示例 C 程序:导出会话密钥
以下示例创建一个随机会话密钥并创建一个可导出 密钥 BLOB。 该示例演示如何使用 CryptGetUserKey、 CryptExportKey 和相关函数。
此示例演示以下任务和 CryptoAPI 函数:
- 使用 CryptAcquireContext 获取 CSP 上下文。
- 使用 CryptGetUserKey 获取对两对不同公钥/私钥的访问权限。
- 使用 CryptGenKey 生成可导出的会话密钥。
- 使用 CryptExportKey 创建包含会话密钥的简单密钥 BLOB。
- 使用 CryptDestroyKey 销毁会话密钥并访问两对公钥/私钥。
- 使用 CryptReleaseContext 释放 CSP 上下文。
此示例使用函数 MyHandleError。 此示例中包含此函数的代码。 此函数和其他辅助函数的代码也列在常规用途函数下。
//--------------------------------------------------------------------
// Copyright (C) Microsoft. All rights reserved.
// This example program creates a session key and a simple key
// BLOB holding that session key. The key BLOB can be written to disk
// and later read from a disk file.
#pragma comment(lib, "crypt32.lib")
#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
void MyHandleError(char *s);
void main(void)
{
//--------------------------------------------------------------------
// Declare and initialize variables.
HCRYPTPROV hProv; // CSP handle
HCRYPTKEY hSignKey; // Signature key pair handle
HCRYPTKEY hXchgKey; // Exchange key pair handle
HCRYPTKEY hKey; // Session key handle
BYTE *pbKeyBlob; // Pointer to a simple key BLOB
DWORD dwBlobLen; // The length of the key BLOB
//--------------------------------------------------------------------
// Acquire a cryptographic provider context handle.
if(CryptAcquireContext(
&hProv,
NULL,
NULL,
PROV_RSA_FULL,
0))
{
printf("The CSP has been acquired. \n");
}
else
{
MyHandleError("Error during CryptAcquireContext.");
}
//--------------------------------------------------------------------
// Get a handle to the signature key.
// The signature key must exist before it can be retrieved. For more
// information, see the CryptGetUserKey documentation.
if(CryptGetUserKey(
hProv,
AT_SIGNATURE,
&hSignKey))
{
printf("The signature key has been acquired. \n");
}
else
{
MyHandleError("Error during CryptGetUserKey for signkey.");
}
//--------------------------------------------------------------------
// Get a handle to the key exchange key.
// The key must exist before it can be retrieved. For more
// information, see the CryptGetUserKey documentation.
if(CryptGetUserKey(
hProv,
AT_KEYEXCHANGE,
&hXchgKey))
{
printf("The key exchange key has been acquired. \n");
}
else
{
printf("Error during CryptGetUserKey exchange key.");
}
// hSignKey may be used to verify a signature. hXchgKey will be used
// to export a session key.
//--------------------------------------------------------------------
// Generate a session key.
if (CryptGenKey(
hProv,
CALG_RC4,
CRYPT_EXPORTABLE,
&hKey))
{
printf("Original session key is created. \n");
}
else
{
MyHandleError("ERROR -- CryptGenKey.");
}
// Determine the size of the key BLOB and allocate memory.
if(CryptExportKey(
hKey,
hXchgKey,
SIMPLEBLOB,
0,
NULL,
&dwBlobLen))
{
printf("Size of the BLOB for the session key determined. \n");
}
else
{
MyHandleError("Error computing BLOB length.");
}
if(pbKeyBlob = (BYTE*)malloc(dwBlobLen))
{
printf("Memory has been allocated for the BLOB. \n");
}
else
{
MyHandleError("Out of memory. \n");
}
//--------------------------------------------------------------------
// Export the key into a simple key BLOB.
if(CryptExportKey(
hKey,
hXchgKey,
SIMPLEBLOB,
0,
pbKeyBlob,
&dwBlobLen))
{
printf("Contents have been written to the BLOB. \n");
}
else
{
MyHandleError("Error during CryptExportKey.");
}
//--------------------------------------------------------------------
// At this point, other processing such as writing the key BLOB to
// a file could be done.
//--------------------------------------------------------------------
// After all processing, clean up.
//--------------------------------------------------------------------
// Free the memory used by the key BLOB.
free(pbKeyBlob);
// Destroy the session key.
if(hKey)
CryptDestroyKey(hKey);
// Destroy the signature key handle.
if(hSignKey)
CryptDestroyKey(hSignKey);
// Destroy the key exchange key handle.
if(hXchgKey)
CryptDestroyKey(hXchgKey);
// Release the provider handle.
if(hProv)
CryptReleaseContext(hProv, 0);
printf("The program ran to completion without error. \n");
}// End of main
//--------------------------------------------------------------------
// This example uses the function MyHandleError, a simple error
// handling function, to print an error message and exit
// the program.
// For most applications, replace this function with one
// that does more extensive error reporting.
void MyHandleError(char *s)
{
printf("An error occurred in running the program.\n");
printf("%s\n",s);
printf("Error number %x\n.",GetLastError());
printf("Program terminating.\n");
exit(1);
}