Click here to Skip to main content
15,846,342 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
My objective is to encrypt a string from Unicode application and store it to the windows registry and fetch that registry value in other application, decrypt it. I can successfully add registry key but DON'T KNOW HOW TO ENCRYPT STRINGS... please help me as soon as possible...
I spent days looking for proper guide to encrypt strings (passwords,physical path to folders, flags) but I'm still unsuccessful. I successfully Implemented following code but Since I have to use encrypted string in other application this code failed... PLEASE HELP ME :(

C++
// Encrypt data from DATA_BLOB DataIn to DATA_BLOB DataOut.

//--------------------------------------------------------------------
// Declare and initialize variables.

DATA_BLOB DataIn;
DATA_BLOB DataOut;
BYTE *pbDataInput =(BYTE *)password;
DWORD cbDataInput = strlen((char *)pbDataInput)+1;

//--------------------------------------------------------------------
// Initialize the DataIn structure.

	DataIn.pbData = pbDataInput;    
	DataIn.cbData = cbDataInput;

//--------------------------------------------------------------------
//  Begin protect phase. Note that the encryption key is created
//  by the function and is not passed.

if(CryptProtectData(&DataIn,
	L"This is the description string.", // A description string to be included with the encrypted data. 
	NULL,                               // Optional entropy not used.
	NULL,                               // Reserved.
	NULL,                               // Pass NULL for the prompt structure.
	0,
	&DataOut));




Thank you
Sumit
Posted
Updated 1-Mar-12 2:27am
v2

Lots of suggestions can be found here[^].
 
Share this answer
 
I have solved your issue... Please find the updated code below which encrypts and decrypts as you need. The problem was the length which you were taking.. You were trying to encrypt Unicode text but using strlen which always return you
length 2. So text which goes for encryption has only 2 bytes but which was different from actual bytes it needed.. :) Enjoy

void main()
{
        wchar_t password[] = L"Hello world of data protection.";
	DATA_BLOB DataIn;
	DATA_BLOB DataOut;
	DATA_BLOB DataVerify;
	LPWSTR pDescrOut = NULL;
	BYTE *pbDataInput =(BYTE *)password;
	DWORD cbDataInput = wcslen(password)*2+1;
	DataIn.pbData = pbDataInput;    
	DataIn.cbData = cbDataInput;


	if(CryptProtectData(
		 &DataIn,
		 L"This is the description string.", // A description string. 
		 NULL,                               // Optional entropy
											 // not used.
		 NULL,                               // Reserved.
		 NULL,                      // Pass a PromptStruct.
		 0,
		 &DataOut))
	{
		 printf("The encryption phase worked. \n");
	}
	else
	{
		printf("Encryption error!");
	}
	
	//-------------------------------------------------------------------
	//   Begin unprotect phase.

	if (CryptUnprotectData(
			&DataOut,
			&pDescrOut,
			NULL,                 // Optional entropy
			NULL,                 // Reserved
			NULL,        // Optional PromptStruct
			0,
			&DataVerify))
	{
		 printf("The decrypted data is: %S\n", DataVerify.pbData);
		 printf("The description of the data was: %S\n",pDescrOut);
	}
	else
	{
		MyHandleError("Decryption error!");
	}
	//-------------------------------------------------------------------
	//  Clean up.

	LocalFree(pDescrOut);
	LocalFree(DataOut.pbData);
	LocalFree(DataVerify.pbData);
}
 
Share this answer
 
v2
I solved this issue using Crypto APIs..


Go to..

http://msdn.microsoft.com/en-us/library/windows/desktop/aa379924%28v=vs.85%29.aspx[^]

Here is the basic steps to encrypt/decrypt data using Crypto APIs

[Step-1] Initiating the Cryptography Service Provider (CSP): CryptAcquireContext, CryptReleaseContext
The CryptAcquireContext function is used to obtain a handle to a particular key container within a particular CSP. This returned handle can then be used to make calls to the selected CSP.

At the end of encryption/decryption you can call the CryptReleaseContext function to release the handle returned from a call to CryptAcquireContext.

[Step-2] Hashing Data: CryptCreateHash, CryptHashData, CryptGetHashParam, and CryptDestroyHash
"hashing" or "hash," refers to the method or algorithm used to derive a numeric value from a piece of data. In our case we will derive a numeric value (Hash) from our password which will be used to encrypt/decrypt the data and then this Hash value will be used to generate session key which we will see in the next step.

To get hash value from Password first create a hash object using CryptCreateHash then you can call CryptHashData to get hash value derived from your password.

[Step-3] Generating Keys: CryptDeriveKey, CryptGenKey, CryptDestroyKey
These three functions are the ones used to generate handles to keys:

The CryptDeriveKey function is used to generate a key from a specified password.
The CryptGenKey function is used to generate a key from random generated data.
The CryptDestroyKey function is used to release the handle to the key object.


[Step-4] Encrypting and Decrypting Data: CryptEncrypt, CryptDecrypt
In this step you prepare Buffer for Plain text or Cipher text (Encrypted text) for CryptEncrypt/CryptDecrypt call and then you can call CryptEncrypt for encryption or CryptDecrypt for decryption.

[Step-5] Cleanup : CryptDestroyKey, CryptDestroyHash, CryptReleaseContext
Once you are done with encryption/decryption you have to do cleanup of resources taken by Crypto Apis. Cleanup requires the following steps
- Destroy session key using CryptDestroyKey
- Destroy key exchange key handle using CryptDestroyKey
- Destroy hash object using CryptDestroyHash
- Release Context provider handle using CryptReleaseContext
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900