• CryptoAPI与openssl RSA非对称加密解密(PKCS1 PADDING)交互


    (以下代码中都只做测试用,有些地方没有释放内存...这个自己解决下)

    1.RSA非对称的,首先提供一个供测试用的证书和私钥的数据

    1)pem格式的证书和私钥(公私钥是对应的)的base64编码

    1. void readPriKey(string &a){  
    2.     a =  "-----BEGIN RSA PRIVATE KEY----- ";  
    3.     a.append("MIICXQIBAAKBgQDTFPiHkUX279j7OnK2ToLrwD/QI9N/fL/XoMnW1sBYJdSWs/VP ");  
    4.     a.append("5oywvy6yJ0KMpfYcbRCJh2oRbPw7T9IrSHKdOkhB9PF6qwn90xb3Bk22l1LYZNfw ");  
    5.     a.append("IQKqRjAXctR8GSC5ULBQmZK2T6m50oD5vl6rD6lnmrQyQSZ3tNNRYbxx/QIDAQAB ");  
    6.     a.append("AoGAVqzSzOAzaY3dfHPorMGacvHzgiVj8IKqSAHHP8fZHZkTLXrh7ZhPBzjKFO+Y ");  
    7.     a.append("HSb843lJhB+tx1AIVtaVB57tKLHJSrAjFem6mHV+X+JhMeX358QS0QFbUiKfAK5e ");  
    8.     a.append("AkM1UdihF/3BX47DZUe44ntRqhffwsNGuZs2tB5FPHIpnGUCQQDvuBumamo+4tff ");  
    9.     a.append("oF9Z/iuMJTyDerPgrQbC85ZoHBULLKtnzSUt7pdSsPMMBfImDpquhkLntC+kFV5b ");  
    10.     a.append("yXu2nC5bAkEA4Wr1na+izFxmOnppvOjs7eFnch2THvNsajJ+Yl/jnRGGS5CLccrd ");  
    11.     a.append("JgUm+j91VUitl88XY/GXAUDIobGw/iAAhwJBANZziODekD/D5cVcDhFPDZwpb7Jb ");  
    12.     a.append("ofHcOJFNIv/uJ3FAu/J3lsw5hsxmGnhmFVOwevaoi9AG5RvQNgK9A9zAacMCQQDT ");  
    13.     a.append("PI4qVHp0k2nhBvGra4MLcBymXXyOloJUCjlRKpZ7i/6TNULXQcl3ZYCfJXRolRDH ");  
    14.     a.append("n/NFXxGoxPK+Q2ue2JJlAkBw1Z/1q2f6JYJ8pLBvdBSmOmKvm+O7x5s0csN7DnXf ");  
    15.     a.append("aK1D4/cyCbLdqgogbolQkOwIwUuXLkitW1ldh+MinTMz ");  
    16.     a.append("-----END RSA PRIVATE KEY----- ");  
    17.   
    18. }  
    19.   
    20. void readCert(string &a){  
    21.     a = "-----BEGIN CERTIFICATE----- ";  
    22.     a.append("MIIGVTCCBT2gAwIBAgIKGCyzsAAAAAAAbjANBgkqhkiG9w0BAQUFADA9MRUwEwYK ");  
    23.     a.append("CZImiZPyLGQBGRYFbG9jYWwxEzARBgoJkiaJk/IsZAEZFgNpc3MxDzANBgNVBAMT ");  
    24.     a.append("BldIVUlTUzAeFw0xMjA0MTEwMTMxNThaFw0xMzA0MTEwMTMxNThaMHIxFTATBgoJ ");  
    25.     a.append("kiaJk/IsZAEZFgVsb2NhbDETMBEGCgmSJomT8ixkARkWA2lzczEOMAwGA1UEAxMF ");  
    26.     a.append("VXNlcnMxEjAQBgNVBAMMCeWRqOe7jeemuTEgMB4GCSqGSIb3DQEJARYRemhvdXl1 ");  
    27.     a.append("emh5QDEyNi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANMU+IeRRfbv ");  
    28.     a.append("2Ps6crZOguvAP9Aj0398v9egydbWwFgl1Jaz9U/mjLC/LrInQoyl9hxtEImHahFs ");  
    29.     a.append("/DtP0itIcp06SEH08XqrCf3TFvcGTbaXUthk1/AhAqpGMBdy1HwZILlQsFCZkrZP ");  
    30.     a.append("qbnSgPm+XqsPqWeatDJBJne001FhvHH9AgMBAAGjggOkMIIDoDAdBgNVHQ4EFgQU ");  
