加密，签名，验证和解密加密

发布于 2025-02-02 18:56:42 字数 438 浏览 3 评论 0原文

我正在使用win32加密加密来加密并签署消息，然后验证签名并解密消息。

每件事都很好，直到我意识到CryptSignHash（）将从我的数据中签署计算出的哈希并生成签名。意思是，在另一侧（收件人侧），收件人将需要接收签名和密码（分开），这是我不想要的。

我想将签名与一个单个容器中的加密消息结合在一起，然后将其全部发送在一起，然后收件人能够验证和解密。

我使用API的顺序如下：

CryptAcquireContext()
CryptGenKey()
CryptExportKey()
CryptImportKey()
CryptEncrypt()
CryptCreateHash()
CryptHashData()
CryptSignHash()
CryptVerifySignature()
CryptDecrypt()

有没有使用证书存储的方法？

原文

I'm using win32 cryptoAPIs to encrypt and sign a message then verify a signature and decrypt the message.

every thing worked fine until I realized that the cryptSignHash() will sign the calculated hash from my data and generate a signature. Meaning, on the other side (the recipient side) the recipient will need to receive the signature and the cipher msg (separated), which is something I don't want.

I want to combine the signature with the encrypted message in one single container and send it all together and then the recipient will be able to verify and decrypt it.

my order of using the APIs was as the following:

CryptAcquireContext()
CryptGenKey()
CryptExportKey()
CryptImportKey()
CryptEncrypt()
CryptCreateHash()
CryptHashData()
CryptSignHash()
CryptVerifySignature()
CryptDecrypt()

Is there a way without using the certificate stores?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

想挽留 2025-02-09 18:56:42

我认为您从根本上误解了这个过程应该如何工作。在您呈现的特定情况下（将哈希签名和加密消息发送给收件人）也需要包括您的公钥。

收件人将使用您的公钥来解密哈希签名，并验证它是否与加密消息的哈希相匹配。这就是收件人可以用这些信息来完成的，即验证加密消息是否有效，并源自您。

收件人将无法解密加密的消息，因为他没有用于加密的私钥！

通常，该消息应使用对称密钥算法（例如AES）加密。签名和验证是通过不对称的私人/公钥算法（例如RSA）完成的。

例如，您的方案可以按以下方式扩展：

您将消息加密AES，但您的收件人需要密码来解密该消息，并且您需要以安全的方式将其发送给他。
您的收件人需要向您发送他的公共RSA密钥。
您将使用收件人的公共RSA密钥加密AES密码。
您可以使用私有RSA密钥签署加密消息和加密AES密码。
您将公共RSA密钥与已签名的加密消息，已签名的加密AES密码及其各自的加密签名一起发送给收件人。
您的收件人现在能够使用您发送的公共RSA密钥验证这两个签名。
如果签名有效，则您的收件人可以使用其私有RSA密钥解密加密的AES密码。
最后，您的收件人能够使用现在解密的AES密码解密加密的消息。

如您所见，这是一个相当复杂的过程。可以以某种方式简化较短的消息。如果消息短于RSA密钥的长度，则可以跳过AES加密并使用收件人的公共RSA密钥来加密整个消息，但是在现实世界中，情况通常不是这种情况。

I think you fundamentally misunderstood how this process is supposed to work. In your particular scenario that you presented (sending the hash signature and the encrypted message to your recipient) you will also need to include your public key as well.

The recipient will use your public key to decrypt the hash signature and verify if it matches the hash of the encrypted message. That is all the recipient can do with this information, namely verify that the encrypted message is valid and originates from you.

The recipient will not be able to decrypt the encrypted message because he doesn't have your private key that was used to encrypt it!

Usually the message should be encrypted with a symmetric key algorithm (such as AES). The signing and verifying is done with an asymmetric private/public key algorithm (such as RSA).

For example, your scenario could be expanded as follows:

You encrypt the message with AES but your recipient needs the password to decrypt it and you need to send it to him somehow in a secure way.
Your recipient needs to send you his public RSA key.
You encrypt the AES password with your recipient's public RSA key.
You sign both the encrypted message and the encrypted AES password with your private RSA key.
You send your public RSA key to your recipient along with the signed encrypted message, the signed encrypted AES password and their respective encrypted signatures.
Your recipient is now able to verify both signatures with your public RSA key that you sent him.
If the signatures are valid then your recipient can decrypt the encrypted AES password with his private RSA key.
Finally your recipient is able to decrypt the encrypted message with the now decrypted AES password.

As you can see this is a rather complicated process. It can be simplified somehow for shorter messages. If the message is shorter than the length of the RSA key then you can skip the AES encryption and use your recipient's public RSA key to encrypt the whole message but in real world this isn't usually the case.

回复收藏 0 原文

~没有更多了~