调用cryptlib接口3DES对称加密、信封加密、数字签名等

来源：互联网发布：手机淘宝怎么看旺旺id 编辑：程序博客网时间：2024/04/29 14:57
#include<iostream>#include <string>#include "Base.h" //提供base64转码功能using namespace std;#include "cryptlib.h"int main(){cryptInit();        //cryptlib调用前必须执行init，调用完必须执行endcryptEnd();return 0;}/****cryptlib产生自签名证书***/void GenerateKey(){int* keyset;keyset = (int*)malloc(sizeof(int*)); //密钥库上下文int* cryptContext;cryptContext = (int*)malloc(sizeof(int*)); //加密上下文int* cryptCertificate;cryptCertificate = (int*)malloc(sizeof(int*)); //证书上下文int status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_CREATE);//创建密钥库，（CRYPT_KEYOPT_CREATE）status = cryptCreateContext(cryptContext,CRYPT_UNUSED, CRYPT_ALGO_RSA);//RSA算法的密钥上下文status = cryptSetAttributeString(*cryptContext, CRYPT_CTXINFO_LABEL, "test1",5);//密钥标签status = cryptGenerateKey(*cryptContext);status = cryptAddPrivateKey(*keyset, *cryptContext, "1234");//向密钥库添加私钥status = cryptCreateCert(cryptCertificate,CRYPT_UNUSED, CRYPT_CERTTYPE_CERTIFICATE);//创建证书status = cryptSetAttribute(*cryptCertificate, CRYPT_CERTINFO_XYZZY, 1);//设置为简单证书/* Add the public key and certificate owner name and sign the certificate with the private key */status = cryptSetAttribute(*cryptCertificate, CRYPT_CERTINFO_SUBJECTPUBLICKEYINFO, *cryptContext);//证书公钥绑定status = cryptSetAttributeString(*cryptCertificate, CRYPT_CERTINFO_COMMONNAME, "test1",5);//证书CNstatus = cryptSignCert(*cryptCertificate, *cryptContext);//使用私钥自签发证书status =  cryptAddPublicKey(*keyset, *cryptCertificate);//向证书添加公钥status = cryptDestroyCert(*cryptCertificate);status = cryptDestroyContext(*cryptContext);status = cryptKeysetClose(*keyset);}/****从指定密钥库中获取私钥，并签名与验证***/void signature(){/*访问密钥库，获取私钥*/int* keyset;keyset = (int*)malloc(sizeof(int*));int* sigKeyContext;sigKeyContext = (int*)malloc(sizeof(int*));int status = 0;status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_READONLY);//读取密钥库，（CRYPT_KEYOPT_READONLY）status = cryptGetPrivateKey(*keyset,sigKeyContext, CRYPT_KEYID_NAME, "test1", "1234");//通过标签和保护密钥获取私钥CRYPT_CONTEXT  hashContext;void *signature;int signatureLength;status = cryptCreateContext( &hashContext, CRYPT_UNUSED, CRYPT_ALGO_MD5 );//创建hash上下文/* 对数据做摘要 */status = cryptEncrypt( hashContext, "1234", 4 );status = cryptEncrypt( hashContext, "1234", 0 );/* 为签名值分配空间 */int signatureMaxLength;cryptCreateSignature( NULL, 0, &signatureMaxLength, *sigKeyContext, hashContext );signature = malloc( signatureMaxLength );/*使用私钥对摘要进行签名*/status = cryptCreateSignature( signature, signatureMaxLength, &signatureLength, *sigKeyContext, hashContext );status = cryptDestroyContext( hashContext );/* 创建hash上下文 */status = cryptCreateContext( &hashContext, CRYPT_UNUSED, CRYPT_ALGO_MD5 );/* 对数据做摘要 */status = cryptEncrypt( hashContext, "1234", 4 );status = cryptEncrypt( hashContext, "1234", 0 );/* 使用公钥验证签名 */status = cryptCheckSignature( signature, signatureLength, *sigKeyContext, hashContext );status = cryptDestroyContext( hashContext );}/****导出指定密钥库中的公钥***/void ExportKey(){/*访问密钥库，获取公钥*/int* keyset;keyset = (int*)malloc(sizeof(int*));int* sigKeyContext;sigKeyContext = (int*)malloc(sizeof(int*));int status = 0;status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, "D:\\Private key file.p15", CRYPT_KEYOPT_READONLY);status = cryptGetPublicKey(*keyset,sigKeyContext, CRYPT_KEYID_NAME, "test1");//通过标签获取公钥CRYPT_CONTEXT pubKeyContext, cryptContext;void *encryptedKey;int encryptedKeyLength,encryptedKeyMaxLength;/* 生成保护密钥 */status = cryptCreateContext( &cryptContext, CRYPT_UNUSED, CRYPT_ALGO_3DES );status = cryptGenerateKey( cryptContext );status = cryptExportKey( NULL, 0, &encryptedKeyMaxLength, *sigKeyContext, cryptContext ); //获取公钥大小encryptedKey = malloc( encryptedKeyMaxLength );status = cryptExportKey( encryptedKey, encryptedKeyMaxLength, &encryptedKeyLength, *sigKeyContext, cryptContext );//导出公钥cout<<(char*) encryptedKey<<endl;}/****3DES对称加密***/void encrypt(string text,string pwd,string iv,BYTE* result,int* length){CRYPT_CONTEXT context;int status = cryptCreateContext(&context,CRYPT_UNUSED,CRYPT_ALGO_3DES);status  = cryptSetAttributeString(context,CRYPT_CTXINFO_IV,iv.c_str(),iv.size()); //初始向量status = cryptSetAttributeString(context,CRYPT_CTXINFO_KEY,pwd.c_str(),pwd.size());//密钥int keysize;status = cryptGetAttribute(context,CRYPT_CTXINFO_KEYSIZE,&keysize);if (text.size() % keysize > 0){*length = text.size() + keysize - text.size() % keysize;}else{*length = text.size();}for(int i =0 ;i<text.size();i++){result[i] = text[i];  //存储到BYTE数组中}status = cryptEncrypt(context,result,*length);//加密处理for(int i = 0 ; i < *length ; i++){printf("%x ",result[i]);}status = cryptDestroyContext(context);if(status!