    31.     a.append("vjfBpRVvsUsaWnX4dC81QzXu5T4wHwYDVR0jBBgwFoAU++PzmmgpwxErxTVrbJp5 ");  
    32.     a.append("IzqO3RswggECBgNVHR8EgfowgfcwgfSggfGgge6GgbNsZGFwOi8vL0NOPVdIVUlT ");  
    33.     a.append("UyxDTj16c3ktMDIxMWMxNWEyNTIsQ049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNl ");  
    34.     a.append("cnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9aXNzLERDPWxv ");  
    35.     a.append("Y2FsP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1j ");  
    36.     a.append("UkxEaXN0cmlidXRpb25Qb2ludIY2aHR0cDovL3pzeS0wMjExYzE1YTI1Mi5pc3Mu ");  
    37.     a.append("bG9jYWwvQ2VydEVucm9sbC9XSFVJU1MuY3JsMIIBFgYIKwYBBQUHAQEEggEIMIIB ");  
    38.     a.append("BDCBowYIKwYBBQUHMAKGgZZsZGFwOi8vL0NOPVdIVUlTUyxDTj1BSUEsQ049UHVi ");  
    39.     a.append("bGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlv ");  
    40.     a.append("bixEQz1pc3MsREM9bG9jYWw/Y0FDZXJ0aWZpY2F0ZT9iYXNlP29iamVjdENsYXNz ");  
    41.     a.append("PWNlcnRpZmljYXRpb25BdXRob3JpdHkwXAYIKwYBBQUHMAKGUGh0dHA6Ly96c3kt ");  
    42.     a.append("MDIxMWMxNWEyNTIuaXNzLmxvY2FsL0NlcnRFbnJvbGwvenN5LTAyMTFjMTVhMjUy ");  
    43.     a.append("Lmlzcy5sb2NhbF9XSFVJU1MuY3J0MAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgWg ");  
    44.     a.append("MD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIbd/wqC4JYWgbmLGoKIvT+HxNMh ");  
    45.     a.append("gXGE+cJBg4yVdgIBZAIBBjApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQG ");  
    46.     a.append("CisGAQQBgjcKAwQwNQYJKwYBBAGCNxUKBCgwJjAKBggrBgEFBQcDAjAKBggrBgEF ");  
    47.     a.append("BQcDBDAMBgorBgEEAYI3CgMEMDsGA1UdEQQ0MDKgHQYKKwYBBAGCNxQCA6APDA16 ");  
    48.     a.append("c3lAaXNzLmxvY2FsgRF6aG91eXV6aHlAMTI2LmNvbTBEBgkqhkiG9w0BCQ8ENzA1 ");  
    49.     a.append("MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZI ");  
    50.     a.append("hvcNAwcwDQYJKoZIhvcNAQEFBQADggEBABj0xXhayI5JdqbuyAbqNwzGZxt4X102 ");  
    51.     a.append("CFFeTU5jauspQjqEpar+/IQ+r3/vf162bY/lLHLpDarFLbZ9dAC6nqNfnE4gg9r7 ");  
    52.     a.append("p+dbkbzFyBuSTqrzHQ6JgRYSdjwaksHV+uZuP7dfP2HXw4F1T3Ch/7ZKW9+ZlVvd ");  
    53.     a.append("QCygAu0z+TS2e7oRFb+swQLVKda8kPTM/b69+r/xdTHXY6+CkfVAk4oYBB56a9AD ");  
    54.     a.append("t1XOoAUa42fJdit6+7ssLLTZkZLNsQl6qsuTdv64dIMda4C6NnUsKDfjWGa+0vs3 ");  
    55.     a.append("VjVNsUC5jo4qRc4XmBvJIx6e5M420sPj2Gi/+ssgmaXK+zUWzowIoMU= ");  
    56.     a.append("-----END CERTIFICATE----- ");  
    57. }  

