CryptoAPI routine
Overview
The CryptoAPI routine provided will be a "complete" encryption / decryption tool. The program can add to the default CSP to encrypt and decrypt files, sign and verify signatures, and display the performance of the default CSP.
The program has the following command line structure.
USAGE: Encrypt Switch [Arguments]
WHERE SWITCH AND OPTIONAL ARGUMENTS Are ONE OF:
Switch arguments description
/ A [dduser] to add user to csp Table
/ R [emoveuser] to remove User from CSP TABLE
/ E [ncrypt] uf ef [pwd] to encrypt a file
/ D [ecrypt] EF UF [PWD] to Decrypt A file
/ S [IGN] uf sf [desc] to sign a file
/ V [Erify] uf sf [desc] to verify a signed file
/ C [sp] to show CSP statistics
And uf = name of an unencrypted file
EF = name of an encrypted file
sf = name of a sign file
PWD = Optional Password
DESC = Optional Signature Description
Encoding problem
When writing this article, it is necessary to explicitly define a specific constant in the routine because the encrypted API header file (WinCrypt.h) uses the _WIN32_Winnt constant to detect which Windows NT version is being used. This constant does not define it while I write this routine. Although the current compiler still does not define it. Defining this constant code does not compile errors, you can remove it after defining it in the later compiler.
The API function CRYPTACQUIRECONTEXT has an unduminated constant value MS_DEF_PROV. This constant is used to refer to the default CSP. This value is used in the / adduser command line switch. This allows the program to use any installed CSP, do not need to know its name.
Increase or delete a user
/ Adduser and / RemoverUser switch is used to increase or delete a default encrypted client. To make other encryption functions, the / addUser switch must be called first.
The following series of operations will be executed:
A default demon container is created a digital signing secret to create a secret in the secret container is created in the secret container.
This operation only needs to be executed, unless the operating system is reloaded. If the default dense container is created with the secret, then use this switch again.
Run from the command line / adduser switch is as follows:
Encrypt / adduser
Run from the command line / RemoveUser switch is as follows:
Encrypt / Removeuser
Encryption or decryption file
/ Encrypt switch is used to encrypt files. After the file encrypted by this switch, you can decrypted by / decrypt switch.
Note: In order to create a secret container for the default user, you must call / add / addUser switch before any encryption.
Run from the command line / Encrypt switch is as follows:
Encrypt / Encrypt
Encrypt / Decrypt
Signature and verify files
/ Sign switch is used for signature files. After the file signed by this switch, you can verify it through the / verify switch.
Note: In order to create a secret container for the default user, you must call / add / addUser switch before any encryption.
Run from the command line / SIGN switch is as follows:
Encrypt / Sign
The / verify switch is using the same parameter using / SIGN. If the source file content, signature file, or description strings have changed from the file sign, an error will be reported.
Display statistics of CSP
The / CSP switch lists the algorithms supported by the default PROV_RSA_FULL provider. The Microsoft RSA Base Provider is included by default, which is included in the operating system.
Note: In order to create a secret container for the default user, you must call / add / addUser switch before any encryption.
Run from the command line / CSP switch is as follows:
Encrypt / CSP
In addition, in order to list the names of each supported algorithm, this switch is also listed:
The dense length used by the algorithm (encrypted, hash, secret exchange, signature) algorithm (the hash algorithm is the number of bits of the hash value)
Algorithm marker of the algorithm. In order to create a dense or hash to create a specific algorithm, this value can be passed to the appropriate encryption API function.
in conclusion
This article shows you how to encrypt and decrypt files, how to sign and verify files. Encryption API can also be used to implement a security environment. Given the powerful safety performance provided by Microsoft in the API, I strongly recommend that you use it on the security message, but don't forget the password encrypted your data. If you forget, then you can't find it back. In future articles, I will show you how to encrypt data, on the Internet or in other transmission methods. In that, enjoy "Keeping A Secret!". Translation: The downloaded routines need to be modified and wrong in the following, my environment VC6 SP5 WinXP Professional
1. Run the downloaded ZIP self-extract file, unzip the code into the working directory, use the VC6 to open Encrypt.mdp, prompt to convert the project file to VS6 format
2. After deleting the CRYPTERR.CPP file from the FileView, retroduce, solve the problem of this file in this file in this file
3, manually created and add stdafx.h with stdafx.cpp pre-processing files to the FileView. It is best to copy directly from other projects, delete the content used in this project.
Add a pre-processed header file at the top of Crypterr.cpp, Cencrypt.cpp, main.cpp file
#include "stdafx.h"
4. In the CRYPTERR.H file, define the definition of NT versions
#ifndef _win32_winnt
#define _win32_winnt 0x0400
#ENDIF
Add a definition of NT versions in stdafx.h
#define _win32_winnt 0x0400
5, the program is in the Cencrypt class in the CSP, and the cencrypt :: statistics () function
Put the statement
IF (! :: cryptgetpram (this-> m_hcryptprovider, pp_enumalgs, pbdata, & dwdatalen, 0)))
The last parameter 0 is changed to dwflags, and the modified statement is as follows:
IF (! :: cryptgetpram (this-> m_hcryptprovider, pp_enumalgs, pbdata, & dwdatalen, dwflags))
6, run the program, and use various switches to view the results
