HOWTO: Obtain the plain text session key using CryptoAPI


This article was contributed by Raphael Amorim.

Environment: VC6 SP5, 2000 SP1,NT4 SP3

Generally it's very important to obtain the value of session keys. However, the Microsoft Cryptographic Providers (Base and Enhanced) do not support this feature. CryptExportKey() and CryptImportKey() require a valid key handle to encrypt and decrypt the session key, respectively. MSDN shows a way to do this using a "exponent-of-one" private key. But Microsoft's example in MSDN is extremely long and . This way is faster and more comprehensive.

It's ready to run, but you must set the following parameters at Project -> Settings (Visual Studio 6.0 ) :

1.Add in C++/PreProcessor definitions:

_WIN32_WINNT=0x0500, _CRYPT32_(WIN2K)

or _WIN32_WINNT=0x0400, _CRYPT32_(NT4)

2. And Link this library

crypt32.lib

#include <windows.h>
#include <wincrypt.h>
#include <stdio.h>

#define KEY_PAIR_SIZE     dwSize - 12
#define SESSION_KEY_SIZE  dwKeyMaterial

void main()
{
  
   HCRYPTPROV hProv = 0;
   HCRYPTKEY hExchangeKeyPair = 0;
   HCRYPTKEY hSessionKey = 0;
   BYTE *pbKeyMaterial  = NULL;
   DWORD dwKeyMaterial ;   
   BYTE *pbExportedKeyBlob = NULL;
   BYTE *pbEncryptedKey    = NULL;
   DWORD dwSize;
   unsigned int c;
      
   __try
   {
	  
    if (!CryptAcquireContext( &hProv, 
                              "Container Name", 
                              MS_ENHANCED_PROV , 
                              PROV_RSA_FULL, 
                              CRYPT_MACHINE_KEYSET ))
    {
      __leave;
    }
  
    //---------------------------------------------------
    //Creating a session key. In this sample we'll use a 
    //3DES key with 168 bits

    if (!CryptGenKey( hProv, CALG_3DES, 
                      CRYPT_EXPORTABLE, &hSessionKey ))
    {
      __leave;
    }

    //---------------------------------------------------
    //Getting a handle to the Exchange Key pair
		        
    if (!CryptGetUserKey( hProv, AT_KEYEXCHANGE, &hExchangeKeyPair))
    {
      __leave;
    }

    //--------------------------------------------------------
    //Encrypting the session key with the public key part
    //of the keypair first call gets the size necessary to 
    //hold the encrypted session key and the second exports it.
		
    if (!CryptExportKey( hSessionKey, 
                         hExchangeKeyPair, 
                         SIMPLEBLOB, 
                         0, 
                         NULL, 
                         &dwSize))
    {
      __leave;
    }

    pbExportedKeyBlob = new BYTE[dwSize];

    if (!CryptExportKey( hSessionKey, 
                         hExchangeKeyPair, 
                         SIMPLEBLOB, 
                         0, 
                         pbExportedKeyBlob,  
                         &dwSize))
    {
      __leave;
    }
  
    //--------------------------------------------------------
    //Let's  remove the first 12 bytes of  Blob information 
		
    pbEncryptedKey  =  new BYTE [KEY_PAIR_SIZE];  
		
    for ( c = 0 ; c < KEY_PAIR_SIZE ; c++ )
    {
      pbEncryptedKey[c] =  pbExportedKeyBlob[c+12]; 
    }
		
    //--------------------------------------------------------
    //Now it's time to get the value of the session key, we'll
    //use the private part of the key pair. 
		
    if (!CryptDecrypt( hExchangeKeyPair, 0, 
                       TRUE, 0,  
                       pbEncryptedKey, &dwKeyMaterial))
    {
      __leave;
    }
		
    //-------------------------------------------------------
    //The pbKeyMaterial is the value of the key
		
    pbKeyMaterial = new BYTE[ SESSION_KEY_SIZE ];
		
    for	( c = 0; c <  SESSION_KEY_SIZE ; c++ )
    {
      pbKeyMaterial[c] = pbEncryptedKey[c];
    }
   
   }
   __finally
   {
      if (pbKeyMaterial ) LocalFree(pbKeyMaterial );
      if (hSessionKey) CryptDestroyKey(hSessionKey);
      if (hExchangeKeyPair) CryptDestroyKey(hExchangeKeyPair);
      if (hProv) 
      {  
         CryptReleaseContext(hProv, 0);
      }
   
   }

} // End Main

Downloads

Download demo project - 7 Kb


Comments

  • I can't run the sample

    Posted by mlubino on 06/01/2005 06:13am

    Hi, I'm having some problems in running your example. I have a machine with windows XP installed and internet explorer 6.0 sp2 as browser. When I try to run the the sample it blocks at the instruction: if (!CryptGetUserKey( hProv, AT_KEYEXCHANGE, &hExchangeKeyPair)) { __leave; } leaving the execution. Can you give me any advice to solve that problem? Thank you for your help.

    Reply
  • RE: Example doesn't work

    Posted by Legacy on 08/26/2003 12:00am

    Originally posted by: Raphael Amorim

    The example works. The CryptAcquireContext() doesn't work when you assign MS_ENHANCED_PROV because you probably don't have the high encryption pack installed in your machine. Download it at:

    http://www.microsoft.com/windows/ie/downloads/recommended/128bit/default.asp

    There is no problem with encryption/decryption operations with key pairs, they're fully supported by this new version of CryptoApi.

    Thank you Alexey for the feedback and sorry for the late answer.

    Best regards.

    Raphael Amorim

    Reply
  • How to import the blob

    Posted by Legacy on 04/15/2003 12:00am

    Originally posted by: Deli Shen

    This way is more comprehensible than the component-of-one
    
    method in MSDN, but how to import the session key?
    Do we have to encrypt the blob then import? Could not
    get the import work. Help will be appreciated.

    Reply
  • In what manner we can import these session keys

    Posted by Legacy on 11/06/2002 12:00am

    Originally posted by: Rakesh

    Can you please provide the code for importing these session keys to get the appropriate key handle.

    Reply
  • Example seems not to be working with Nt4 Base provider

    Posted by Legacy on 10/01/2002 12:00am

    Originally posted by: Vladimir

    Example seems not be working with Nt4 Base provider,
    CryptDecrypt() fails with NTE_BAD_KEY.
    It works perfectly in Win2K environment.

    Reply
  • Example doesn't work

    Posted by Legacy on 12/20/2001 12:00am

    Originally posted by: Alexey

    1. CryptAcquireContext() doesn't work when I assign MS_ENHANCED_PROV.
    
    

    2. There is a problem with decryption of the key blob (CryptDecrypt() method).
    It seems that encryption/descryption operations with key pairs are not supported by CryptDecrypt/CryptEncrypt methods.

    Could you please explain what is a problem?

    Thank you in advance,
    Alexey.

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Today's agile organizations pose operations teams with a tremendous challenge: to deploy new releases to production immediately after development and testing is completed. To ensure that applications are deployed successfully, an automatic and transparent process is required. We refer to this process as Zero Touch Deployment™. This white paper reviews two approaches to Zero Touch Deployment--a script-based solution and a release automation platform. The article discusses how each can solve the key …

  • On-demand Event Event Date: December 18, 2014 The Internet of Things (IoT) incorporates physical devices into business processes using predictive analytics. While it relies heavily on existing Internet technologies, it differs by including physical devices, specialized protocols, physical analytics, and a unique partner network. To capture the real business value of IoT, the industry must move beyond customized projects to general patterns and platforms. Check out this webcast and join industry experts as …

Most Popular Programming Stories

More for Developers

RSS Feeds