    2)CryptoAPI和openssl公私钥保持一致,去掉pem头尾直接用便是,没有加密

      证书的:

    1. void readCertBase64(string &a){  
    2.     a = "MIIGVTCCBT2gAwIBAgIKGCyzsAAAAAAAbjANBgkqhkiG9w0BAQUFADA9MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxEzARBgoJkiaJk/IsZAEZFgNpc3MxDzANBgNVBAMTBldIVUlTUzAeFw0xMjA0MTEwMTMxNThaFw0xMzA0MTEwMTMxNThaMHIxFTATBgoJkiaJk/IsZAEZFgVsb2NhbDETMBEGCgmSJomT8ixkARkWA2lzczEOMAwGA1UEAxMFVXNlcnMxEjAQBgNVBAMMCeWRqOe7jeemuTEgMB4GCSqGSIb3DQEJARYRemhvdXl1emh5QDEyNi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANMU+IeRRfbv2Ps6crZOguvAP9Aj0398v9egydbWwFgl1Jaz9U/mjLC/LrInQoyl9hxtEImHahFs/DtP0itIcp06SEH08XqrCf3TFvcGTbaXUthk1/AhAqpGMBdy1HwZILlQsFCZkrZPqbnSgPm+XqsPqWeatDJBJne001FhvHH9AgMBAAGjggOkMIIDoDAdBgNVHQ4EFgQUvjfBpRVvsUsaWnX4dC81QzXu5T4wHwYDVR0jBBgwFoAU++PzmmgpwxErxTVrbJp5IzqO3RswggECBgNVHR8EgfowgfcwgfSggfGgge6GgbNsZGFwOi8vL0NOPVdIVUlTUyxDTj16c3ktMDIxMWMxNWEyNTIsQ049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9aXNzLERDPWxvY2FsP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIY2aHR0cDovL3pzeS0wMjExYzE1YTI1Mi5pc3MubG9jYWwvQ2VydEVucm9sbC9XSFVJU1MuY3JsMIIBFgYIKwYBBQUHAQEEggEIMIIBBDCBowYIKwYBBQUHMAKGgZZsZGFwOi8vL0NOPVdIVUlTUyxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1pc3MsREM9bG9jYWw/Y0FDZXJ0aWZpY2F0ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwXAYIKwYBBQUHMAKGUGh0dHA6Ly96c3ktMDIxMWMxNWEyNTIuaXNzLmxvY2FsL0NlcnRFbnJvbGwvenN5LTAyMTFjMTVhMjUyLmlzcy5sb2NhbF9XSFVJU1MuY3J0MAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgWgMD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIbd/wqC4JYWgbmLGoKIvT+HxNMhgXGE+cJBg4yVdgIBZAIBBjApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwQwNQYJKwYBBAGCNxUKBCgwJjAKBggrBgEFBQcDAjAKBggrBgEFBQcDBDAMBgorBgEEAYI3CgMEMDsGA1UdEQQ0MDKgHQYKKwYBBAGCNxQCA6APDA16c3lAaXNzLmxvY2FsgRF6aG91eXV6aHlAMTI2LmNvbTBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwDQYJKoZIhvcNAQEFBQADggEBABj0xXhayI5JdqbuyAbqNwzGZxt4X102CFFeTU5jauspQjqEpar+/IQ+r3/vf162bY/lLHLpDarFLbZ9dAC6nqNfnE4gg9r7p+dbkbzFyBuSTqrzHQ6JgRYSdjwaksHV+uZuP7dfP2HXw4F1T3Ch/7ZKW9+ZlVvdQCygAu0z+TS2e7oRFb+swQLVKda8kPTM/b69+r/xdTHXY6+CkfVAk4oYBB56a9ADt1XOoAUa42fJdit6+7ssLLTZkZLNsQl6qsuTdv64dIMda4C6NnUsKDfjWGa+0vs3VjVNsUC5jo4qRc4XmBvJIx6e5M420sPj2Gi/+ssgmaXK+zUWzowIoMU= ";  
    3. }  

    因为尝试私钥没有导入成功,暂且不管,关于这一点待会再说验证交互成功的替换方案


    2.先来看下openssl的RSA实现方案,openssl本身提供了许多的padding方式,

    因为CryptoAPI只提供了PKCS1和OAEP两种补齐方式,默认使用的PKCS1,那这里就用PKCS1来验证吧

    1)首先需要导入证书和私钥,用于后续加密解密,这里就直接采用通过Base64码来导入

    1. EVP_PKEY * importKey(){  
    2.     OpenSSL_add_all_algorithms();  
    3.   
    4.     EVP_PKEY *prikey;  
    5.     string a = "";  
    6.     readPriKey(a);//获取私钥的base64码  
    7.     const char* sPriKey = a.c_str();  
    8.     BIO* bio = BIO_new_mem_buf((void*)sPriKey,strlen(sPriKey));//通过BIO放入内存  
    9.     prikey = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL);//读取bio,获取私钥对象  
    10.     BYTE* sign_value = (BYTE*)malloc(1024);  
    11.     unsigned int len;  
    12.     return prikey;  
    13. }  
    14. EVP_PKEY * importCert(){  
    15.     X509* cert;  
    16.     OpenSSL_add_all_algorithms();  
    17.     string a = "";  
    18.     readCert(a);//证书的base64码  
    19.     const char* sCert = a.c_str();  
    20.     BIO* bio = BIO_new_mem_buf((void*)sCert,strlen(sCert));//存到内存  
    21.     cert = PEM_read_bio_X509(bio,NULL,NULL,NULL);//读取bio,获取证书对象  
    22.   
    23.     EVP_PKEY* evp_pubKey =X509_get_pubkey(cert);//获取证书的公钥  
    24.   
    25.       
    26.     int len;  
    27.     if(evp_pubKey){  
    28.         return evp_pubKey;  
    29.     }  
    30.     else  
    31.         cout << "evp_pubKey == NULL" << endl;  
    32.     return NULL;  
    33. }  


