P
pwalessi1
Hi. I am using the DPAPI and the CryptProtectData method to encrypt a
database password. I need to be able to access my program that
encrypts and decrypts the password from TCL and PHP, so I would like to
write a command line program that accepts a cleartext password and
returns the encrypted string. I'll also have to accept the encrypted
string and return the cleartext password.
The problem that I am having is that I can't figure out how to output
the
DATA_BLOB in such a way that I can store it and then re submit it back
to de-crypt it. I tried writing it to a text file and then reading in
the text file, but that doesn't work.
Any thoughts would be helpful.
I've included my sample prototype below, if that helps. (I'm working
from the MSDN example)
Thanks!
Pat
#include <stdio.h>
#include <windows.h>
#include <wincrypt.h>
#include <iostream>
#include <fstream>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
using namespace std;
void MyHandleError(char *s);
void main()
{
// Copyright (c) Microsoft Corporation. All rights reserved.
// Encrypt data from DATA_BLOB DataIn to DATA_BLOB DataOut.
// Then decrypt to DATA_BLOB DataVerify.
//-------------------------------------------------------------------
// Declare and initialize variables.
DATA_BLOB DataIn;
DATA_BLOB DataOut;
DATA_BLOB DataVerify;
BYTE *pbDataInput =(BYTE *)"Hello world of data protection.";
DWORD cbDataInput = strlen((char *)pbDataInput)+1;
DataIn.pbData = pbDataInput;
DataIn.cbData = cbDataInput;
LPWSTR pDescrOut = NULL;
//-------------------------------------------------------------------
// Begin processing.
printf("The data to be encrypted is: %s\n",pbDataInput);
//-------------------------------------------------------------------
// Begin protect phase.
if(CryptProtectData(
&DataIn,
L"This is the description string.", // A description string.
NULL, // Optional entropy
// not used.
NULL, // Reserved.
NULL, // Pass a PromptStruct.
0,
&DataOut))
{
printf("The encryption phase worked. \n");
ofstream myOutputFile ("output.txt", ios:ut);
for (unsigned int i=0;i<DataOut.cbData;i++){
myOutputFile<<DataOut.pbData+i;
}
myOutputFile.close();
printf( "\n");
}
else
{
MyHandleError("Encryption error!");
}
//-------------------------------------------------------------------
// Begin unprotect phase.
BYTE buffer[10000];
memset (buffer, 0,10000);
int i=0;
ifstream myInputFile ("output.txt", ios::in);
while (myInputFile >> buffer){i++;};
DWORD cbDataOutput = DataOut.cbData;
DataOut.pbData = (BYTE*)&buffer;
DataOut.cbData = DataIn.cbData;
if (CryptUnprotectData(
&DataOut,
&pDescrOut,
NULL, // Optional entropy
NULL, // Reserved
NULL, // Optional PromptStruct
0,
&DataVerify))
{
printf("The decrypted data is: %s\n", DataVerify.pbData);
printf("The description of the data was: %S\n",pDescrOut);
}
else
{
MyHandleError("Decryption error!");
}
//-------------------------------------------------------------------
// At this point, memcmp could be used to compare DataIn.pbData and
// DataVerify.pbDate for equality. If the two functions worked
// correctly, the two byte strings are identical.
//-------------------------------------------------------------------
// Clean up.
LocalFree(pDescrOut);
LocalFree(DataOut.pbData);
LocalFree(DataVerify.pbData);
} // End of main
//-------------------------------------------------------------------
// This example uses the function MyHandleError, a simple error
// handling function, to print an error message to the
// standard error (stderr) file and exit the program.
// For most applications, replace this function with one
// that does more extensive error reporting.
void MyHandleError(char *s)
{
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", GetLastError());
fprintf(stderr, "Program terminating. \n");
exit(1);
} // End of MyHandleError
database password. I need to be able to access my program that
encrypts and decrypts the password from TCL and PHP, so I would like to
write a command line program that accepts a cleartext password and
returns the encrypted string. I'll also have to accept the encrypted
string and return the cleartext password.
The problem that I am having is that I can't figure out how to output
the
DATA_BLOB in such a way that I can store it and then re submit it back
to de-crypt it. I tried writing it to a text file and then reading in
the text file, but that doesn't work.
Any thoughts would be helpful.
I've included my sample prototype below, if that helps. (I'm working
from the MSDN example)
Thanks!
Pat
#include <stdio.h>
#include <windows.h>
#include <wincrypt.h>
#include <iostream>
#include <fstream>
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
using namespace std;
void MyHandleError(char *s);
void main()
{
// Copyright (c) Microsoft Corporation. All rights reserved.
// Encrypt data from DATA_BLOB DataIn to DATA_BLOB DataOut.
// Then decrypt to DATA_BLOB DataVerify.
//-------------------------------------------------------------------
// Declare and initialize variables.
DATA_BLOB DataIn;
DATA_BLOB DataOut;
DATA_BLOB DataVerify;
BYTE *pbDataInput =(BYTE *)"Hello world of data protection.";
DWORD cbDataInput = strlen((char *)pbDataInput)+1;
DataIn.pbData = pbDataInput;
DataIn.cbData = cbDataInput;
LPWSTR pDescrOut = NULL;
//-------------------------------------------------------------------
// Begin processing.
printf("The data to be encrypted is: %s\n",pbDataInput);
//-------------------------------------------------------------------
// Begin protect phase.
if(CryptProtectData(
&DataIn,
L"This is the description string.", // A description string.
NULL, // Optional entropy
// not used.
NULL, // Reserved.
NULL, // Pass a PromptStruct.
0,
&DataOut))
{
printf("The encryption phase worked. \n");
ofstream myOutputFile ("output.txt", ios:ut);
for (unsigned int i=0;i<DataOut.cbData;i++){
myOutputFile<<DataOut.pbData+i;
}
myOutputFile.close();
printf( "\n");
}
else
{
MyHandleError("Encryption error!");
}
//-------------------------------------------------------------------
// Begin unprotect phase.
BYTE buffer[10000];
memset (buffer, 0,10000);
int i=0;
ifstream myInputFile ("output.txt", ios::in);
while (myInputFile >> buffer){i++;};
DWORD cbDataOutput = DataOut.cbData;
DataOut.pbData = (BYTE*)&buffer;
DataOut.cbData = DataIn.cbData;
if (CryptUnprotectData(
&DataOut,
&pDescrOut,
NULL, // Optional entropy
NULL, // Reserved
NULL, // Optional PromptStruct
0,
&DataVerify))
{
printf("The decrypted data is: %s\n", DataVerify.pbData);
printf("The description of the data was: %S\n",pDescrOut);
}
else
{
MyHandleError("Decryption error!");
}
//-------------------------------------------------------------------
// At this point, memcmp could be used to compare DataIn.pbData and
// DataVerify.pbDate for equality. If the two functions worked
// correctly, the two byte strings are identical.
//-------------------------------------------------------------------
// Clean up.
LocalFree(pDescrOut);
LocalFree(DataOut.pbData);
LocalFree(DataVerify.pbData);
} // End of main
//-------------------------------------------------------------------
// This example uses the function MyHandleError, a simple error
// handling function, to print an error message to the
// standard error (stderr) file and exit the program.
// For most applications, replace this function with one
// that does more extensive error reporting.
void MyHandleError(char *s)
{
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", GetLastError());
fprintf(stderr, "Program terminating. \n");
exit(1);
} // End of MyHandleError