Login | Register

HOWTO: Obtain the plain text session key using CryptoAPI

Posted by Raphael Amorim on December 17th, 2001
This article was contributed by Raphael Amorim.

Environment: VC6 SP5, 2000 SP1,NT4 SP3

Generally it's very important to obtain the value of session keys. However, the Microsoft Cryptographic Providers (Base and Enhanced) do not support this feature. CryptExportKey() and CryptImportKey() require a valid key handle to encrypt and decrypt the session key, respectively. MSDN shows a way to do this using a "exponent-of-one" private key. But Microsoft's example in MSDN is extremely long and . This way is faster and more comprehensive.

It's ready to run, but you must set the following parameters at Project -> Settings (Visual Studio 6.0 ) :

1.Add in C++/PreProcessor definitions:

_WIN32_WINNT=0x0500, _CRYPT32_(WIN2K)

or _WIN32_WINNT=0x0400, _CRYPT32_(NT4)

2. And Link this library

crypt32.lib 

#include <windows.h>
#include <wincrypt.h>
#include <stdio.h>

#define KEY_PAIR_SIZE     dwSize - 12
#define SESSION_KEY_SIZE  dwKeyMaterial

void main()
{
  
   HCRYPTPROV hProv = 0;
   HCRYPTKEY hExchangeKeyPair = 0;
   HCRYPTKEY hSessionKey = 0;
   BYTE *pbKeyMaterial  = NULL;
   DWORD dwKeyMaterial ;   
   BYTE *pbExportedKeyBlob = NULL;
   BYTE *pbEncryptedKey    = NULL;
   DWORD dwSize;
   unsigned int c;
      
   __try
   {
	  
    if (!CryptAcquireContext( &hProv, 
                              "Container Name", 
                              MS_ENHANCED_PROV , 
                              PROV_RSA_FULL, 
                              CRYPT_MACHINE_KEYSET ))
    {
      __leave;
    }
  
    //---------------------------------------------------
    //Creating a session key. In this sample we'll use a 
    //3DES key with 168 bits

    if (!CryptGenKey( hProv, CALG_3DES, 
                      CRYPT_EXPORTABLE, &hSessionKey ))
    {
      __leave;
    }

    //---------------------------------------------------
    //Getting a handle to the Exchange Key pair
		        
    if (!CryptGetUserKey( hProv, AT_KEYEXCHANGE, &hExchangeKeyPair))
    {
      __leave;
    }

    //--------------------------------------------------------
    //Encrypting the session key with the public key part
    //of the keypair first call gets the size necessary to 
    //hold the encrypted session key and the second exports it.
		
    if (!CryptExportKey( hSessionKey, 
                         hExchangeKeyPair, 
                         SIMPLEBLOB, 
                         0, 
                         NULL, 
                         &dwSize))
    {
      __leave;
    }

    pbExportedKeyBlob = new BYTE[dwSize];

    if (!CryptExportKey( hSessionKey, 
                         hExchangeKeyPair, 
                         SIMPLEBLOB, 
                         0, 
                         pbExportedKeyBlob,  
                         &dwSize))
    {
      __leave;
    }
  
    //--------------------------------------------------------
    //Let's  remove the first 12 bytes of  Blob information 
		
    pbEncryptedKey  =  new BYTE [KEY_PAIR_SIZE];  
		
    for ( c = 0 ; c < KEY_PAIR_SIZE ; c++ )
    {
      pbEncryptedKey[c] =  pbExportedKeyBlob[c+12]; 
    }
		
    //--------------------------------------------------------
    //Now it's time to get the value of the session key, we'll
    //use the private part of the key pair. 
		
    if (!CryptDecrypt( hExchangeKeyPair, 0, 
                       TRUE, 0,  
                       pbEncryptedKey, &dwKeyMaterial))
    {
      __leave;
    }
		
    //-------------------------------------------------------
    //The pbKeyMaterial is the value of the key
		
    pbKeyMaterial = new BYTE[ SESSION_KEY_SIZE ];
		
    for	( c = 0; c <  SESSION_KEY_SIZE ; c++ )
    {
      pbKeyMaterial[c] = pbEncryptedKey[c];
    }
   
   }
   __finally
   {
      if (pbKeyMaterial ) LocalFree(pbKeyMaterial );
      if (hSessionKey) CryptDestroyKey(hSessionKey);
      if (hExchangeKeyPair) CryptDestroyKey(hExchangeKeyPair);
      if (hProv) 
      {  
         CryptReleaseContext(hProv, 0);
      }
   
   }

} // End Main

Downloads

Download demo project - 7 Kb

IT Offers

Comments

  • I can't run the sample

    Posted by mlubino on 06/01/2005 06:13am

    Hi, I'm having some problems in running your example. I have a machine with windows XP installed and internet explorer 6.0 sp2 as browser. When I try to run the the sample it blocks at the instruction: if (!CryptGetUserKey( hProv, AT_KEYEXCHANGE, &hExchangeKeyPair)) { __leave; } leaving the execution. Can you give me any advice to solve that problem? Thank you for your help.

    Reply

  • RE: Example doesn't work

    Posted by Legacy on 08/26/2003 12:00am

    Originally posted by: Raphael Amorim

    The example works. The CryptAcquireContext() doesn't work when you assign MS_ENHANCED_PROV because you probably don't have the high encryption pack installed in your machine. Download it at:

    http://www.microsoft.com/windows/ie/downloads/recommended/128bit/default.asp

    There is no problem with encryption/decryption operations with key pairs, they're fully supported by this new version of CryptoApi.

    Thank you Alexey for the feedback and sorry for the late answer.

    Best regards.

    Raphael Amorim

    Reply

  • How to import the blob

    Posted by Legacy on 04/15/2003 12:00am

    Originally posted by: Deli Shen 

    This way is more comprehensible than the component-of-one

    method in MSDN, but how to import the session key?

    Do we have to encrypt the blob then import? Could not 

    get the import work.  Help will be appreciated.

    Reply

  • In what manner we can import these session keys

    Posted by Legacy on 11/06/2002 12:00am

    Originally posted by: Rakesh

    Can you please provide the code for importing these session keys to get the appropriate key handle.

    Reply

  • Example seems not to be working with Nt4 Base provider

    Posted by Legacy on 10/01/2002 12:00am

    Originally posted by: Vladimir

    Example seems not be working with Nt4 Base provider,
    CryptDecrypt() fails with NTE_BAD_KEY.
    It works perfectly in Win2K environment.

    Reply

  • Example doesn't work

    Posted by Legacy on 12/20/2001 12:00am

    Originally posted by: Alexey 

    1. CryptAcquireContext() doesn't work when I assign MS_ENHANCED_PROV.


    2. There is a problem with decryption of the key blob (CryptDecrypt() method).

    It seems that encryption/descryption operations with key pairs are not supported by CryptDecrypt/CryptEncrypt methods.


    Could you please explain what is a problem?


    Thank you in advance,

    Alexey.

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Go Deeper

Most Popular Programming Stories

  • There have been no articles posted today.

More for Developers

Latest Developer Headlines

RSS Feeds