示例 C 程序:导入纯文本键
此 SDK 中的许多函数要求使用 HCRYPTKEY 句柄标识密钥。 如果密钥包含在字节数组中,则可以使用 CryptImportKey 函数创建句柄,如以下示例所示。
此示例演示以下任务和 CryptoAPI 函数:
- 通过调用 CryptAcquireContext 获取加密服务提供程序的句柄。
- 通过调用 CryptImportKey 将纯文本密钥导入 CSP 密钥容器。
- 通过调用 CyptExportKey 从密钥容器导出密钥。
- 将导出的密钥打印到控制台,以验证纯文本密钥是否确实导入到容器中。
- 释放为纯文本键保留的内存。
- 通过调用 CryptReleaseContext 释放 CSP。
#include <stdio.h>
#include <tchar.h>
#include <windows.h>
#include <wincrypt.h>
#pragma comment(lib, "crypt32.lib")
// DesKeyBlob: A plaintext key BLOB stored in a byte array. The
// byte array must have the following format:
// BLOBHEADER hdr;
// DWORD dwKeySize;
// BYTE rgbKeyData [];
BYTE DesKeyBlob[] = {
0x08,0x02,0x00,0x00,0x01,0x66,0x00,0x00, // BLOB header
0x08,0x00,0x00,0x00, // key length, in bytes
0xf1,0x0e,0x25,0x7c,0x6b,0xce,0x0d,0x34 // DES key with parity
};
int _tmain()
{
//--------------------------------------------------------------------
// Declare variables.
//
// hProv: Cryptographic service provider (CSP). This example
// uses the Microsoft Enhanced Cryptographic
// Provider.
// hKey: Key to be used. In this example, you import the
// key as a PLAINTEXTKEYBLOB.
// dwBlobLen: Length of the plaintext key.
// pbKeyBlob: Pointer to the exported key.
HCRYPTPROV hProv = NULL;
HCRYPTKEY hKey = NULL;
DWORD dwBlobLen;
BYTE* pbKeyBlob;
//--------------------------------------------------------------------
// Acquire a handle to the CSP.
if(!CryptAcquireContext(
&hProv,
NULL,
MS_ENHANCED_PROV,
PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT))
{
// If the key container cannot be opened, try creating a new
// container by specifying a container name and setting the
// CRYPT_NEWKEYSET flag.
if(NTE_BAD_KEYSET == GetLastError())
{
if(!CryptAcquireContext(
&hProv,
L"mytestcontainer",
MS_ENHANCED_PROV,
PROV_RSA_FULL,
CRYPT_NEWKEYSET | CRYPT_VERIFYCONTEXT))
{
printf("Error in AcquireContext 0x%08x \n",
GetLastError());
return 1;
}
}
else
{
printf(" Error in AcquireContext 0x%08x \n",GetLastError());
return 1;
}
}
// Use the CryptImportKey function to import the PLAINTEXTKEYBLOB
// BYTE array into the key container. The function returns a
// pointer to an HCRYPTKEY variable that contains the handle of
// the imported key.
if (!CryptImportKey(
hProv,
DesKeyBlob,
sizeof(DesKeyBlob),
0,
CRYPT_EXPORTABLE,
&hKey ) )
{
printf("Error 0x%08x in importing the Des key \n",
GetLastError());
}
// For the purpose of this example, you can export the key and
// print it to verify that the plain text key created above is
// the key that was imported into the CSP.
// Call CryptExportKey once to determine the length of the key.
// Allocate memory for the BLOB, and call CryptExportKey again
// to retrieve the key from the CSP key container.
if(!CryptExportKey(
hKey,
NULL,
PLAINTEXTKEYBLOB,
0,
NULL,
&dwBlobLen))
{
printf("Error 0x%08x computing BLOB length.\n",
GetLastError());
return 1;
}
if(pbKeyBlob = (BYTE*)malloc(dwBlobLen))
{
printf("Memory has been allocated for the BLOB. \n");
}
else
{
printf("Out of memory. \n");
return 1;
}
if(!CryptExportKey(
hKey,
NULL,
PLAINTEXTKEYBLOB,
0,
pbKeyBlob,
&dwBlobLen))
{
printf("Error 0x%08x exporting key.\n", GetLastError());
return 1;
}
DWORD count = 0;
printf("Printing Key BLOB for verification \n");
for(count=0; count < dwBlobLen;)
{
printf("%02x",pbKeyBlob[count]);
count ++;
}
// Free resources.
if(pbKeyBlob)
{
free(pbKeyBlob);
}
if(hProv)
{
CryptReleaseContext(hProv, 0);
}
return 0;
}