4

好的——感谢Mike,我能够让 Wincrypt 生成一个 Diffie-Hellman 密钥对。我想通了导出公钥,以及如何导入对方的公钥。根据文档,在导入对方的公钥后,共享的秘密就被计算出来了。伟大的。

我现在需要掌握那个共享的秘密,但我认为这是不可能的。除非我调用将算法 id 从更改为其他类型,否则只需调用失败CryptExportKey类型即可。但我不想要别的东西,我想要共享的秘密。然而,API 似乎旨在阻止这种情况。PLAINTEXTKEYBLOBCryptSetKeyParamCALG_AGREEDKEY_ANY

有什么想法吗?我应该注意到这里的问题是我只写了 WiFi 保护设置实现的一个方面。所以协议是为我定义的,对方没有给我HCRYPTKEYs。

4

1 回答 1

2

This looks like what you need... from: http://msdn.microsoft.com/en-us/library/aa381969(VS.85).aspx

To import a Diffie-Hellman public key and calculate the secret session key

  1. Call the CryptAcquireContext function to get a handle to the Microsoft Diffie-Hellman Cryptographic Provider.
  2. Create a Diffie-Hellman key by calling the CryptGenKey function to create a new key, or by calling the CryptGetUserKey function to retrieve an existing key.
  3. To import the Diffie-Hellman public key into the CSP, call the CryptImportKey function, passing a pointer to the public key BLOB in the pbData parameter, the length of the BLOB in the dwDataLen parameter, and the handle to the Diffie-Hellman key in the hPubKey parameter. This causes the calculation, (Y^X) mod P, to be performed, thus creating the shared, secret key and completing the key exchange. This function call returns a handle to the new, secret, session key in the hKey parameter.
  4. At this point, the imported Diffie-Hellman is of type CALG_AGREEDKEY_ANY. Before the key can be used, it must be converted into a session key type. This is accomplished by calling the CryptSetKeyParam function with dwParam set to KP_ALGID and with pbData set to a pointer to a ALG_ID value that represents a session key, such as CALG_RC4. The key must be converted before using the shared key in the CryptEncrypt or CryptDecrypt function. Calls made to either of these functions prior to converting the key type will fail.
  5. The secret session key is now ready to be used for encryption or decryption.
  6. When the key is no longer needed, destroy the key handle by calling the CryptDestroyKey function.
于 2008-09-18T23:45:49.953 回答