Click here to Skip to main content
Click here to Skip to main content
Go to top

How to use Crypto API in your ASP projects.

, 28 Aug 2001
Rate this:
Please Sign up or sign in to vote.
This article shows how to make one ATL COM component with crypt/decrypt functions and how to use it in ASP programs. It shows also how to register a component in MTS.

Summary

This application uses ATL, MFC, ASP and Crypt API. It will demonstrate how to make an ATL project that provides 2 cryptographic functions, how to use this component in your ASP projects, and how to register the component in MTS. The article also contains a GUI client console for directly testing the cryptographic functions.

This component can be used in Visual Basic, Access or Microsoft SQL.

Introduction

Recently I worked for a financial project regarding the Greek, Cyprus and Romanian stock exchange (www.greekmarkets.com, http://reporter.fasma.ro ). The project was coded mostly using ASP and VB COM, and a few ATL components as a middle tier over a SQL database. The middle tier component that I programmed was built with ATL and uses Crypto API. The idea consists in providing the encrypted data to HTTP, data which is useful for ASP pages. Because of HTTP transport the data is coded in a hexadecimal format.

Overview

First of all, I will show you how to use an ATL-control and how to provide methods that interrogate our component.

  • Create a new ATL COM AppWizard project.

  • Choose Dynamic Link Library (DLL) in the Server Type and check Support MFC and MTS.

  • Add a new ATL object to your classes. Choose Objects->Simple Object from your ATL Object Wizard.

  • In the attributes tab page choose Free option in Threading Model.

  • Now we have a very nice component. It is more important to provide data to other programs by methods or properties. Unfortunately, the Microsoft wizard is a little poor and the user must input manually each parameter and its type.

Details

The simplest way to use cryptographic API and to encrypt your messages is the following:

    // Get handle to user default provider.
         CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0)

This function returns a handle to a particular CSP which includes the specification of a particular key container within the CSP. This key container is either a specifically requested key container or it is the default key container for the currently logged-on user. Note that the second and the third parameters are NULL. This means that our code will generate the same key all the time, independently of the current logged user, and/or if the encrypt was done on a computer and the decrypt on another one.

    // Create hash object.
         CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)

    // Hash password string.
         CryptHashData(hHash, (BYTE *)szLocalPassword, dwLength, 0)

    // Create block cipher session key based on hash of the password.
         CryptDeriveKey(hProv, CALG_RC4, hHash, CRYPT_EXPORTABLE, &hKey)

    // Encrypt data
         CryptEncrypt(hKey, 0, TRUE, 0, pbBuffer, &dwLength, dwLength)

    // Coding the result in hexadecimal format
         HtoA(dest, szPassword, sizeof(TCHAR)*_tcslen(dest) )

It is very easy to use the component in ASP pages (the same in Visual Basic, Access or Microsoft SQL):

 dim myOEncrypt
 dim src, dest

 set myOEncrypt   = Server.CreateObject("EncryptionATL.Encryption.1")


src = "CryptoAPI"
Response.Write "src: "
Response.Write src

Response.Write "Crypt: "
dest = myOEncrypt.Crypt(src)
Response.Write dest

Response.Write "LastError: "
Response.Write myOEncrypt.LastError

Response.Write "Decrypt: "
src = myOEncrypt.Decrypt(dest)
Response.Write src

Response.Write "LastError: "
Response.Write myOEncrypt.LastError

set myOEncrypt = nothing

Installation

  • Copy the DLL under a directory with system execute privilege and register it with regsvr32 command or put it on the MTS. This way is better because if we want to modify the component and register it again, this is possible without restarting the computer - like in cases when using regsvr32 command that "blocks" your dll file.
    • Open the MTS console (if you have NT4) or Component service (Windows 2000). In Computers -> My Computer->COM+ Application choose NewApplication. Give it a name, for example "Crypt";

    • In the new Crypt COM+ application create a new component:

    • And choose your crypto dll file:

    • To modify the properties of the new created component right-click on it:

  • Use directly the dialog console. Input some string in the edit box and click on the button!

  • Copy the directory with asp pages under Web - and just try it !

Note

The program was designed as to use only small strings, with some digits (id's from tables). If you want more, you have to modify the component.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Adrian Bacaianu
Web Developer
Romania Romania
I make programming for over 4 years and extensive experience in C++, ASP, Pascal, MFC, COM+, ATL, TCP/IP, HTTP protocols, XML, XSL, SOAP and SQL.
For the last 2 years i working extensively at the background of financial sites (databases, n tier architecture).
 
