??ҳ ?????? ??? ?ر?֪ʶ ???????? ?????ֲ?
վ??????
  • ??????
  • WinCE Security...
  • ASP.Net???ְ?ȫ©??
  • CentOS ?û????û??????
  • mysqlͻȻ??ʾWindo...
  • ??????????FastCGI E...
  • IIS?򿪾?̬ҳ??????????...
  • WTSϵ?к?????ʹ??
  • CGI/FASTCGI/ISAPI????
  • linux??mysql??ʾ"...
  • ??β鿴?Ѱ?װ??CentOS...
  • Linux?¸???Mysql???ݿ?????
  • ASP.NET???????????ش?...
  • chmod----?ı?һ????...
  • centos6.5??װwine
  • ?????в鿴Memcached????״̬
  • ?Ƽ?????
  • [?????????]??α?֤??????...
  • [???ݿ?]?鿴sql ser...
  • MySql?滻???ݿ?????
  • thinkphp?????÷???
  • ???????µ?ip??ȫ????
  • ????????
  • API֮SetWindows...
  • StartServiceCtrlDispatcher
  • [?????????]??α?֤??????...
  • VC++ ????????ֹͣ????...
  • Զ????????????־?ű?bat&vbs
  • ?eclipse+Jbos...
  • VB API ????????ֹͣ...
  • WTSϵ?к?????ʹ??
  • ?˿ڸ??ü?????ʵ?ִ???(C++)
  • ??ȡ???????Ϣ?йص?API
  • [webվ??]??IIS?Ͽ???...
  • [???ݿ?]?鿴sql ser...
  • ThinkPHP??ʾ 3.0...
  • vc????exe???????С?Ż?
  • ??STL?ij?????ʽ
  • WinCE Security --- X509֤?鼰˽Կ?ĵ???


    ???ߣ?ARM-WinCE

    ??Դ??http://blog.csdn.net/nanjianhui/article/details/5797772

     

    ??WinCE??????뵼??X509֤?鼰˽Կ????Ҫ?õ?΢????CryptoAPI????????????΢???ṩ??ר??????֧??PKI??ع??ܵ?ģ?顣??????Щ??֪????Linux???õ???Openssl???һ??ں?????ܻ???WinCE??Linux??ͬ??ƽ̨????α˴˽???֤????֤?Լ??ӽ??ܡ??????????Ƚ???һ??֤???˽Կ?ĵ??롣

     

     

    WinCE֧??CryptoAPI?????????Ǻ?Windows??????Ȼ?????Щ??????Ҫ?Ƕ?һЩHash?㷨???ӽ????㷨֧?ֵIJ??Ǻܺá???WinCE?µ???CryptoAPI????ʵ?ֵĹ?????Windows??????????ûʲô???⣬???Ƿ?֮???Ͳ?һ???ˡ?

     

    ?????Ƚ???һ??֤?鼰˽Կ???????غ?????

    1. HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider, DWORD dwMsgAndCertEncodingType, HCRYPTPROV hCryptProv,  DWORD dwFlags, const void* pvPara)

    ?ú??????ڴ?һ??֤??⡣

    lpszStoreProvider: ֤????ṩ?ߣ???????һ???ļ???Ҳ????????һ??ע????еļ?ֵ????????ϵͳ֤???ȡ?

    dwMsgAndCertEncodingType: û?б?ʹ?ã?????Ϊ0

    hCryptProv: ??Կ?ṩ?ߣ?һ??????ΪNULL??ʾʹ??Ĭ?ϵ??ṩ??

    dwFlags: ??֤???ı??λ????????δ?һ??֤???

    pvPara: ?????ڵ?һ??????֤???ṩ?ߣ?˵???????֤???ṩ??

    ?ú?????????óɹ??????᷵?ش?֤???ľ????

     

    2. BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)

    ?ú??????ڹر?һ??֤??⡣

    hCertStore: Ҫ?رյ?֤???ľ??

    dwFlags: ???λ????ʾ??ιر?֤???

    ?ú??????óɹ?????????TRUE

     

    3. PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pPrevCertContext)

    ?ú???????ö??֤????е?X509֤?飬?ú?????????ѭ???з????????ôӶ?ö??ÿһ??X509֤?顣

    hCertStore: ?Ѵ?֤???ľ??

    pPrevCertContext: ָ????һ?????ҵ???X509֤?飬????ò???ΪNULL????ʾ??һ?α?????

    ?ú??????óɹ????????ر?ö?ٵ?X509֤??ṹ??Ϣ

     

    ????˵һ??PCCERT_CONTEXT??Ҳ???Ǹú????ķ???ֵ??????һ??ָ??ָ??CERT_CONTEXT???ýṹ????????X509֤????Ϣ?????а???֤??????ͣ???????֤?????ݣ???С???Լ?????X509֤???ڲ?????ϸ??Ϣ??????????㷨??Public key?ȡ?

     

     

    4. BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)

    ?ú????????ͷ?һ??֤??ṹ??

    PCCERT_CONTEXT: Ҫ???ͷŵ?X509֤??ṹ??ָ??

    ?ú??????óɹ???????TRUE??

     

     

    5. BOOL WINAPI CertAddEncodedCertificateToStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, const BYTE* pbCertEncoded, DWORD cbCertEncoded, DWORD dwAddDisposition, PCCERT_CONTEXT* ppCertContext)

    ?ú???????????һ??X509֤?鵽֤??⵱??

    hCertStore: ?Ѵ?֤???ľ??

    dwCertEncodingType: ֤??ı??????ͣ?????ֻ????X509_ASN_ENCODING????ʾX509????ASN.1??????֤??

    pbCertEncoded: ָ??Ҫ???ӵ?֤??????

    cbCertEncoded: ֤??Ĵ?С

    dwAddDisposition: ????֤????λ?????????ӷ???

    ppCertContext: ???ؾ?????????֤?飬һ??????ΪNULL???????ΪNULL???ýṹҪͨ??CertFreeCertificateContext?????ͷ?

    ?ú??????óɹ???????TRUE??

     

     

    6. BOOLEAN CRYPTFUNC CryptAcquireContext(HCRYPTPROV* phProv, LPCTSTR pszContainer, LPCTSTR pszProvider, DWORD dwProvType, DWORD dwFlags)

    ?ú??????ڻ??һ?????õ???Կ??????

    phProv: ????һ????Կ?????ṩ?ߵľ??

    pszContainer: ??Կ?????????֣?????ò???ΪNULL??һ??Ĭ?ϵ???Կ??????????ʹ?ã???????һ??????????ΪCYRPT_VERIFYCONTEXT????ò???????ΪNULL

    pszProvider: ??Կ?????ṩ?ߵ????֣?ΪNULL????ʾʹ??һ??Ĭ?ϵ???Կ?????ṩ??

    dwProvType: Ҫ??õ??ṩ?ߵ?????

    dwFlags: ??Կ???????λ?????????ʹ????Կ????

    ?ú??????óɹ???????TRUE??

     

     

    7. BOOL WINAPI CryptImportKey( HCRYPTPROV hProv, BYTE* pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY* phKey)

    ?ú??????ڵ?????Կ????Կ?????С?

    hProv: ??Կ?????ľ??

    pbData: ??Կ???ݣ?????????ԿBLOB??ʽ

    dwDataLen: ??Կ???ݳ???

    hPubKey: һ????Կ?ľ??????????????Կ?Ǿ???ǩ?????߼??ܵģ???Ҫ?ù?Կ??????֤???߽??ܡ???????????Կû?м??ܣ??ò???Ϊ0

    dwFlags: ??????λ??һ??ΪCRYPT_EXPORTABLE

    phKey: ???ص?????Կ?ľ??

    ?ú??????óɹ???????TRUE??

     

     

    8. CryptExportPublicKeyInfo(HCRYPTPROV hCryptProv, DWORD dwKeySpec, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo)

    ?ú??????ڵ?????Կ??Ϣ??

    hCryptProv: ??Կ?????ľ??

    dwKeySpec: ??Կ?????ͣ???????AT_KEYEXCHANGE????AT_SIGNATURE

    dwCertEncodingType: ???????ͣ?Ӧ????X509_ASN_ENCODING

    pInfo: ָ?򵼳??Ĺ?Կ??Ϣ

    pcbInfo: ??Ϊ????ָ??Buffer?Ĵ?С????Ϊ?????ʾ??????Կ??Ϣ?ij???

     

     

    9. PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void* pvFindPara, PCCERT_CONTEXT pPrevCertContext)

    ?ú?????????֤????в???һ??X509֤?顣

    hCertStore: ?Ѵ򿪵?֤???ľ??

    dwCertEncodingType: ֤??????ͣ?ֻ????X509_ASN_ENCODING

    dwFindFlags: û??ʹ?ã?????Ϊ0

    dwFindType: ָ?????ҷ?????????ΪNULL??ʾ??????һ??֤?飬Ҳ???????ø??ݷ???????Ϣ??֤???ID??public key?Լ?ǩ??????Ϣ??????

    pvFindPara: ָ????ҵ???Ϣ

    pPrevCertContext: ָ?????һ?ε??øú??????ص?֤????Ϣ??һ??????ΪNULL

    ?ú??????óɹ??????????ҵ???֤?????Ϣ?ṹ?????û???ҵ?֤?飬??????NULL??

     

     

    10. BOOL CRYPTFUNC CryptDestroyKey(HCRYPTKEY hKey)

    ?ú????????ͷ?һ???????????Կ?ľ????

    hKey: ?????????뵽??Կ?????е???Կ???

    ???????óɹ???????TRUE??

     

     

    11. BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, DWORD dwFlags)

    ?ú????????ͷ?һ???Ի?õ???Կ??????

    hProv: ??Կ?????ľ??

    dwFlags: û??ʹ?ã?????Ϊ0

    ?ú??????óɹ???????TRUE??

     

     

    ????????Ľ??ܣ????Ǹо???֪??????֡??ҵ?һ??ʹ??CryptoAPI???????ָо???????MSDN?Ժ󣬻??Dz?֪????ô?á??Һ?WinCE?Ŀ?????????ṩ??֤???˽Կ????Ĺ??ߣ?ͬʱҲ?ṩ??Դ???룬Դ???????? D:/WINCE600/PUBLIC/WCESHELLFE/OAK/CTLPNL/CPLMAIN???????certcpl.cpp?ļ??С????ڿ???Դ????󣬽???????ֲ???ҵ?Ӧ????????֤???˽Կ?ĵ??룬?????ϴ??????һ?º?????ʹ?á?

     

    //??ʼ??????????֤???

    DWORD Cert_Init(void)

    {

          DWORD fRet = FALSE;

          HANDLE hCaStore;

          PCCERT_CONTEXT pCaCert;

          WCHAR szName[512];

     

          //????Crypt32.dll??

          g_hCrypt32 = LoadLibraryW(L"crypt32.dll");

          g_CaPubKeySize = 0;

          if (g_hCrypt32)

          {

                pCertOpenStore = (PFNCERTOPENSTORE)GetProcAddressW(g_hCrypt32, L"CertOpenStore");

                pCertAddEncodedCertificateToStore = (PFNCERTADDENCODEDCERTIFICATETOSTORE)GetProcAddressW(g_hCrypt32, L"CertAddEncodedCertificateToStore");

                pCertCloseStore = (PFNCERTCLOSESTORE)GetProcAddressW(g_hCrypt32, L"CertCloseStore");

                pCryptExportPublicKeyInfo = (PFNCRYPTEXPORTPUBLICKEYINFO)GetProcAddressW(g_hCrypt32, L"CryptExportPublicKeyInfo");

                pCertFindCertificateInStore = (PFNCERTFINDCERTIFICATEINSTORE)GetProcAddressW(g_hCrypt32, L"CertFindCertificateInStore");

                pCertSetCertificateContextProperty = (PFNCERTSETCERTIFICATECONTEXTPROPERTY)GetProcAddressW(g_hCrypt32, L"CertSetCertificateContextProperty");

                pCertFreeCertificateContext = (PFNCERTFREECERTIFICATECONTEXT)GetProcAddressW(g_hCrypt32, L"CertFreeCertificateContext");

        &nfsp; 'nbsp;     pCryptAcquireC%rtificatePrivateKey = (PFNCRYPTACQUIRECERTIFICATOPRIVATEKEY)GetProcAddressW(g_hCrpt32, L&uuot;CsyptAcquireCertificatePrivateKey&quo?;);

    span style="box-sizing: border-bo};padding:`0px">&hbsp;   &nBsp; &nbs?; &nrsp;   pCryptDecodaObjectEx = (PFNCRYPTDEFODEOBJECTEXaGetProcAddressW(b_hCrypt32, L&Quo?;CryptDecodeObje#tEx");

     &nbwp; &ncsp;  &n"sr;     pCryptImportPublicKeyInfoEh = "PFNCRYPTIMPORTPUGLICKEYINFOEX+GetProcAd`ressW(g_hCrypt32, ?"CryptImportPublicKeyInfoEx&quoT;);

    e-sPac. normaP&bac{gr??d-con?^: rgb(h5, 25u?255)"???pan st8/e="box??izing:??order-??x;padd?+g: 0py??ont-si?: ?&??:? EP??Giw*g1??e{w?m??4?[ ?fJ^L"l~eV?P`_??2?U???GvQ?K????p?a&??U?Rx?r29?8??R? M??`E?Pe??T^??L?Y?_s^kvk?-???d??C6?澅??"EQ???/???MwBt?E???.G]??????d#?-??e?g??+?VX?D??ԓ??~wȁ+^?7X??k?|(??????m'?>?$?a!?S???? ?"-??Z?q??[?ݜ???扡6?EF]ЫW ?P?&?????$g?? z??U>-?????L??????z????b?R???????(????вgu?S?s?/?m?????}O{8k?0?X?TS?)?M??νw????v???u?d??JP?Q?_|?????m?NJEt?J??@??=e????)?[W??K?N?F?S?+y??8r*D,?K?{???[??9k*? ???g??(?wʷe?*(?հ卤??????#`??????B][?*???@??? ?????$?-??~Co&??c?????`?!G?3b????'?ZK%?\??8???U?D)??Uc?????????>?A.:?m??u???g?r??1 Ջ??3p`ܛ??`Z^??!?????|??1?X9????9{#f?ŠψA?7?0xS?)!i?}2?g??cw?h?׭? T????O?ы?Kܚ?y?? 0????????k ??1B,?Q, ]?Ys,???D?>!"z?s??ə??˧_ưs?ʿ??Z7??/a75?{???He?h!?ڝrdO???f?X7??@???5?? X? ??m1?#??????}?c?e??t???O????@ y?L?g????{T??????K???^?ʃl?DP?WT???Nιf??(??D?c?hnj}?~?%????? q?QU'}E??5b??@?֍?i l?K?u8?=?$a*A4??Dc?wFQH????EM?_????GMи6?T=Zu&??G??uԟA???[uƀO?'?A??????"??? X??`QQ?|?䮧?+???텙$?;B??:E??????e?X[??????;?x?jX????}??n???"?(^Iu????-?E?Nf}????\?Na?n???f?AmDw??6?Nvo@?????@_-?5GG/~?sf?X?=?,k-,y[?U(?/ۍ?0?~Q.\M???F???é'????Lq+???? ˧V?? b ?v??r??„?RF8???K?*????2?????3?.?݈??s?>?L? ??ⲛڐ?/??U?ZN???<8'7p??pUq?j3?1w??:{4?U#V??ƻ?6vM? p?$%S4X?[???i55??B??A?%8??!ؼ????Dz㛬???k?0?$?ve`?)?+t $?$??5߫7?,:l???????߃???+?d????k?~? Btw??N#7?7,??wC3?~[GN ????/b}ueg%-?? H5e׽|N?e???(ߔ} z???K?iTK?<Ǭ?ۘ?? ??}???mL2??2Ng??͝Y?|SU??q䯺r?????Ғ?1???C????`?G????t\yj?1?l?fL:?V-j???P?D??x\??tH?l?XP??ջ???A????H??m'?ݪ]k?RS???Y$7?.f? ??b?b*????????^z?P> ys?m?v,vw&П?. ??s?&???şx?K<,-??C??*?Q?aN?Te(??^}O?O?M??O? ?"??[ ??X?u?meD?E??(G$@@?*??????z??w ΛA?¿P?h??Rz????x?q*??J?S? ????9?'??d_??}?ŏt??$?LM?W????5??[?Eq??4բ??a???????ɛJٟUƿT??VB??jڽ?LK*????Q??bV{???$ ?????U`?z6=7??}h????p??7??2i??[Z#fye 2???6??^5?p??8f?~??ҩg2:??????*?ʋ????????4??ϯ-?lYC??Z??????/㘌?H??Z??7 ? J???a|?,?s??1?j?0?`?&??j?f?L??lM?߂ ???<[???n????Gc?_?1??oyDk??zM?V(7??????K=1B?m_7)J??~?y?8??[v??~?W?j???'i$t????#?hs?? \?/?˅??A??b?l????!???5???[FD??X? ;? J6?ΠT?㌵?E??????Y}??V?&? ???h)?????ev_?֜H??wp???.5??)?Fë` ???O~[hL5?]??'?u?`??}~?)m??NM? Ih???]?_??q?A??!G?+o?? #_?M???̌x?????)??w6???jR+?&{^??|?I/?e?DmDx?)?>???]??Wp?? [ ???+t?w@YW?2*B+??p?ף???<)?0i?l?jU?0t?LN??mU"Ju?BMK?i)??|?%y2y???C????,??c??j?q?&?I?R??? `+???v?k="pz?????=?ԪO?)ח?cOI?k;???.?-Jt?|???S?Ƚ?͠?I?Wg????SN??1?p?h? X??]?f??Jm?T??s.????O????ճ?~b??I???6A?4????r9v7 $9 ?g2???-??}??O??.I??fgtOܸ?C??2?oA??? *?_ r??A4W?*Sܢ<͍?*R^???@????]??9}??#?^/??bG?&Y?0? rNœ??ϽF0?)??u???R???w1/???GHI???\?(???w??&7p?C'?WI?:?랁?vɹ?u{3???????P.???C&K?TVB??򡭡r????r?7?׍??0`;?Ob3?? ?;z)?P??-??þ??#3p(??+?y?j??k?\Q?,D?]~ߜV=???Cj??J????ޫ?U? ?\???q'?<{???ߍ????+???? 7?,Z??T?އ?r??? h?????~?Lm??os???X??мk?t1z[kNg????*?o'?)Eb?ǜ6؇?嚽?k7??? H????X? ?Y?͡?LR?*/?wĵ?2?0?m#??VrA?F?O???{??&?I0r?܊As[+?yVU?5??_l??h]??9??L?)??5????-?????Oz?????甜??okk#h??&??%0??UM??8p?6?p&tT?????c6­?t???(?D:? ???E????Ed????w??s? ??n?J???ǐ?I??K?W??$??G?????0*?J >?n*??ZI??D?r] KOe`y]|??DwSI??F?Q+>?@??r?_?=????r???D?G_???)?? ?????9?W"]?>1{?Y???Y{s???D????a?O?(I(???'???? R?, ?k//????X509֤?飬lpszFileNameΪ֤???·??

    DWORD Cert_ImportCert(LPTSTR lpszFileName)

    {

          DWORD dwSize, dwRealSize;

          PBYTE pbFile = NULL;

          HANDLE hFile = INVALID_HANDLE_VALUE;

          BOOL fRet = FALSE;

     

     

          // ??֤???ļ?

          hFile = CreateFile(lpszFileName, GENERIC_READ, 0, NULL,      OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL, NULL);

          if (hFile)

          {     // ???֤???ļ???С

                dwSize = GetFileSize(hFile, NULL);

                if (dwSize != 0xFFFFFFFF)

                {     // ?????ڴ?

                      pbFile = (PBYTE)LocalAlloc(LPTR, dwSize);

                      if (pbFile)

                      {     // ????֤??

                            if (ReadFile(hFile, pbFile, dwSize, &dwRealSize, NULL) == TRUE)

                            {    

                                  // ????һ??DER??ʽ??X509֤?鵽֤???

                                  fRet = pCertAddEncodedCertificateToStore(hStore, X509_ASN_ENCODING,

                                              pbFile, dwRealSize, CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES,0);

                                  if (fRet == TRUE)

                                  {

                                        printf("Import Certificate OK./r/n");

                                  }

                                  else if (fRet = CRYPT_E_EXISTS)

                                  {

                                        printf("Certificate exists./r/n");

                                        fRet = TRUE;

                                  }

                                  else

                                  {

                                        printf("Import Certificate Error./r/n");

                                  }

                            }

                      }

                }

          }

     

          if (hFile)

          {

                CloseHandle(hFile);

          }

          if (pbFile)

          {

                LocalFree(pbFile);     

          }

     

          return fRet;

    }

     

    // ???˽Կ?е????룬?ú????ᱻCert_ImportPrvtKey????????

    static BOOL GetPasswordKey(

                IN HCRYPTPROV hProv,

                IN ALG_ID Algid,

                IN PBYTE pbPswd,

                IN DWORD dwPswdLen,

                IN BYTE *pbSalt,

                IN DWORD cbSalt,

                OUT HCRYPTKEY *phEncryptKey

                )

    {

          BOOL fResult;

          BYTE *pbPassword;

          DWORD cbPassword;

          HCRYPTHASH hHash = 0;

          HCRYPTKEY hEncryptKey = 0;

         

     

          pbPassword = pbPswd;

          cbPassword = dwPswdLen;

          if (cbPassword)

          {

                if (!CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash))

                      goto ErrorReturn;

                if (cbSalt) {

                      if (!CryptHashData(hHash, pbSalt, cbSalt, 0))

                            goto ErrorReturn;

                }

                if (!CryptHashData(hHash, pbPassword, cbPassword, 0))

                      goto ErrorReturn;

                if (!CryptDeriveKey(hProv, Algid, hHash, 0, &hEncryptKey))

                      goto ErrorReturn;

          }

     

          fResult = TRUE;

          goto CommonReturn;

     

    ErrorReturn:

          fResult = FALSE;

          if (hEncryptKey)

          {

                CryptDestroyKey(hEncryptKey);

                hEncryptKey = 0;

          }

    CommonReturn:

          if (hHash)

                CryptDestroyHash(hHash);

          *phEncryptKey = hEncryptKey;

     

          return fResult;

    }

     

    //????PVK??ʽ??˽Կ????֤????в??Һ???ƥ???֤?飬lpFileNameΪ˽Կ?ļ?·????pbPasswordΪ˽Կ???룬dwPswdLenΪ???볤??

    DWORD Cert_ImportPrvtKey(LPTSTR lpFileName, BYTE* pbPassword, DWORD dwPswdLen)

    {

          BOOL fRet = TRUE;

          DWORD dwSize, dwRealSize, cbPvk, cbData;

          PBYTE pbFile = NULL;

          HANDLE hFile = INVALID_HANDLE_VALUE;

          HCRYPTPROV hCryptProv = NULL;

          PCERT_PUBLIC_KEY_INFO pcertpubkeyinfo = NULL;

          BYTE *pbEncryptData = NULL;

          BYTE *pbPvk = NULL;

          CRYPT_KEY_PROV_INFO keyProvInfo;

          HCRYPTKEY hKey = 0;

          PCCERT_CONTEXT pCert = NULL;

          HCRYPTHASH hHash = 0;

          HCRYPTKEY hDecryptKey = 0;

         

     

          // ??˽Կ?ļ?

          hFile = CreateFile(lpFileName, GENERIC_READ, 0, NULL, OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL, NULL);

          if (hFile)

          {    

                dwSize = GetFileSize(hFile, NULL);

                if (dwSize != 0xFFFFFFFF)

                {    

                      pbFile = (PBYTE)LocalAlloc(LPTR, dwSize);

                      if (pbFile)

                      {    

                            if (ReadFile(hFile, pbFile, dwSize, &dwRealSize, NULL) == TRUE)

                            {

                                  memcpy(szKeyContainer,TEXT("CERT"), sizeof(TEXT("CERT")));

                                  // ?????Կ?????Ƿ????

                                  if (CryptAcquireContext(&hCryptProv, szKeyContainer, NULL, CSP_ALGORITHM, 0) == FALSE)

                                      //?????ڣ??????µ???Կ????

                                       if (CryptAcquireContext(&hCryptProv, szKeyContainer, NULL, CSP_ALGORITHM, CRYPT_NEWKEYSET) == FALSE)

                                        {

                                              goto PvkErr;

                                        }

                                  }

                                  // Check the Provider

                                  if (!hCryptProv)

                                  {

                                        goto PvkErr;

                                  }

    #if 1

                                  // ??֤PVK˽Կ?ļ?

                                  if (dwSize < sizeof(FILE_HDR))

                                  {

                                        goto PvkErr;

                                  }

                                  memcpy(&Hdr, pbFile, sizeof(FILE_HDR));   // ensure alignment

                                  if (Hdr.dwMagic != PVK_MAGIC)

                                  {

                                        goto PvkErr;

                                  }

                                  // Treat as a "normal" private key file

                                  cbPvk = Hdr.cbPvk;

                                  if (Hdr.dwVersion != PVK_FILE_VERSION_0 ||

                                              Hdr.cbEncryptData > MAX_PVK_FILE_LEN ||

                                              cbPvk == 0 || cbPvk > MAX_PVK_FILE_LEN)

                                  {

                                        goto PvkErr;

                                  }

                                  if (dwSize - sizeof(FILE_HDR) < Hdr.cbEncryptData + cbPvk)

                                  {

                                        goto PvkErr;

                                  }

                                  if (Hdr.cbEncryptData)

                                        pbEncryptData = pbFile + sizeof(FILE_HDR);

                                  pbPvk = pbFile+sizeof(FILE_HDR) + Hdr.cbEncryptData;

    #endif

     

                                  while (TRUE)

                                  {

                                        // Get symmetric key to decrypt the private key

                                        // Check the algorithm used to encrypt the key.

                                        // Unfortunately we cannot get the keysize used for encryption

                                        // so we just guess that its the same as the default used by the CSP (128 bits, unless we picked the base RSA provider)

                                        switch (Hdr.dwEncryptType)

                                        {

                                              case PVK_NO_ENCRYPT:

                                                    break;

                                              case PVK_RC4_PASSWORD_ENCRYPT:

                                                    if (!GetPasswordKey(hCryptProv, CALG_RC4,     //ENTER_PASSWORD,

                                                                      pbPassword, dwPswdLen,             //Password

                                                                      pbEncryptData, Hdr.cbEncryptData,

                                                                      &hDecryptKey))

                                                    fRet = FALSE;

                                                    break;

                                              case PVK_RC2_CBC_PASSWORD_ENCRYPT:

                                                    if (!GetPasswordKey(hCryptProv, CALG_RC2,     //ENTER_PASSWORD,

                                                                      pbPassword, dwPswdLen,             //pwszKeyName, FALSE,

                                                                      pbEncryptData, Hdr.cbEncryptData,

                                                                      &hDecryptKey))

                                                    fRet = FALSE;

                                                    break;

                                              default:

                                                    fRet = FALSE;

                                        }

                                        if (fRet == FALSE)

                                        {

                                              goto PvkErr;

                                        }

                                        // Decrypt and import the private key

                                        // CRYPT_EXPORTABLE needed for SCHANNEL to work!!

                                        if (CryptImportKey(hCryptProv, pbPvk, cbPvk, hDecryptKey, CRYPT_EXPORTABLE, &hKey) == FALSE)

                                        {

                                              goto PvkErr;

                                        }

                                        else

                                        {

                                              break;

                                        }

                                  }

     

                                  if (!pCryptExportPublicKeyInfo(hCryptProv, Hdr.dwKeySpec, CRYPT_ASN_ENCODING, NULL , &cbData)                        

                                  || !(pcertpubkeyinfo = (PCERT_PUBLIC_KEY_INFO)LocalAlloc(0, cbData))

                                              || !pCryptExportPublicKeyInfo(hCryptProv, Hdr.dwKeySpec, CRYPT_ASN_ENCODING, pcertpubkeyinfo , &cbData))

                                  {

                                        goto PvkErr;

                                  }

     

                                  // ???Һ?˽Կ??ƥ???֤??

                                  pCert = pCertFindCertificateInStore(hStore, CRYPT_ASN_ENCODING, 0, CERT_FIND_PUBLIC_KEY, pcertpubkeyinfo, NULL);

                                  if (pCert == NULL)

                                  {

                                        goto PvkErr;

                                  }

     

                                  // Set the key provider info property to associate the private key

                                  // with the cert

                                  keyProvInfo.pwszContainerName = szKeyContainer;

                                  keyProvInfo.pwszProvName = MS_ENHANCED_PROV_W;

                                  keyProvInfo.dwProvType = CSP_ALGORITHM;

                                  keyProvInfo.dwFlags = 0;

                                  keyProvInfo.cProvParam = 0;

                                  keyProvInfo.rgProvParam = NULL;

                                  keyProvInfo.dwKeySpec = Hdr.dwKeySpec;

                                  fRet = pCertSetCertificateContextProperty(

                                              pCert,CERT_KEY_PROV_INFO_PROP_ID,

                                              0, &keyProvInfo);

     

                                  if (fRet == TRUE)

                                  {     // repeat till the user cancels or we successfully import the key

                                        printf("Add Private Key OK!/r/n");

     

                                        if (pCert)

                                              pCertFreeCertificateContext(pCert);

                                        if (pcertpubkeyinfo)

                                              LocalFree(pcertpubkeyinfo);

                                        if (hDecryptKey)

                                              CryptDestroyKey(hDecryptKey);

                                        if (hKey)

                                              CryptDestroyKey(hKey);

                                        if (hCryptProv)

                                              CryptReleaseContext(hCryptProv, 0);

                                        LocalFree(pbFile);     

                                        CloseHandle(hFile);

     

     

                                        return TRUE;

                                  }

                            }

                      }

                }

          }

     

     

    PvkErr:

          fRet = GetLastError();

          printf("Add Private Key Error. Error code: 0x%x./r/n", fRet);

          if (pCert)

                pCertFreeCertificateContext(pCert);

          if (pcertpubkeyinfo)

                LocalFree(pcertpubkeyinfo);

          if (hDecryptKey)

                CryptDestroyKey(hDecryptKey);

          if (hKey)

                CryptDestroyKey(hKey);

          if (hCryptProv)

                CryptReleaseContext(hCryptProv, 0);

          if (pbFile)

                LocalFree(pbFile);     

          CloseHandle(hFile);

     

          return fRet;

    }


    [ly70041]
    ????ʱ?䣺2017-12-20
    ??Ȩ????(C)2005-2015