=0) cout<<"fail"<<endl;}void decrypt(BYTE* enc , int* length,string pwd,string iv){CRYPT_CONTEXT context;int status = cryptCreateContext(&context,CRYPT_UNUSED,CRYPT_ALGO_3DES);status  = cryptSetAttributeString(context,CRYPT_CTXINFO_IV,iv.c_str(),iv.size());status = cryptSetAttributeString(context,CRYPT_CTXINFO_KEY,pwd.c_str(),pwd.size());int keysize;status = cryptGetAttribute(context,CRYPT_CTXINFO_KEYSIZE,&keysize);status  = cryptDecrypt(context,enc,*length);status  = cryptDestroyContext(context);}/***公钥加密信封,返回base64编码字符串*/string envelop(string text,string keyFile){BYTE* message;message = new BYTE[text.size()];for(int i=0;i<text.size();i++){message[i]=text[i];}int messageLength = text.size();/*访问密钥库，获取公钥*/int* keyset;keyset = (int*)malloc(sizeof(int*));int* pubKeyContext;pubKeyContext = (int*)malloc(sizeof(int*));int status = 0;status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile.c_str(), CRYPT_KEYOPT_READONLY);status = cryptGetPublicKey(*keyset,pubKeyContext, CRYPT_KEYID_NAME, "test1");CRYPT_ENVELOPE cryptEnvelope;int bytesCopied;status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_CRYPTLIB );/* Add the public key */status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_PUBLICKEY, *pubKeyContext );/* Add the data size information and data, wrap up the processing, and pop out the processed data */status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_DATASIZE, messageLength );status = cryptPushData( cryptEnvelope, message, messageLength, &bytesCopied );status = cryptFlushData( cryptEnvelope );BYTE* envelopedData;envelopedData = new BYTE[1000];int envelopedDataBufferSize = 1000;status = cryptPopData( cryptEnvelope, envelopedData, envelopedDataBufferSize, &bytesCopied );status = cryptDestroyEnvelope( cryptEnvelope );string base64Result = base64_encode(envelopedData,bytesCopied);cout<<base64Result<<endl;return base64Result;}string develop(string env,string keyFile){BYTE* message;string debase = base64_decode(env);message = new BYTE[debase.size()];for(int i=0;i<debase.size();i++){message[i] = debase[i];}int* privKeyContext;privKeyContext = (int*)malloc(sizeof(int*));int messageLength = debase.size();message[messageLength]='\0';CRYPT_ENVELOPE cryptEnvelope;int bytesCopied, status;/*访问密钥库*/int* keyset;keyset = (int*)malloc(sizeof(int*));status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE,keyFile.c_str(), CRYPT_KEYOPT_READONLY);status = cryptGetPrivateKey(*keyset,privKeyContext, CRYPT_KEYID_NAME, "test1", "1234");status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_AUTO );/* Push in the enveloped data and the private decryption key required to de-envelope it, and pop out the recovered message */status = cryptPushData( cryptEnvelope, message, messageLength, &bytesCopied );status = cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_PRIVATEKEY, *privKeyContext );status = cryptFlushData( cryptEnvelope );BYTE* result;result = new BYTE[1000];int resultLength = 1000;status = cryptPopData( cryptEnvelope, result, resultLength, &bytesCopied );status = cryptDestroyEnvelope( cryptEnvelope );cout<<(char*)result<<endl;string r  =  string((char*)result);return r;}string exportCert(string keyFile){/*访问密钥库，获取公钥*/int* keyset;keyset = (int*)malloc(sizeof(int*));int* certContext;certContext = (int*)malloc(sizeof(int*));int status = 0;status = cryptKeysetOpen(keyset,CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile.c_str(), CRYPT_KEYOPT_READONLY);status = cryptGetPublicKey(*keyset,certContext, CRYPT_KEYID_NAME, "test1");void *certificate;int certLength;int certMaxLength;status = cryptExportCert( NULL, 0, &certMaxLength,CRYPT_CERTFORMAT_CERTIFICATE, *certContext );/* Allocate memory for the encoded certificate */certificate = malloc( certMaxLength );/* Export the encoded certificate from the certificate object */status = cryptExportCert( certificate, certMaxLength, &certLength, CRYPT_CERTFORMAT_CERTIFICATE, *certContext );unsigned char* certChar = (unsigned char*)certificate;certChar[certLength]='\0';string cert_base64 = base64_encode(certChar,certLength);return cert_base64;}void importCert(string cert_base64){CRYPT_CERTIFICATE cryptCertificate;int status;string certStr = base64_decode(cert_base64);/* Import the certificate object from the encoded certificate */BYTE* cert;int certLength = certStr.size();cert = new BYTE[certLength];for(int i = 0 ; i<certLength;i++){cert[i] = certStr[i];}cert[certLength]='\0';status = cryptImportCert( cert, certLength, CRYPT_UNUSED, &cryptCertificate );}