对Msn协议的一点点研究

对Msn协议的一点点研究
这个也是好奇msn的协议还是2011年的时候写的, 就在网上找啊找啊, 可惜要不是不能用就是C++代码还有就是不完整, 到最后我也没弄成功,只到了下面这步就挂掉了......

登录成功
<=SBS 0 null
<=MSG Hotmail Hotmail 1261
=>BLP 8 BL
<=BLP 8 BL
=>ADL 9 11 <ml l="1"/>
断开与->64.4.44.92

现在公布出来吧, 代码写得不是很好, 有三个函数是改自某位老大的,不记得地方了,太久没碰了, 现在能不能用我都不知道了
[delphi] view plain copy
1. unit MSNClass;
3. interface
5. uses
6. Windows, Classes, SysUtils, IdTCPConnection, IdTCPClient,
7. xmldom, XMLIntf, msxmldom, XMLDoc, ComObj, Variants, wcrypt2, Forms, CnDebug;
9. type
10. tagMSGUSRKEY = record
11. uStructHeaderSize: ULONG;
12. uCryptMode: ULONG;
13. uCipherType: ULONG;
14. uHashType: ULONG;
15. uIVLen: ULONG;
16. uHashLen: ULONG;
17. uCipherLen: ULONG;
18. aIVBytes: array[0..07] of Byte;
19. aHashBytes: array[0..19] of Byte;
20. aCipherBytes: array[0..71] of Byte;
21. end;
22. TMSGUSERKEY = tagMSGUSRKEY;
23. PMSGUSERKEY = ^TMSGUSERKEY;
24. const
25. STDKEYHDRSIZE = 12;
26. cKeyStdHeader: array[0..11] of Byte = ($08, $02, $00, $00, $03, $66, $00, $00,
27. $18, $00, $00, $00);
29. type
30. TMSN = class(TObject)
31. private
32. //FIdTcp: TIdTCPClient; {连接服务器和收发的}
33. //FXML : TXMLDocument; {xml文档处理}
35. FServer: string; //服务器地址
36. FPort: Integer; //端口
38. FStream: TMemoryStream;
39. FPassport_url: string; //密码登录地址
40. FProtocol: string; //协议
41. FBuildver: string; //编译版本号
42. Fprod_key: string; //应该是个密题之类的
43. Fprod_id: string;
44. //Flogin_method: string; //登录方式
45. // Fclientid: DWORD; //客户id
47. Fpassport_policy: string;
49. //FBinarySecurityToken:string;
50. //FBinarySecret:string;
52. function HtmlSpecialChars(s: string): string;
54. public
55. Fuser: string;
56. Fpassword: string;
57. FBinarySecurityToken: string;
58. FBinarySecret: string;
60. constructor Create(UserName, PassWord: string);
61. destructor Destroy; override;
63. function http_Get(url: PAnsiChar): string;
64. function http_Post(url, Param: PAnsiChar): string;
65. function http_Post2(url, Param: PAnsiChar): Boolean;
66. function PostXMLFile(UserName, Password: string): string;
67. function GetXMLFile: Boolean; //这里应试返回一个结构体
68. function Get_passport_ticket: Boolean;
69. function GetSSOKey(Nonce: string): string;
70. function GenerateLoginBlob(key: string; Challenge: string): string;
71. end;
73. function CryptStringToBinary(pszString: PChar; cchString: DWORD; dwFlags: DWORD;
74. pbBinary: PByte; pcbBinary: PDWORD; pdwSkip: PDWORD; pdwFlags: PDWORD): BOOL;
75. stdcall; external CRYPT32 Name 'CryptStringToBinaryA';
76. function CryptDuplicateKey(hKey: HCRYPTKEY; pdwReserved: PDWORD; dwFlags: DWORD;
77. phKey: PHCRYPTKEY): BOOL; stdcall; external ADVAPI32 Name 'CryptDuplicateKey';
78. function CryptBinaryToString(pbBinary: PByte; cbBinary: DWORD; dwFlags: DWORD;
79. pszString: PChar; pcchString: PDWORD): BOOL; stdcall; external CRYPT32 Name
80. 'CryptBinaryToStringA';
82. //function HMACHash(hProvider: HCRYPTPROV; hKey: HCRYPTKEY;HashAlgId: ALG_ID; pBytesOut: Pointer; dwLengthOut: DWORD; pBytesIn1: PByte; dwLengthIn1: DWORD; pBytesIn2: PByte; dwLengthIn2: DWORD):BooL;stdcall;external 'MSNSSOKey.dll' Name 'HMACHash';
83. //function DeriveLoginKey(key: PByte; dwKeySize: DWORD; magic:string; pOutBytes: PBYTE; dwOutLen: DWORD):BooL;stdcall;external 'MSNSSOKey.dll' Name 'DeriveLoginKey';
85. implementation
87. constructor TMSN.Create(UserName, PassWord: string);
88. begin
89. CoInitializeEx(nil, 2); //nil, 2;
90. Fuser := UserName;
91. Fpassword := PassWord;
92. //Client_Id := $7000800C;
93. FServer := 'messenger.hotmail.com';
94. FPort := 1863;
95. FPassport_url := 'https://login.live.com/RST.srf';
96. FProtocol := 'MSNP15';
97. FBuildver := '8.1.0178';
98. Fprod_key := 'PK}_A_0N_K%O?A9S';
99. Fprod_id := 'PROD0114ES4Z%Q5W';
100. Fpassport_policy := 'MBI_KEY_OLD';
101. FStream := TMemoryStream.Create;
103. {
104. messengerclear.live.com：用于msn的认证
105. messenger.msn.com：msn网页认证
106. contacts.msn.com：Contact server 的认证
107. spaces.msn.com：msn spaces 的认证
108. }
109. end;
111. destructor TMSN.Destroy;
112. begin
113. FStream.Free;
114. //FreeAndNil(FXML);
115. //FreeAndNil(FIdTcp);
116. //FreeAndNil(FIdhtp);
117. //FreeAndNil(FHandle);
118. inherited;
119. end;
121. (*转换特殊字符到html标记*)
123. function TMSN.HtmlSpecialChars(s: string): string;
124. var
125. TEMP: string;
126. begin
127. TEMP := StringReplace(s, '&', '&', [rfReplaceAll]);
128. TEMP := StringReplace(TEMP, '"', '"', [rfReplaceAll]);
129. TEMP := StringReplace(TEMP, '''', ''', [rfReplaceAll]);
130. TEMP := StringReplace(TEMP, '<', '<', [rfReplaceAll]);
131. TEMP := StringReplace(TEMP, '>', '>', [rfReplaceAll]);
132. Result := TEMP;
133. end;
134. (*post操作，保存为string*)
136. function TMSN.http_Post(url, Param: PAnsiChar): string;
137. var
138. PostVar: Variant;
139. begin
140. Result := '';
141. try
142. PostVar := CreateOleObject('MSXML2.XMLHTTP');
143. try
144. PostVar.Open('POST', AnsiString(url), False);
145. PostVar.SetRequestHeader('Accept', 'text/html, */*');
146. PostVar.SetRequestHeader('User-Agent',
147. 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)');
148. PostVar.SetRequestHeader('Accept-Language', 'zh-cn');
149. PostVar.SetRequestHeader('Content-Type', 'text/html');
150. PostVar.SetRequestHeader('Connection', 'keep-Alive');
151. PostVar.Send(AnsiString(Param));
152. //if ChrType = TO_ANSI then
153. // Result := PAnsiChar(Utf8ToAnsi(PostVar.ResponseText))
154. //else
155. Result := AnsiString(PostVar.ResponseText);
156. finally
157. PostVar := Unassigned;
158. end;
159. except
160. on E: Exception do
161. Result := E.message;
162. end;
163. end;
164. (*post操作，保存为流*)
166. function TMSN.http_Post2(url, Param: PAnsiChar): Boolean;
167. var
168. PostVar: Variant;
169. s: PChar;
170. begin
171. Result := False;
172. try
173. PostVar := CreateOleObject('MSXML2.XMLHTTP');
174. FStream.Clear;
175. try
176. PostVar.Open('POST', AnsiString(url), False);
177. PostVar.SetRequestHeader('Accept', 'text/html, */*');
178. PostVar.SetRequestHeader('User-Agent',
179. 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)');
180. PostVar.SetRequestHeader('Accept-Language', 'zh-cn');
181. PostVar.SetRequestHeader('Content-Type', 'text/html');
182. PostVar.SetRequestHeader('Connection', 'keep-Alive');
183. PostVar.Send(AnsiString(Param));
184. s := PChar(AnsiString(PostVar.ResponseText));
185. FStream.Seek(0, soBeginning);
186. FStream.Write(s^, Length(s));
188. Result := True;
189. finally
190. PostVar := Unassigned;
191. end;
192. except
193. on E: Exception do
194. OutputDebugString(PChar(E.Message));
195. //Result := E.message;
196. end;
197. end;
198. (*网络get*)
200. function TMSN.http_Get(url: PAnsiChar): string;
201. var
202. GetVar: Variant;
203. begin
204. Result := '';
205. try
206. GetVar := CreateOleObject('MSXML2.XMLHTTP');
207. try
208. GetVar.Open('GET', AnsiString(url), False);
209. GetVar.SetRequestHeader('Accept', 'text/html, */*');
210. GetVar.SetRequestHeader('User-Agent',
211. 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)');
212. GetVar.SetRequestHeader('Accept-Language', 'zh-cn');
213. GetVar.SetRequestHeader('Content-Type', 'text/html');
214. GetVar.SetRequestHeader('Connection', 'keep-Alive');
215. GetVar.Send('');
216. //if ChrType = TO_ANSI then
217. // Result := PAnsiChar(Utf8ToAnsi(GetVar.ResponseText))
218. //else
219. Result := AnsiString(GetVar.ResponseText);
220. finally
221. GetVar := Unassigned;
222. end;
223. except
225. end;
226. end;
227. (*够造一个xml文档*)
229. function TMSN.PostXMLFile(UserName, Password: string): string;
230. var
231. Param: TStringList;
232. begin
233. Result := '';
234. Param := TStringList.Create;
235. Param.Clear;
236. try
237. Param.Add('<?xml version="1.0" encoding="UTF-8" ?> ');
238. Param.Add('<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" ');
239. Param.Add('xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" ');
240. Param.Add('xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing" xmlns:wssc="http://schemas.xmlsoap.org/ws/2004/04/sc" xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">');
241. Param.Add('<Header>');
242. Param.Add('<ps:AuthInfo xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" Id="PPAuthInfo">');
243. Param.Add(' <ps:HostingApp>{7108E71A-9926-4FCB-BCC9-9A9D3F32E423}</ps:HostingApp> ');
244. Param.Add(' <ps:BinaryVersion>4</ps:BinaryVersion> ');
245. Param.Add(' <ps:UIVersion>1</ps:UIVersion> ');
246. Param.Add(' <ps:Cookies /> ');
247. Param.Add(' <ps:RequestParams>AQAAAAIAAABsYwQAAAAyMDUy</ps:RequestParams> ');
248. Param.Add(' </ps:AuthInfo>');
249. Param.Add('<wsse:Security>');
250. Param.Add('<wsse:UsernameToken Id="user">');
251. Param.Add(' <wsse:Username>' + UserName + '</wsse:Username> ');
252. Param.Add(' <wsse:Password>' + Password + '</wsse:Password> ');
253. Param.Add(' </wsse:UsernameToken>');
254. Param.Add(' </wsse:Security>');
255. Param.Add(' </Header>');
256. Param.Add('<Body>');
257. Param.Add('<ps:RequestMultipleSecurityTokens xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" Id="RSTS">');
258. Param.Add('<wst:RequestSecurityToken Id="RST0">');
259. Param.Add(' <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType> ');
260. Param.Add('<wsp:AppliesTo>');
261. Param.Add('<wsa:EndpointReference>');
262. Param.Add(' <wsa:Address>http://Passport.NET/tb</wsa:Address> ');
263. Param.Add(' </wsa:EndpointReference>');
264. Param.Add(' </wsp:AppliesTo>');
265. Param.Add(' </wst:RequestSecurityToken>');
