Click here to Skip to main content
Click here to Skip to main content

Operation Password: CryptoAPI with AES 256

, 19 Jun 2014
Rate this:
Please Sign up or sign in to vote.
Using the Wincrypto in the Windows SDK

Introduction

I had to deal with some cryptography and found not a lot of clean and understandable stuff and so I want to share my results. The GUI is designed for demonstration use, and so the passwords are visible.

Background

Security is a problem of today: criminals, identity thefts and observation is a common news today. Everybody knows the massive observations since the horrible news of honest Edward Snowden, which looks like the Watergate scandal of our times.

I guess that Microsoft complies to US laws and so the government will have some ways to crack these encryption.

Using the Code

The WinCrypto-API is used straightforward because I decided to use the most advanced Algorithm with AES 256. Who wants or needs another algorithm should learn from the MSDN. The best starting point is the startup function CryptAcquireContext.

Next comes the first pitfall. The CryptHashData is somehow tricky, because NOT EVERY algorithm is supported by every provider. And there may be also minor differences between some flavor of Windows (XP and 2003) or even Service packs.

So I have decided to encapsulate the API in a class which can be easily accessed from the outside by creating an object and providing a password. So in my class is some error handling and some cleanup code to close the used handles. To use the Crypto-API, you need the wincrypt-header and the library "advapi32.lib". I like the solution to include both in the implementation file, because then I am done for all configurations and I can also use the file in other projects.

#include <wincrypt.h>
#pragma comment (lib, "advapi32")

The use of my class from outside is very straightforward.

 CryptoApi ca;
 ca.Init(password);

 if( ca.EnCrypt( cryptedBuffer, dataLen, sizeof(cryptedBuffer) ) )
 {
   TRACE( "Encryption success");
   lenEncrypted = dataLen;//store for decryption !!! 
   ctlOutput.SetWindowText(TEXT("The secret is now encrypted"));
}

Take care of the length of the encrypted buffer: it is needed for decryption.

Here is the decryption, which I provided in an extra function and new object.

 CryptoApi ca2;
 ca2.Init(decryptPassword);
 
 DWORD dataLen = lenEncrypted; //is needed for decryption

 if( ca2.DeCrypt( deCryptedBuffer, dataLen ) )
 {
   TRACE( "Decryption success");
   CString csDecrypted;
   memcpy( csDecrypted.GetBufferSetLength(dataLen/sizeof(TCHAR)), deCryptedBuffer, dataLen );//(one char is 2 bytes long)
   csDecrypted.ReleaseBuffer();
   ctlOutput.SetWindowText(TEXT("Decrypted secret is: ") + csDecrypted );
}

For the output, I copied the buffer to CString buffer for a useful output in my GUI.

Points of Interest

As expected, the WinCrypto provided some huzzle. But now in understanding is it a fine way to improve security.

The security stands and falls with the password, so the best way is an individual password. And "top of the pops" is to NOT store the password anywhere. So anybody has a chance to get or guess it.

Very Important hint: The password boxes should have the password style, so the value is hidden. If have chosen normal text style to demonstrate encryption and decryption.

In a public release, the resources should be fixed. In the resource editor, it should look like this:

History

  • Initial version

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

KarstenK
Software Developer
Germany Germany
I am living in germany and now living from programming for some Years. In my spare time I like sports as jogging, playing football (soccer) and basketball.
 
We must take care for our planet, because we and our family has no other. And everybody has to do something for it.

Comments and Discussions

 
QuestionThis was a tip... PinprotectorOriginalGriff18-Jun-14 6:12 
AnswerRe: This was a tip... PinmemberKarstenK19-Jun-14 21:55 
GeneralRe: This was a tip... PinprotectorOriginalGriff19-Jun-14 22:07 
GeneralRe: This was a tip... PinmemberKarstenK19-Jun-14 23:13 
GeneralRe: This was a tip... PinprotectorOriginalGriff19-Jun-14 23:31 
GeneralRe: This was a tip... PinmemberKarstenK20-Jun-14 22:05 
GeneralRe: This was a tip... PinprotectorOriginalGriff20-Jun-14 22:17 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web04 | 2.8.140721.1 | Last Updated 20 Jun 2014
Article Copyright 2014 by KarstenK
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid