EDN Admin
Well-known member
Below is code snippet I found on MSDN. This shows how to encrypt message in VC++. In this code I need to hash the password. My question is why it is required to hash the password?
In C# I have used the password directly (to decrypt the data). I want to encrypt the data in VC++ with same password.
VC++ Code
if(CryptAcquireContext( &hCryptProv, NULL, NULL, PROV_RSA_FULL, 0)) { printf("A context has been acquired. n"); } else { MyHandleError("Error during CryptAcquireContext!"); } //----------------------------------------------------------------// Create an empty hash object.if(CryptCreateHash( hCryptProv, CALG_MD5, 0, 0, &hHash)) { printf("An empty hash object has been created. n"); } else { MyHandleError("Error during CryptCreateHash!"); } //----------------------------------------------------------------// Hash the password string.if(CryptHashData( hHash, (BYTE *)szPassword, dwLength, 0)) { printf("The password has been hashed. n"); } else { MyHandleError("Error during CryptHashData!"); } //----------------------------------------------------------------// Create a session key based on the hash of the password.if(CryptDeriveKey( hCryptProv, CALG_RC2, hHash, CRYPT_EXPORTABLE, &hKey)) { printf("The key has been derived. n"); } else { MyHandleError("Error during CryptDeriveKey!"); }
C# Code:
mProvider = new DESCryptoServiceProvider();
mProvider.Mode = CipherMode.CBC;
mProvider.Padding = PaddingMode.Zeros;
mProvider.Key = keyBytes;
objDecryptor = mProvider.CreateDecryptor(EncBytes, arrIV);
decryptedData = objDecryptor.TransformFinalBlock(barrCipher, 0, (barrCipher.Length - 0));
View the full article
In C# I have used the password directly (to decrypt the data). I want to encrypt the data in VC++ with same password.
VC++ Code
if(CryptAcquireContext( &hCryptProv, NULL, NULL, PROV_RSA_FULL, 0)) { printf("A context has been acquired. n"); } else { MyHandleError("Error during CryptAcquireContext!"); } //----------------------------------------------------------------// Create an empty hash object.if(CryptCreateHash( hCryptProv, CALG_MD5, 0, 0, &hHash)) { printf("An empty hash object has been created. n"); } else { MyHandleError("Error during CryptCreateHash!"); } //----------------------------------------------------------------// Hash the password string.if(CryptHashData( hHash, (BYTE *)szPassword, dwLength, 0)) { printf("The password has been hashed. n"); } else { MyHandleError("Error during CryptHashData!"); } //----------------------------------------------------------------// Create a session key based on the hash of the password.if(CryptDeriveKey( hCryptProv, CALG_RC2, hHash, CRYPT_EXPORTABLE, &hKey)) { printf("The key has been derived. n"); } else { MyHandleError("Error during CryptDeriveKey!"); }
C# Code:
mProvider = new DESCryptoServiceProvider();
mProvider.Mode = CipherMode.CBC;
mProvider.Padding = PaddingMode.Zeros;
mProvider.Key = keyBytes;
objDecryptor = mProvider.CreateDecryptor(EncBytes, arrIV);
decryptedData = objDecryptor.TransformFinalBlock(barrCipher, 0, (barrCipher.Length - 0));
View the full article