I’m available for contracts and/or outsourcing (adrian_bacaianu@yahoo.com).

Comments and Discussions

 
Generalschedule a task every week PinmemberMadhup00120-Mar-09 0:26 
GeneralEncrypt Files PinmemberFraser Booth18-Dec-04 4:52 
Generalgreat thanx! Pinmemberromanych18-May-04 0:56 
Generalsecur ASP code PinmemberRAYANE23-Apr-03 2:04 
Generalhelp me Pinmemberdavid_sha22-Jun-02 14:15 
Generalsome bug in this code.... Pinmemberanalyzer10-Jun-02 19:43 
GeneralFriend!Help me !!!!! Pinmemberdllinjian23-May-02 15:24 
I made a COM Component and the method is :
 
STDMETHODIMP mydll::MailMessager()
{
AFX_MANAGE_STATE(AfxGetStaticModuleState());
CWnd *pWnd = CWnd::FindWindow(NULL,"MailReceiver");
SendMessage(pWnd->m_hWnd,WM_SYSCOMMAND,SC_RESTORE,NULL);

return S_OK;
}
 
In the asp page,I use this component:
<%
Dim myDLL
 
set myDLL = Server.CreateObject("BssDLL.mydll")
myDLL.MailMessager
%>
But the program "MailReceiver" doesn't receive any message,why? Who can help me??? thank you very much!
Cry | :(( Cry | :(( Cry | :(( Cry | :(( Cry | :(( Cry | :(( Cry | :(( Cry | :((
GeneralRe: Friend!Help me !!!!! PinmemberAdrian Bacaianu23-May-02 21:11 
QuestionWhy is that the max length less than 16 ? Pinmemberzj15-Apr-02 20:18 
AnswerRe: Why is that the max length less than 16 ? PinmemberAdrian Bacaianu7-May-02 2:38 
AnswerRe: Why is that the max length less than 16 ? PinmemberAdrian Bacaianu7-May-02 2:41 
QuestionHOW TO USE IT IN VB??? PinmemberXETH31-Mar-02 22:28 
AnswerRe: HOW TO USE IT IN VB??? PinmemberAdrian Bacaianu31-Mar-02 22:35 
GeneralRe: HOW TO USE IT IN VB??? PinmemberXETH30-Apr-02 14:58 
GeneralRe: HOW TO USE IT IN VB??? PinmemberXETH30-Apr-02 16:06 
GeneralRe: HOW TO USE IT IN VB??? PinmemberXETH1-May-02 2:23 
GeneralRe: HOW TO USE IT IN VB??? PinmemberXETH1-May-02 4:52 
AnswerRe: HOW TO USE IT IN VB??? PinmemberAdrian Bacaianu7-May-02 4:10 
Questionhow to edit word or excel online? Pinmemberchi059110-Mar-02 19:14 
QuestionWhy run it in MTS? PinmemberKees Lairstra3-Aug-01 10:32 
AnswerRe: Why run it in MTS? PinmemberAnonymous20-Jun-02 10:09 
QuestionWhy don't you just use CAPI COM? PinmemberDaniel Kopitchinski28-Jul-01 0:42 
AnswerRe: Why don't you just use CAPI COM? PinmemberAnonymous29-Jul-01 8:15 
GeneralRe: Why don't you just use CAPI COM? PinmemberAnonymous20-Aug-01 9:11 
GeneralRe: Why don't you just use CAPI COM? PinmemberPhil Boyd30-Aug-01 6:56 
GeneralRe: Why don't you just use CAPI COM? PinmemberPhil Boyd30-Aug-01 7:34 
GeneralRe: Why don't you just use CAPI COM? PinmemberAnonymous23-May-02 18:46 
AnswerRe: Why don't you just use CAPI COM? PinmemberVinit Shinde11-Feb-02 8:58 
GeneralRe: Why don't you just use CAPI COM? PinsussAnonymous29-Jan-04 10:06 
GeneralATL component PinmemberAdrian Ciutureanu27-Jul-01 2:43 
Generalyour idea PinmemberAnca Rosca27-Jul-01 2:42 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web03 | 2.8.140926.1 | Last Updated 29 Aug 2001
Article Copyright 2001 by Adrian Bacaianu
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid