0

我正在解密加密的 MS Excel(使用 SHA1 的 RC4 加密),密码是已知的。在 vs2010 中,我可以正确解密,但是,我的程序必须在 Win 和 linux 下工作。我不知道现在在linux下获取加密密钥,在Win下如下所示:

int getEncrypKey(HCRYPTKEY *hKey, int blocknum)
{
    //------------------------H0 = H(salt, password)-----
    BYTE *pbSaltandPwdHash = NULL;
    DWORD dwSaltandPwdLen = 0;

    pbSaltandPwdHash = SHA1_2(psalt, 16, ppwd, strlen(pwd)/2, &dwSaltandPwdLen);
    printf("SHA1 of SaltandPwd:\n");
    for(DWORD i = 0 ; i < dwSaltandPwdLen ; i++) {
    printf("%2.2x ",pbSaltandPwdHash[i]);
    }
    printf("\n");
    //------------------------H0 = H(salt, password)-----

    //------------------------Hfinal = H(H0, block)-----
    HCRYPTHASH hHash1 = 0;

    CryptCreateHash( hCryptProv, CALG_SHA1, 0, 0, &hHash1) ;
    CryptHashData( hHash1, pbSaltandPwdHash, dwSaltandPwdLen, 0) ;
    CryptHashData( hHash1, (unsigned char*)&blocknum, sizeof(blocknum), 0) ;
    //------------------------Hfinal = H(H0, block)-----

    CryptDeriveKey(hCryptProv, CALG_RC4, hHash1, 0x00280000, hKey);

    if(hHash1 != 0) CryptDestroyHash(hHash1);
    if(pbSaltandPwdHash != NULL) free(pbSaltandPwdHash);

    return 0;
}

我知道如何H0在 linux 下获取,但我不知道如何获取hHash1and hKey

4

1 回答 1

1

这篇文章听起来像是在做同样的事情:Implement Windows CryptoAPI CryptDeriveKey Using OpenSSL APIs

下面是在 openssl 中生成哈希的更通用方法:

在你做任何事情之前:

#include <ssl/evp.h>

int main(int argc, char argv[]) // or in an "initialise" type function
{
     OpenSSL_add_all_digests()
     ...
}

然后生成哈希(省略错误检查):

const EVP_MD *digest;
EVP_MD_CTX context;
unsigned char hash[EVP_MAX_MD_SIZE];
unsigned int hash_len;

digest = EVP_get_digestbyname("sha1"); /* choose the hash type here */

EVP_MD_CTX_init(&context);
EVP_DigestInit_ex(&contxt, digest, NULL);
EVP_DigestUpdate(&context, pbSaltandPwdHash, dwSaltandPwdLen);
EVP_DigestUpdate(&context, &blocknum, sizeof(blocknum));
EVP_DigestFinal_ex(&context, hash, &hash_len);
EVP_MD_CTX_cleanup(&context);

/* Now use hash and hash_len as required */
于 2013-10-14T08:24:50.987 回答