    2)有了公钥,私钥对象,接下来做非对称加密和解密就简单些了

    这里得提下补齐方式,因为和CryptoAPI的补齐方式要保持一致,折腾了许多时间

    CryptoAPI的默认补齐方式是PKCS1,我先以为就是NO_PADDING,结果发现CryptoAPI貌似就没有对NO_PADDING的支持

    openssl有NO_PADDING的支持,如果使用这个方式,最好自己将剩余位全部补上规律的数据,便于解密后容易获取到要的明文

    NO_PADDING就必须明文和密钥大小一样了,1024位RSA对应128字节明文

    PKCS1的得减去11字节存储PKCS1自己的数据,1024位RSA只能加密117字节明文

    OAEP则得减去41字节,只能加密87字节明文

    如果超过大小,当然可以自己去分节处理,这里就不予讨论了


    1. void evelop(EVP_PKEY* evp_pubKey/*公钥对象*/,BYTE** out/*加密结果*/,unsigned int &cOut/*加密结果大小*/,const BYTE* in/*明文*/,unsigned int cIn/*明文大小*/){  
    2.     OpenSSL_add_all_algorithms();  
    3.     bool hasErr = true;  
    4.     EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(evp_pubKey,NULL);  
    5.     if(!ctx)  
    6.         goto err;  
    7.     if(EVP_PKEY_encrypt_init(ctx)<=0)  
    8.         goto err;  
    9.     if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)//设置补齐方式  
    10.         goto err;  
    11.   
    12.     if(EVP_PKEY_encrypt(ctx,NULL,&cOut,in,cIn)<=0)//得到加密的长度,一般都是跟密钥一样长,1024位的RSA密钥就是128字节  
    13.         goto err;  
    14.     *out =(BYTE*) OPENSSL_malloc(cOut);  
    15.     if(!out)  
    16.         goto err;  
    17.   
    18.     if(EVP_PKEY_encrypt(ctx,*out,&cOut,in,cIn)<=0)//得到加密结果  
    19.         goto err;  
    20.     cout << "加密成功!" << endl;  
    21.     hasErr = false;  
    22. err:  
    23.     EVP_PKEY_CTX_free(ctx);  
    24.     if(!hasErr)  
    25.         return;  
    26.     return;  
    27. }  
    28.   
    29. void develop(EVP_PKEY* priKey,BYTE** out,unsigned int &cOut, BYTE* data,unsigned int cData){  
    30.     OpenSSL_add_all_algorithms();  
    31.     bool hasErr = true;  
    32.     EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(priKey,NULL);  
    33.     if(!ctx)  
    34.         goto err;  
    35.     if (EVP_PKEY_decrypt_init(ctx) <= 0)  
    36.         goto err;  
    37.     if(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)//与加密同样的PKCS1补齐  
    38.         goto err;  
    39.     if (EVP_PKEY_decrypt(ctx, NULL, &cOut, data, cData) <= 0)//解密结果大小  
    40.         goto err;  
    41.     *out =(BYTE*) OPENSSL_malloc(cOut);//分配内存  
    42.     if (!out)  
    43.         goto err;  
    44.     if (EVP_PKEY_decrypt(ctx, *out, &cOut, data, cData) <= 0)//得到解密结果  
    45.         goto err;  
    46.     hasErr = false;  
    47. err://输出一些错误信息,偶尔错误信息得不到,只得到一些文件名和所在行,就跑到源代码去找...麻烦死了,如果有好的方案求回复~  
    48.     EVP_PKEY_CTX_free(ctx);  
    49.     if(!hasErr)  
    50.         return;  
    51.     cout << "err in develop" << endl;  
    52.   
    53.     const      char*file,*data1,*efunc,*elib,*ereason,*p;  
    54.   
    55.     int                         line,flags;  
    56.     unsigned long  errn;  
    57.   
    58.   
    59.     errn=ERR_peek_error_line_data(&file,&line,&data1,&flags);  
    60.   
    61.     printf("ERR_peek_error_line_data err : %ld,file :%s,line :%d,data :%s ",errn,file,line,data1);  
    62.   
    63.   
    64. }  


    3)自己测试下上面的代码吧,应该是没问题的

    2.CryptoAPI的RSA非对称加密

    1)首先依然是公私钥数据问题

    这里先看下通过base64导入证书吧,私钥的问题放在第三部分再讨论

    1. PCCERT_CONTEXT  importCryptoCert(string base64Cert){  
    2.     PCCERT_CONTEXT  pCertContext = NULL;   
    3.     int len;  
    4.     BYTE* certEncoded = Base64::base64_decode(base64Cert,len);//BASE64解码,很多方式,先前博文中有代码  
    5.     if(pCertContext = CertCreateCertificateContext(  
    6.         X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,                
    7.         certEncoded,    
    8.         len)) //直接就通过字节数组导入成证书上下文对象了  
    9.     {  
    10.         printf("A new certificate has been created. ");  
    11.   
    12.     }  
    13.     else  
    14.     {  
    15.         printf("A new certificate could not be created. ");  
    16.     }  
    17.     return pCertContext;  
    18. }  

    2)公钥加密,CryptoAPI的公钥加密也做了一些封装,没注意到的话得折腾好长时间

    我使用的CryptEncrypt,而加密结果是以 little-endian  排列的字节数组,openssl则与其相反

    关于CryptoAPI的说明,remark最后一句话,很小的字....

