Diffie-Hellman 应用，利用CryptAPI实现DH算法的应用

// --------------------------------------------------------------------------- #pragma hdrstop #include "dh.h" // --------------------------------------------------------------------------- #pragma package(smart_init) __fastcall TDH::TDH(String algorithm) { hCryptProv = NULL; hPrivateKey = NULL; hSessionKey = NULL; dwPublicKeyLen = 0; P.cbData = DHKEYSIZE / 8; P.pbData = (BYTE*)(g_rgbPrime); G.cbData = DHKEYSIZE / 8; G.pbData = (BYTE*)(g_rgbGenerator); if (algorithm == "RC4") Algid = CALG_RC4; else if (algorithm == "DES") Algid = CALG_DES; else if (algorithm == "3DES") Algid = CALG_3DES; } __fastcall TDH::~TDH() { if (pbKeyBlob) delete[]pbKeyBlob; if (hCryptProv) { CryptDestroyKey(hPrivateKey); hPrivateKey = NULL; } if (hSessionKey) { CryptDestroyKey(hSessionKey); hSessionKey = NULL; } if (hCryptProv) { CryptReleaseContext(hCryptProv, 0); hCryptProv = NULL; } } bool TDH::GenKey() { // 获取csp环境 if (!CryptAcquireContext(&hCryptProv, NULL, MS_ENH_DSS_DH_PROV, PROV_DSS_DH, CRYPT_VERIFYCONTEXT)) { strErrorMessage = "cryptAcquireContext error, getlasterror=" + String(GetLastError()); return false; } // 生成密钥对 if (!CryptGenKey(hCryptProv, CALG_DH_EPHEM, DHKEYSIZE << 16 | CRYPT_EXPORTABLE | CRYPT_PREGEN, &hPrivateKey)) { strErrorMessage = "CryptGenKey error, getlasterror=" + String(GetLastError()); return false; } if (!CryptSetKeyParam(hPrivateKey, KP_P, (PBYTE) & P, 0)) { strErrorMessage = "CryptSetKeyParam kp_p error, getlasterror=" + String(GetLastError()); return false; } if (!CryptSetKeyParam(hPrivateKey, KP_G, (PBYTE) & G, 0)) { strErrorMessage = "CryptSetKeyParam kp_G error, getlasterror=" + String(GetLastError()); return false; } if (!CryptSetKeyParam(hPrivateKey, KP_X, NULL, 0)) { strErrorMessage = "CryptSetKeyParam kp_X error, getlasterror=" + String(GetLastError()); return false; } // DWORD LX1; // CryptGetKeyParam(hPrivateKey, KP_KEYVAL, pbData, & LX1, 0); // 导出1的公钥 if (!CryptExportKey(hPrivateKey, NULL, PUBLICKEYBLOB, 0, NULL, &dwPublicKeyLen)) { strErrorMessage = "export key error ,getlasterror=" + String(GetLastError()); return false; } pbKeyBlob = new BYTE[dwPublicKeyLen]; if (!CryptExportKey(hPrivateKey, 0, PUBLICKEYBLOB, 0, pbKeyBlob, &dwPublicKeyLen)) { strErrorMessage = "export key error ,getlasterror=" + String(GetLastError()); return false; } return true; } BYTE *TDH::GetPublicKey() { return pbKeyBlob; } int TDH::GetPublicKeyLen() { return dwPublicKeyLen; } bool TDH::ImportOtherPublicKey(BYTE *pubkey, int pubkeylen) { // 导入对方密钥，计算出会话Session // party 2 导入1的公钥得到 会话密钥1 if (!CryptImportKey(hCryptProv, pubkey, pubkeylen, hPrivateKey, 0, &hSessionKey)) { strErrorMessage = "CryptImportKey error ,getlasterror=" + String(GetLastError()); return false; } // 将会话密钥1转化为对称密钥 if (!CryptSetKeyParam(hSessionKey, KP_ALGID, (PBYTE) & Algid, 0)) { strErrorMessage = "CryptSetKeyParam error ,getlasterror=" + String(GetLastError()); return false; } return true; } DWORD TDH::GetCryptedLen(DWORD srclen) { // 获取加密后的长度 DWORD dwLength = srclen; if (!CryptEncrypt(hSessionKey, 0, TRUE, 0, NULL, &dwLength, srclen)) { strErrorMessage = "CryptEncrypt get length error ,getlasterror=" + String(GetLastError()); return 0; } return dwLength; } bool TDH::CryptedData(BYTE *data, DWORD datalen, DWORD databufferlen) { // 加密数据，加密后的数据还是放在data缓冲区中,可能加密后的数据要大 // 所以dababufferlen可能要比datalen大，免得缓冲区溢出 // 可在调用前先调用getcryptedlen来获得加密后的长度 if (!CryptEncrypt(hSessionKey, 0, TRUE, 0, data, &datalen, databufferlen)) { strErrorMessage = "CryptEncrypt error ,getlasterror=" + String(GetLastError()); return false; } return true; } bool TDH::DecryptData(BYTE *data, DWORD &datalen) { // datalen进来的是加密数据的大小，执行结束后，是解密后的数据的大小 if (!CryptDecrypt(hSessionKey, 0, TRUE, 0, data, &datalen)) { strErrorMessage = "CryptDecrypt error ,getlasterror=" + String(GetLastError()); return false; } return true; } String TDH::GetLastErrorMessage() { return strErrorMessage; }