Descifrar un mensaje
En el ejemplo siguiente se muestra un mensaje cifrado que se recibe y se descifra.
En el ejemplo se supone que se inicializa una variable SecHandle denominada phContext
y una estructura SOCKET denominada s
. Para conocer las declaraciones e iniciaciones de estas variables, consulte Uso de SSPI con un cliente de Windows Sockets y Uso de SSPI con un servidor de Windows Sockets. En este ejemplo se incluyen llamadas a funciones de Secur32.lib, que deben incluirse entre las bibliotecas de vínculos.
SecPkgContext_StreamSizes Sizes;
SECURITY_STATUS scRet;
SecBufferDesc Message;
SecBuffer Buffers[4];
SecBuffer *pDataBuffer;
SecBuffer *pExtraBuffer;
SecBuffer ExtraBuffer;
PBYTE pbIoBuffer;
DWORD cbIoBuffer;
DWORD cbIoBufferLength;
//--------------------------------------------------------------------
// Get stream encryption properties.
scRet = QueryContextAttributes(
phContext,
SECPKG_ATTR_STREAM_SIZES,
&Sizes);
if(scRet != SEC_E_OK)
{
MyHandleError("Error reading SECPKG_ATTR_STREAM_SIZES\n");
}
//--------------------------------------------------------------------
// Allocate a working buffer. The plaintext sent to EncryptMessage
// should never be more than 'Sizes.cbMaximumMessage', so a buffer
// size of this plus the header and trailer sizes should be safe.
cbIoBufferLength = Sizes.cbHeader +
Sizes.cbMaximumMessage +
Sizes.cbTrailer;
pbIoBuffer = LocalAlloc(LMEM_FIXED, cbIoBufferLength);
if(pbIoBuffer == NULL)
{
MyHandleError("Error: Out of memory");
}
//--------------------------------------------------------------------
// Attempt to decrypt the data in the i/o buffer.
Buffers[0].pvBuffer = pbIoBuffer;
Buffers[0].cbBuffer = cbIoBuffer;
Buffers[0].BufferType = SECBUFFER_DATA;
Buffers[1].BufferType = SECBUFFER_EMPTY;
Buffers[2].BufferType = SECBUFFER_EMPTY;
Buffers[3].BufferType = SECBUFFER_EMPTY;
Message.ulVersion = SECBUFFER_VERSION;
Message.cBuffers = 4;
Message.pBuffers = Buffers;
scRet = DecryptMessage(
phContext,
&Message,
0,
NULL);
if(scRet == SEC_E_INCOMPLETE_MESSAGE)
{
//--------------------------------------------------------------------
// The input buffer contains only a fragment of an
// encrypted record. Read some more data from the server
// and then try the decryption again.
continue;
}
if(scRet != SEC_E_OK && scRet != SEC_I_RENEGOTIATE)
{
MyHandleError("Error returned by DecryptMessage");
}
//--------------------------------------------------------------------
// Locate data.
pDataBuffer = NULL;
pExtraBuffer = NULL;
while(!pDataBuffer && i < 4)
{
if(Buffers[i].BufferType == SECBUFFER_DATA)
{
pDataBuffer = &Buffers[i];
}
i++;
}
if(pDataBuffer)
{
//--------------------------------------------------------------------
// Display or otherwise process the decrypted data.
// ...
}