用CNG加密文件的简单思路方法来源: 发布时间:星期五, 2009年2月20日 浏览:0次 评论:0
用CNG加密文件 ![]() ![]() 介绍 文中用到了 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() 在安全环境下保存文档 ![]() ![]() ![]() 加密文件 ![]() ![]() 创建软件Software ![]() ![]() 需要注意 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() 背景 我们最初是想在 ![]() ![]() ![]() ![]() 1、 选择加密操作 ![]() 2、 选择需要加密 ![]() ![]() 3、 选择加密密钥 ![]() 相关 ![]() 此处创建了 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() 另外 ![]() ![]() ![]() ![]() 1、 在“C/C ![]() ![]() ![]() ![]() 2、 在“Link——General”项右方 ![]() ![]() ![]() 3、 在“Linker——Input”项右方 ![]() ![]() ![]() ![]() 相关代码 在此使用CNG创建了类CMyCNGCryptFile ![]() EnumProviders:枚举出注册 ![]() ![]() CryptFile:加密或解密 ![]() ![]() GetLastError:返回发生在CryptFile或EnumProviders中 ![]() ![]() ![]() ![]() 相关步骤如下:1、打开算法提供者;2、创建或导入 ![]() ![]() 以下是CNG API: 打开算法提供者: BCryptOpenAlgorithmProvider 导入密钥: BCryptGenerateSymmetricKey 创建密钥: BCryptCreateHash BCryptHashData BCryptFinishHash BCryptGenerateSymmetricKey 获取或设置算法属性: BCryptGetProperty BCryptSetProperty 执行加解密操作: BCryptEncrypt BCryptDecrypt 枚举提供者: BCryptEnumRegisteredProviders 关闭算法提供者: BCryptCloseAlgorithmProvider 销毁密钥: BCryptDestroyKey 销毁哈希: BCryptDestroyHash bool CryptFile(bool bEncrypt, CString sFileToOpen,CString sFileToCrypt,CString sKey) 这是从对话框中 ![]() ![]() ![]() ![]() ![]() ![]() ![]() 1、 用OpenMSPrimitiveProviderAES打开算法提供者 ![]() 2、 用CreateSymmetricKey_AES_CBC创建 ![]() ![]() ![]() ![]() 3、 获取相关文件 ![]() ![]() 4、 通过Crypt执行加解密操作 ![]() ![]() ![]() ![]() 5、 保存加密数据到输出文件 ![]() OpenMSPrimitiveProviderAES思路方法打开 ![]() ![]() ![]() bool CMyCNGCryptFile::OpenMSPrimitiveProviderAES ![]() { NTSTATUS ntStatus = STATUS_UNSUCCESSFUL; ntStatus = BCryptOpenAlgorithmProvider( &m_hAesAlg, BCRYPT_AES_ALGORITHM, NULL, 0); switch (ntStatus) { ![]() ![]() ![]() ![]() default: //... ... } ![]() } CreateSymmetricKey_AES_CBC思路方法获取 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() bool CMyCNGCryptFile::CreateSymmetricKey_AES_CBC(DWORD &cbKeyObject, DWORD &cbIV ) { NTSTATUS ntStatus = STATUS_UNSUCCESSFUL; DWORD cbData = 0; cbKeyObject = 0; cbIV = 0; ntStatus = BCryptGetProperty(m_hAesAlg, BCRYPT_OBJECT_LENGTH, (PBYTE)&cbKeyObject, ![]() ... m_pbKeyObject = (PBYTE)HeapAlloc (GetProcessHeap ![]() ... ntStatus = BCryptGetProperty( m_hAesAlg, BCRYPT_BLOCK_LENGTH, (PBYTE)&cbIV, ![]() ... m_pbIV= (PBYTE) HeapAlloc (GetProcessHeap ![]() memcpy(m_pbIV, rgbIV, cbIV); ntStatus = BCryptSetProperty(m_hAesAlg, BCRYPT_CHAINING_MODE, (PBYTE)BCRYPT_CHAIN_MODE_CBC, ![]() ... ntStatus = BCryptGenerateSymmetricKey(m_hAesAlg, &m_hKey, m_pbKeyObject, cbKeyObject, (PBYTE)rgbAES128Key, ![]() ... ![]() } CreateSymmetricKey_SHA1_Hash思路方法从用户处获取 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() bool CMyCNGCryptFile::CreateSymmetricKey_SHA1_Hash(PCWSTR pwszText, DWORD cbKeyObject) { NTSTATUS ntStatus = STATUS_SUCCESS; BCRYPT_KEY_HANDLE hKey = NULL; DWORD cbHashObject, cbResult; BYTE rgbHash[20]; DWORD cbData = 0; ntStatus = BCryptOpenAlgorithmProvider(&m_hHashAlg, BCRYPT_SHA1_ALGORITHM,NULL,0); ... ntStatus = BCryptGetProperty(m_hAesAlg, BCRYPT_OBJECT_LENGTH, (PBYTE)&cbKeyObject, ![]() ... ntStatus = BCryptGetProperty( m_hHashAlg,BCRYPT_OBJECT_LENGTH, (PBYTE) &cbHashObject, ![]() ... ntStatus = BCryptCreateHash(m_hHashAlg, &m_hHash, m_pbHashObject, cbHashObject, NULL, 0, 0 ); ntStatus = BCryptHashData( m_hHash, (PBYTE)pwszText, (ULONG)wcslen( pwszText), 0); ntStatus = BCryptFinishHash( m_hHash, rgbHash, ![]() ... ntStatus = BCryptGenerateSymmetricKey( m_hAesAlg, &hKey, m_pbKeyObject, cbKeyObject, rgbHash, SYMM_KEY_SIZE_SECRET, 0 ); ... ![]() } Crypt思路方法通过BCryptEncrypt和BCryptDecrypt ![]() ![]() ![]() ![]() ![]() bool CMyCNGCryptFile::Crypt(bool bEncrypt,PUCHAR pbufFileToOpen, ULONG iBytesRead, ULONG cbIV, PBYTE pbufFileToSave, DWORD& iBufToSave) { NTSTATUS ntStatus =STATUS_UNSUCCESSFUL; DWORD cbCipherText = 0; ![]() ntStatus = BCryptEncrypt(m_hKey, pbufFileToOpen, iBytesRead, NULL, m_pbIV, cbIV, pbufFileToSave, iBytesRead, &iBufToSave, 0); ![]() ntStatus = BCryptDecrypt(m_hKey, pbufFileToOpen, iBytesRead, NULL, m_pbIV, cbIV, pbufFileToSave, iBytesRead, &iBufToSave, 0); ... ![]() } CryptLastByte思路方法使用了区别长度 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() bool CMyCNGCryptFile::CryptLastByte(bool bEncrypt,PUCHAR pbufFileToOpen, ULONG iBytesRead, ULONG cbIV, PBYTE pbufFileToSave, DWORD& iBufToSave) { NTSTATUS ntStatus= STATUS_UNSUCCESSFUL; DWORD cbCipherText = 0; ![]() { ntStatus = BCryptEncrypt(m_hKey, pbufFileToOpen, iBytesRead, NULL, m_pbIV, cbIV, NULL, 0, &cbCipherText, BCRYPT_BLOCK_PADDING); ... ntStatus = BCryptEncrypt( m_hKey, pbufFileToOpen, iBytesRead, NULL, m_pbIV, cbIV, pbufFileToSave, cbCipherText, &cbCipherText,BCRYPT_BLOCK_PADDING); iBufToSave = cbCipherText; ... } ![]() { ntStatus = BCryptDecrypt( m_hKey, pbufFileToOpen, iBytesRead, NULL, m_pbIV, cbIV, NULL, 0, &cbCipherText, BCRYPT_BLOCK_PADDING); ... ntStatus = BCryptDecrypt( m_hKey, pbufFileToOpen, iBytesRead, NULL, m_pbIV, cbIV, pbufFileToSave, cbCipherText, &cbCipherText, BCRYPT_BLOCK_PADDING); ... } ![]() } EnumProviders思路方法返回当前计算机上已安装 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() bool CMyCNGCryptFile::EnumProviders(CStringList *lstRegisteredProviders) { ... ntStatus = BCryptEnumRegisteredProviders(&cbBuffer, &pProviders); ... for ( DWORD i = 0; i < pProviders->cProviders; i ![]() { sProvider.Format(_T("%s\n"), pProviders->rgpszProviders[i]); lstRegisteredProviders->AddHead(sProvider); } ![]() { BCryptFreeBuffer(pProviders); } ![]() } ~CMyCNGCryptFile析构 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() CMyCNGCryptFile::~CMyCNGCryptFile ![]() { BCryptCloseAlgorithmProvider(m_hAesAlg,0); BCryptDestroyKey(m_hKey); HeapFree(GetProcessHeap ![]() HeapFree(GetProcessHeap ![]() //Hash BCryptDestroyHash(m_hHash); free(m_pbHashObject); BCryptCloseAlgorithmProvider(m_hHashAlg,0); } 0
相关文章
读者评论发表评论 |