    1. void encryptByPubKey(HCRYPTPROV hProv,PCCERT_CONTEXT cert,BYTE* text,unsigned long &len){  
    2.       
    3.     HCRYPTKEY hKey;  
    4.       
    5.       
    6.     CERT_PUBLIC_KEY_INFO pubKeyInfo = cert->pCertInfo->SubjectPublicKeyInfo;//拿到公钥信息  
    7.   
    8.     if(!CryptImportPublicKeyInfoEx(hProv,X509_ASN_ENCODING,&pubKeyInfo,CALG_RSA_KEYX,0,NULL,&hKey))//导入,获取公钥对象  
    9.     {  
    10.         printf("CryptImportPublicKeyInfoEx error:0X%x. ",GetLastError());  
    11.         return;  
    12.     }  
    13.   
    14.     if(!CryptEncrypt(hKey,NULL,true,0,text,&len,128))//加密,padding参数为0,默认就是PKCS1的,不用管了,最后一个参数为128,是对于1024位RSA密钥,明文text得分配128个字节  
    15.     {  
    16.         printf("CryptEncrypt error:0X%x. ",GetLastError());  
    17.         return;  
    18.     }  
    19. //以下将密文倒序,如果你在openssl倒序了,那这里就不用了,反正CryptoAPI和openssl本身的排列方式就是反的  
    20.     for(int i = 0 ; i < len / 2;i++)  
    21.     {  
    22.         BYTE temp = text[i];  
    23.         text[i] = text[len - i - 1];  
    24.         text[len - i - 1] = temp;  
    25.     }  
    26.       
    27.     printByte(text,len);  
    28. }  

    3)试下这个部分的加密吧,能够被openssl解密就没问题了

    3.以上只试了CryptoAPI加密openssl解密,因为私钥没导入成功的关系,也没时间再去尝试了,暂且换一种替代方案来测试

    如果CryptoAPI解密了CryptoAPI加密的,那这个也是等价的,那干脆直接从windows密钥库获取公私钥,用CryptoAPI直接做加密解密

    从windows库获取证书就不在这讨论了,看下私钥解密的部分

      1. void decryptByPriKey(PCCERT_CONTEXT cert,BYTE* encText,unsigned long len){  
      2.     //将结果再反序一次,用于CryptoAPI自己解密  
      3.     for(int i = 0 ; i < len / 2;i++)  
      4.     {  
      5.         BYTE temp = encText[i];  
      6.         encText[i] = encText[len - i - 1];  
      7.         encText[len - i - 1] = temp;  
      8.     }  
      9.   
      10.     HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hKeyProv;  
      11.     DWORD *dwKeyType;  
      12.     BOOL bFreeKeyProv = FALSE;    
      13.     if(!CryptAcquireCertificatePrivateKey(cert, 0, 0, &hKeyProv, dwKeyType, &bFreeKeyProv))  //获取证书对应的私钥句柄  
      14.     {    
      15.         printf("CryptAcquireCertificatePrivateKey error:0X%x. ",GetLastError());  
      16.         return;  
      17.     }   
      18.   
      19.     HCRYPTKEY hKey;  
      20.     if(!CryptGetUserKey(hKeyProv,AT_KEYEXCHANGE,&hKey))//通过句柄获取私钥对象  
      21.     {  
      22.         printf("CryptGetUserKey error:0X%x. ",GetLastError());  
      23.         return;  
      24.     }  
      25.   
      26.     if(!CryptDecrypt(hKey,NULL,true,0,encText,&len)){//解密,也可以把padding参数换成CRYPT_DECRYPT_RSA_NO_PADDING_CHECK  
      27.         printf("CryptDecrypt error:0X%x. ",GetLastError());  
      28.         return;  
      29.     }  
      30.   
      31.     printByte(encText,len);  
      32. }  
  • 相关阅读:
    【面试】代码默写-DCL单例
    【状态机】SCXML2
    【面试】JVM
    【面试】HashMap
    读取resource下sql脚本并执行
    Maven 二进制资源文件(excel pdf...)部署出错,乱码的解决方案
    【JVM】java内存模型
    【Spring】源码二、IOC
    mapstruct 高级用法
    warning: The iOS Simulator deployment target 'IPHONEOS_DEPLOYMENT_TARGET' is set to 6.0, but the range of supported deployment target versions is 8.0 to 13.2.99.
  • 原文地址:https://www.cnblogs.com/adylee/p/3611577.html
Copyright © 2020-2023  润新知