266. Param.Add('<wst:RequestSecurityToken Id="RST1">');
267. Param.Add(' <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType> ');
268. Param.Add('<wsp:AppliesTo>');
269. Param.Add('<wsa:EndpointReference>');
270. Param.Add(' <wsa:Address>messengerclear.live.com</wsa:Address> ');
271. Param.Add(' </wsa:EndpointReference>');
272. Param.Add(' </wsp:AppliesTo>');
273. Param.Add(' <wsse:PolicyReference URI="MBI_KEY_OLD" /> ');
274. Param.Add(' </wst:RequestSecurityToken>');
275. Param.Add('<wst:RequestSecurityToken Id="RST2">');
276. Param.Add(' <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType> ');
277. Param.Add('<wsp:AppliesTo>');
278. Param.Add('<wsa:EndpointReference>');
279. Param.Add(' <wsa:Address>messenger.msn.com</wsa:Address> ');
280. Param.Add(' </wsa:EndpointReference>');
281. Param.Add(' </wsp:AppliesTo>');
282. Param.Add(' <wsse:PolicyReference URI="?id=507" /> ');
283. Param.Add(' </wst:RequestSecurityToken>');
284. Param.Add('<wst:RequestSecurityToken Id="RST3">');
285. Param.Add(' <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType> ');
286. Param.Add('<wsp:AppliesTo>');
287. Param.Add('<wsa:EndpointReference>');
288. Param.Add(' <wsa:Address>contacts.msn.com</wsa:Address> ');
289. Param.Add(' </wsa:EndpointReference>');
290. Param.Add(' </wsp:AppliesTo>');
291. Param.Add(' <wsse:PolicyReference URI="MBI" /> ');
292. Param.Add(' </wst:RequestSecurityToken>');
293. Param.Add('<wst:RequestSecurityToken Id="RST4">');
294. Param.Add(' <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType> ');
295. Param.Add('<wsp:AppliesTo>');
296. Param.Add('<wsa:EndpointReference>');
297. Param.Add(' <wsa:Address>messengersecure.live.com</wsa:Address> ');
298. Param.Add(' </wsa:EndpointReference>');
299. Param.Add(' </wsp:AppliesTo>');
300. Param.Add(' <wsse:PolicyReference URI="MBI_SSL" /> ');
301. Param.Add(' </wst:RequestSecurityToken>');
302. Param.Add('<wst:RequestSecurityToken Id="RST5">');
303. Param.Add(' <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType> ');
304. Param.Add('<wsp:AppliesTo>');
305. Param.Add('<wsa:EndpointReference>');
306. Param.Add(' <wsa:Address>spaces.live.com</wsa:Address> ');
307. Param.Add(' </wsa:EndpointReference>');
308. Param.Add(' </wsp:AppliesTo>');
309. Param.Add(' <wsse:PolicyReference URI="MBI" /> ');
310. Param.Add(' </wst:RequestSecurityToken>');
311. Param.Add('<wst:RequestSecurityToken Id="RST6">');
312. Param.Add(' <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType> ');
313. Param.Add('<wsp:AppliesTo>');
314. Param.Add('<wsa:EndpointReference>');
315. Param.Add(' <wsa:Address>storage.msn.com</wsa:Address> ');
316. Param.Add(' </wsa:EndpointReference>');
317. Param.Add(' </wsp:AppliesTo>');
318. Param.Add(' <wsse:PolicyReference URI="MBI" /> ');
319. Param.Add(' </wst:RequestSecurityToken>');
320. Param.Add(' </ps:RequestMultipleSecurityTokens>');
321. Param.Add(' </Body>');
322. Param.Add(' </Envelope>');
324. //返回结果
325. Result := Param.Text;
326. finally
327. Param.Free;
328. end;
329. end;
331. (*解析返回来的xml文档*)
333. function TMSN.GetXMLFile: Boolean;
334. var
335. XML: TXMLDocument;
336. Root, Parent, Child, SChild, BinarySecurityTokenNode, BinarySecretNode:
337. IXMLNode;
338. begin
339. Result := False;
340. if FStream.Size > 0 then
341. begin
342. XML := TXMLDocument.Create(Application);
343. try
344. try
345. FStream.SaveToFile('test1.xml');
346. XML.LoadFromStream(FStream);
348. XML.Active := True;
349. Root := XML.DocumentElement;
350. Parent := Root.ChildNodes.First;
351. while Parent <> nil do
352. begin
353. if Parent.NodeName = 'S:Body' then //第二个节点
354. begin
355. Child := Parent.ChildNodes.First;
356. //第一个节点wst:RequestSecurityTokenResponseCollection
357. if Child <> nil then
358. begin
359. SChild := Child.ChildNodes.First; //然后是指向父节点的子节点
360. SChild := SChild.NextSibling; //第一个不是需要的所以下一个
361. while SChild <> nil do
362. begin
363. if SChild.NodeName = 'wst:RequestSecurityTokenResponse' then
364. begin
365. BinarySecurityTokenNode :=
366. SChild.ChildNodes.FindNode('wst:RequestedSecurityToken');
368. BinarySecretNode :=
369. SChild.ChildNodes.FindNode('wst:RequestedProofToken');
370. if (BinarySecurityTokenNode <> nil) and (BinarySecretNode <>
371. nil) then
372. begin
373. FBinarySecurityToken :=
374. BinarySecurityTokenNode.ChildNodes.First.NodeValue;
375. FBinarySecret :=
376. BinarySecretNode.ChildNodes.First.NodeValue;
377. Result := True;
378. end;
379. //临时加上
380. Break;
381. end;
382. SChild := SChild.NextSibling;
383. end;
384. end;
385. Break;
386. end;
387. Parent := Parent.NextSibling;
388. end;
390. XML.Active := False;
391. finally
392. XML.Free;
393. end;
394. except
396. end;
397. end;
398. end;
399. (*取得认证的Key*)
401. function TMSN.Get_passport_ticket: Boolean;
402. var
403. user, password, passport_url: string;
404. begin
405. Result := False;
406. user := Fuser;
407. password := HtmlSpecialChars(Fpassword);
408. passport_url := FPassport_url;
409. try
410. Result :=
411. http_Post2(PChar(passport_url), PChar(PostXMLFile(user, password)));
412. except
413. on E: Exception do
414. OutputDebugString(PChar(E.Message));
415. end;
416. end;
418. (*返回登录的SSO验证*)
420. function TMSN.GetSSOKey(Nonce: string): string;
421. begin
422. Result := GenerateLoginBlob(FBinarySecret, Nonce);
423. end;
425. ///=============================================================================
427. function HMACHash(hProvider: HCRYPTPROV; hKey: HCRYPTKEY; HashAlgId: ALG_ID;
428. pBytesOut: Pointer; dwLengthOut: DWORD; pBytesIn1: PByte; dwLengthIn1: DWORD;
429. pBytesIn2: PByte; dwLengthIn2: DWORD): Boolean;
430. var
431. hHash: HCRYPTHASH;
432. hmcinfo: HMAC_INFO;
433. dwHashSize, dwParamSize: DWORD;
434. begin
435. Result := False;
437. if CryptCreateHash(hProvider, CALG_HMAC, hKey, 0, @hHash) then
438. begin
439. ZeroMemory(@hmcinfo, sizeof(HMAC_INFO));
440. hmcinfo.HashAlgid := HashAlgId;
441. CryptSetHashParam(hHash, HP_HMAC_INFO, PBYTE(@hmcinfo), 0);
442. if CryptHashData(hHash, pBytesIn1, dwLengthIn1, 0) then
443. begin
444. if (dwLengthIn2 <> 0) and (pBytesIn2 <> nil) then
445. CryptHashData(hHash, pBytesIn2, dwLengthIn2, 0);
446. dwParamSize := 4;
447. if CryptGetHashParam(hHash, HP_HASHSIZE, PBYTE(@dwHashSize), @dwParamSize,
448. 0) then
449. begin
450. if dwHashSize <= dwLengthOut then
451. begin
452. dwParamSize := dwLengthOut;
453. if CryptGetHashParam(hHash, HP_HASHVAL, pBytesOut, @dwParamSize, 0)
454. then
455. Result := True;
456. end;
457. end;
458. end;
459. CryptDestroyHash(hHash);
460. end;
461. end;
463. function DeriveLoginKey(key: PByte; dwKeySize: DWORD; magic: string; pOutBytes:
464. PBYTE; dwOutLen: DWORD): Boolean;
465. var
466. hProvider: HCRYPTPROV;
467. hCryptKey1: HCRYPTKEY;
468. pImportKey: array of Byte;
469. bHash1, bHash2, bHash3, bHash4: array[0..19] of Byte;
470. begin
471. Result := False;
472. if CryptAcquireContext(@hProvider, nil, nil, PROV_RSA_FULL, 0) then
473. begin
474. SetLength(pImportKey, dwKeySize + STDKEYHDRSIZE);
475. MoveMemory(pImportKey, @cKeyStdHeader[0], STDKEYHDRSIZE);
476. MoveMemory(@pImportKey[STDKEYHDRSIZE], key, dwKeySize);
477. pImportKey[2] := dwKeySize;
479. if CryptImportKey(hProvider, PByte(pImportKey), dwKeySize + STDKEYHDRSIZE,
480. 0, CRYPT_SF, @hCryptKey1) then
481. begin
482. HMACHash(hProvider, hCryptKey1, CALG_SHA1, @bHash1, 20,
483. PBYTE(PChar(magic)), Length(magic), nil, 0);
484. HMACHash(hProvider, hCryptKey1, CALG_SHA1, @bHash2, 20, @bHash1[0], 20,
485. PBYTE(PChar(magic)), Length(magic));
486. HMACHash(hProvider, hCryptKey1, CALG_SHA1, @bHash3, 20, @bHash1[0], 20,
487. nil, 0);
488. HMACHash(hProvider, hCryptKey1, CALG_SHA1, @bHash4, 20, @bHash3[0], 20,
489. PBYTE(PChar(magic)), Length(magic));
490. if dwOutLen >= 24 then
491. begin
492. MoveMemory(pOutBytes, @Bhash2[0], 20);
493. Inc(pOutBytes, 20);
494. MoveMemory(pOutBytes, @Bhash4[0], 4);
495. Result := True;
496. end;
497. CryptDestroyKey(hCryptKey1);
498. end;
499. SetLength(pImportKey, 0);
500. CryptReleaseContext(hProvider, 0);
501. end;
502. end;
504. function TMSN.GenerateLoginBlob(key: string; Challenge: string): string;
505. var
506. key1, key2, key3: array[0..23] of Byte;
507. hash: array[0..19] of Byte;
508. Randomdata: array[0..7] of Byte;
509. szRet: string;
510. dwBase64Size: DWORD;
511. hProvider: HCRYPTPROV;
513. hCryptKey1, hCryptKey2: HCRYPTKEY;
515. pImportKey: array of Byte;
517. hKeyDupe1, hKeyDupe2: HCRYPTKEY;
518. hHash: HCRYPTHASH;
520. dwMode: DWORD;
522. hmcinfo: HMAC_INFO;
523. dwDataLen, dwData: DWORD;
524. pEncryptBytes: array of Byte;
526. usrkey: tagMSGUSRKEY;
528. buffer: PChar;
529. const
530. CRYPT_STRING_BASE64 = $00000001;
532. begin
533. with usrkey do
534. begin
535. uStructHeaderSize := 28;
536. uCryptMode := CRYPT_MODE_CBC;
537. uCipherType := CALG_3DES;
538. uHashType := CALG_SHA1;
539. uIVLen := sizeof(aIVBytes);
540. uHashLen := sizeof(aHashBytes);
541. uCipherLen := sizeof(aCipherBytes);
542. end;
544. CryptStringToBinary(PChar(key), 0, CRYPT_STRING_BASE64, nil, @dwBase64Size,
545. nil, nil);
546. ASSERT(dwBase64Size <= 24);
547. if dwBase64Size > 24 then
548. begin
549. Result := '';
550. Exit;
551. end;
552. dwBase64Size := 24;
553. CryptStringToBinary(PChar(key), 0, CRYPT_STRING_BASE64, @key1, @dwBase64Size,
554. nil, nil);
556. DeriveLoginKey(@key1[0], 24, 'WS-SecureConversationSESSION KEY HASH', @key2,
557. 24);
558. DeriveLoginKey(@key1[0], 24, 'WS-SecureConversationSESSION KEY ENCRYPTION',
559. @key3, 24);
561. if CryptAcquireContext(@hProvider, nil, nil, PROV_RSA_FULL, 0) then
562. begin
563. SetLength(pImportKey, 24 + STDKEYHDRSIZE);
565. MoveMemory(pImportKey, @cKeyStdHeader[0], STDKEYHDRSIZE);
566. MoveMemory(@pImportKey[STDKEYHDRSIZE], @key2[0], 24);
568. CryptImportKey(hProvider, PByte(pImportKey), 24 + STDKEYHDRSIZE, 0,
569. CRYPT_SF, @hCryptKey2);
571. MoveMemory(@pImportKey[STDKEYHDRSIZE], @key3[0], 24);
573. if CryptImportKey(hProvider, Pbyte(pImportKey), 24 + STDKEYHDRSIZE, 0,
574. CRYPT_SF, @hCryptKey1) then
575. begin
576. CryptDuplicateKey(hCryptKey1, nil, 0, @hKeyDupe1);
577. dwMode := CRYPT_MODE_CBC;
578. CryptSetKeyParam(hKeyDupe1, KP_MODE, @dwMode, 0);
579. if CryptCreateHash(hProvider, CALG_HMAC, hCryptKey2, 0, @hHash) then
580. begin
581. ZeroMemory(@hmcinfo, sizeof(HMAC_INFO));
582. hmcinfo.HashAlgid := CALG_SHA1;
583. CryptSetHashParam(hHash, HP_HMAC_INFO, @hmcinfo, 0);
584. dwDataLen := Length(Challenge);
586. CryptDuplicateKey(hKeyDupe1, nil, 0, @hKeyDupe2);
587. CryptEncrypt(hKeyDupe2, 0, TRUE, 0, nil, @dwDataLen, 0);
588. CryptDestroyKey(hKeyDupe2);
589. if dwDataLen > 0 then
590. begin
591. CryptGenRandom(hProvider, 8, @RandomData);
592. CryptSetKeyParam(hKeyDupe1, KP_IV, @RandomData[0], 0);
593. SetLength(pEncryptBytes, dwDataLen);
594. ZeroMemory(pEncryptBytes, dwDataLen);
595. MoveMemory(pEncryptBytes, PChar(Challenge), Length(Challenge));
597. dwData := Length(Challenge);
598. if CryptEncrypt(hKeyDupe1, hHash, TRUE, 0, PByte(pEncryptBytes),
599. @dwData, dwDataLen) then
600. begin
601. ASSERT(dwData = 72);
602. dwData := 20;
603. //我想死了，检查了N遍都没有检查出来少了下面一句
604. CryptGetHashParam(hHash, HP_HASHVAL, @hash, @dwData, 0);
606. MoveMemory(@usrkey.aIVBytes[0], @RandomData[0], 8);
607. MoveMemory(@usrkey.aHashBytes[0], @hash[0], 20);
608. MoveMemory(@usrkey.aCipherBytes[0], pEncryptBytes, 72);
610. CryptBinaryToString(@usrkey, Sizeof(tagMSGUSRKEY),
611. CRYPT_STRING_BASE64, nil, @dwBase64Size);
612. GetMem(buffer, dwBase64Size);
613. try
614. CryptBinaryToString(@usrkey, sizeof(tagMSGUSRKEY),
615. CRYPT_STRING_BASE64, buffer, @dwBase64Size);
616. szRet := StringReplace(buffer, #13#10, '', [rfReplaceAll]);
617. finally
618. FreeMem(buffer);
619. end;
620. end;
621. SetLength(pEncryptBytes, 0);
622. end;
623. CryptDestroyHash(hHash);
624. end;
625. CryptDestroyKey(hKeyDupe1);
626. CryptDestroyKey(hCryptKey1);
627. end;
628. SetLength(pImportKey, 0);
629. if hCryptKey2 > 0 then
630. CryptDestroyKey(hCryptKey2);
631. CryptReleaseContext(hProvider, 0);
632. end;
633. Result := szRet;
634. end;
636. end.
[delphi] view plain copy
http://blog.csdn.net/zyjying520/article/details/26161653
相关阅读:
Spring Boot 环境变量读取和属性对象的绑定
 SpringMvc（4-1）Spring MVC 中的 forward 和 redirect（转）
shiro实现登录安全认证（转）
史上最全的开发工具类（转）
Shiro权限管理框架详解
 js中退出语句break,continue和return 比较（转）
jQuery获取多种input值的方法（转）
jquery常用方法总结（转）
jQuery常用方法(持续更新)（转）
idea+springboot+freemarker热部署（转）
原文地址：https://www.cnblogs.com/findumars/p/5017774.html