示例 C 程序:使用 CryptProtectData
以下示例使用 CryptProtectData 和 CryptUnprotectData 加密和解密数据 BLOB。
此示例演示了以下任务和 CryptoAPI 函数:
- 初始化 CRYPTPROTECT_PROMPTSTRUCT 数据结构。
- 使用 CryptProtectData 加密数据 BLOB。
- 使用 CryptUnprotectData 解密数据。
- 使用 LocalFree 释放分配的内存。
此示例使用 MyHandleError 函数。 此示例中包含此函数的代码。 此函数和其他辅助函数的代码也列在常规用途函数下。
以下示例演示如何保护数据。
#pragma comment(lib, "crypt32.lib")
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
void MyHandleError(char *s);
void main()
{
// Copyright (C) Microsoft. All rights reserved.
// Encrypt data from DATA_BLOB DataIn to DATA_BLOB DataOut.
// Then decrypt to DATA_BLOB DataVerify.
//-------------------------------------------------------------------
// Declare and initialize variables.
DATA_BLOB DataIn;
DATA_BLOB DataOut;
DATA_BLOB DataVerify;
BYTE *pbDataInput =(BYTE *)"Hello world of data protection.";
DWORD cbDataInput = strlen((char *)pbDataInput)+1;
DataIn.pbData = pbDataInput;
DataIn.cbData = cbDataInput;
CRYPTPROTECT_PROMPTSTRUCT PromptStruct;
LPWSTR pDescrOut = NULL;
//-------------------------------------------------------------------
// Begin processing.
printf("The data to be encrypted is: %s\n",pbDataInput);
//-------------------------------------------------------------------
// Initialize PromptStruct.
ZeroMemory(&PromptStruct, sizeof(PromptStruct));
PromptStruct.cbSize = sizeof(PromptStruct);
PromptStruct.dwPromptFlags = CRYPTPROTECT_PROMPT_ON_PROTECT;
PromptStruct.szPrompt = L"This is a user prompt.";
//-------------------------------------------------------------------
// Begin protect phase.
if(CryptProtectData(
&DataIn,
L"This is the description string.", // A description string.
NULL, // Optional entropy
// not used.
NULL, // Reserved.
&PromptStruct, // Pass a PromptStruct.
0,
&DataOut))
{
printf("The encryption phase worked. \n");
}
else
{
MyHandleError("Encryption error!");
}
//-------------------------------------------------------------------
// Begin unprotect phase.
if (CryptUnprotectData(
&DataOut,
&pDescrOut,
NULL, // Optional entropy
NULL, // Reserved
&PromptStruct, // Optional PromptStruct
0,
&DataVerify))
{
printf("The decrypted data is: %s\n", DataVerify.pbData);
printf("The description of the data was: %S\n",pDescrOut);
}
else
{
MyHandleError("Decryption error!");
}
//-------------------------------------------------------------------
// At this point, memcmp could be used to compare DataIn.pbData and
// DataVerify.pbDate for equality. If the two functions worked
// correctly, the two byte strings are identical.
//-------------------------------------------------------------------
// Clean up.
LocalFree(pDescrOut);
LocalFree(DataOut.pbData);
LocalFree(DataVerify.pbData);
} // End of main
//-------------------------------------------------------------------
// This example uses the function MyHandleError, a simple error
// handling function, to print an error message to the
// standard error (stderr) file and exit the program.
// For most applications, replace this function with one
// that does more extensive error reporting.
void MyHandleError(char *s)
{
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", GetLastError());
fprintf(stderr, "Program terminating. \n");
exit(1);
} // End of MyHandleError