CALG_RC4,
CRYPT_EXPORTABLE,
&hssKey))
{
AfxTrace("A random session key has been created. \n");
}
else
{
return false;
}
DWORD dwBlockLen = 1000 - 1000 % ENCRYPT_BLOCK_SIZE;
DWORD dwBufferLen;
if(ENCRYPT_BLOCK_SIZE > 1)
dwBufferLen = dwBlockLen + ENCRYPT_BLOCK_SIZE;
else
dwBufferLen = dwBlockLen;
DWORD dwinCursor =0;
seoutLen =0;
PBYTE tempBuffer;
DWORD tempCount;
// Allocate memory.
tempBuffer = (BYTE *)malloc(dwBufferLen);
// In a do loop, encrypt the source file, and write to the source file.
do
{
tempCount = min(seinLen-dwinCursor , dwBlockLen);
memcpy(tempBuffer, seinData+dwinCursor, tempCount);
dwinCursor += tempCount;
// Encrypt data.
if(!CryptEncrypt(
hssKey,
0,
dwinCursor == seinLen,
0,
tempBuffer,
&tempCount,
dwBufferLen))
{
return false;
}
memcpy(seoutData+seoutLen,tempBuffer,tempCount);
seoutLen +=tempCount;
}
while(dwinCursor < seinLen);
HCERTSTORE hStoreHandle;
// Open the My system certificate store.
hStoreHandle = CertOpenStore(
CERT_STORE_PROV_SYSTEM,
0,
NULL,
CERT_SYSTEM_STORE_LOCAL_MACHINE,
sePara1);
if(!hStoreHandle)
{
return false;
}
PCCERT_CONTEXT pRecipientCert;
// Get the signer's certificate. This certificate must be in the
// My store, and its private key must be available.
pRecipientCert = CertFindCertificateInStore(
hStoreHandle,
MY_ENCODING_TYPE,
0,
CERT_FIND_SUBJECT_STR,
pswzCertSubject,
NULL);
if(!pRecipientCert)
{
return false;
}
CERT_PUBLIC_KEY_INFO keyinfo = pRecipientCert->pCertInfo->SubjectPublicKeyInfo;
if (!CryptImportPublicKeyInfo (hCryptProv,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
&keyinfo,
&hPubKey))
{
return false;
}
//-------------------------------------------------------------------------
// Export the symmetric key, encrypted with the recipient's public key
DWORD dwKeyBlobLen =0x8000;
PBYTE pbbKeyBlob = (BYTE *)malloc(dwKeyBlobLen);
if (!CryptExportKey (hssKey, hPubKey, SIMPLEBLOB, 0,
pbbKeyBlob,&dwKeyBlobLen))
{
return false;
}
memcpy(seoutData+seoutLen,pbbKeyBlob,dwKeyBlobLen);
seoutLen +=dwKeyBlobLen;
memcpy(seoutData+seoutLen,&dwKeyBlobLen,sizeof(DWORD));
seoutLen += sizeof(DWORD);
//--------------------------------------------------------------------
// Clean up memory.
CertFreeCertificateContext(pRecipientCert);
//--------------------------------------------------------------------
// Destroy the session key.
if(hssKey)
{
CryptDestroyKey(hssKey);
}
//--------------------------------------------------------------------
// Free memory.
if(tempBuffer)
free(tempBuffer);
if(pbbKeyBlob)
free(pbbKeyBlob);
//--------------------------------------------------------------------
// Release the provider handle.
if(hCryptProv)
{
CryptReleaseContext(hCryptProv, 0);
}
return true;
}
Full Version: Code to share.Encrypt and Decrypt Data with session key
Simple, yet it works which is the main thing... 
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.