sword="(BYTE*)OLE2A(bstrPassword);</PRE">


取得 Crypto Provider 的句柄。 // Get handle to the default provider.
if (! CryptAcquireContext(&hProv, "aspZoneCryptoComponent\0",
MS_DEF_PROV, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET))
{
if (! CryptAcquireContext(&hProv, "aspZoneCryptoComponent\0",
MS_DEF_PROV, PROV_RSA_FULL, (CRYPT_NEWKEYSET | CRYPT_MACHINE_KEYSET)))
{
dwError = GetLastError();
sprintf(buffer, "Error %x during CryptAcquireContext", dwError);
return Error(buffer);
}
}


从 password 中得到 session key. // Create a hash object.
if ( ! CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
dwError = GetLastError();
sprintf(buffer, "Error %x during CryptCreateHash", dwError);
return Error(buffer);
}

// Hash in the password.
if ( ! CryptHashData(hHash, pbPassword, SysStringLen(bstrPassword), 0)) {
dwError = GetLastError();
sprintf(buffer, "Error %x during CryptHashData", dwError);
return Error(buffer);
}

// Derive a session key from the hash object.
if ( ! CryptDeriveKey(hProv, ENCRYPT_ALGORITHM, hHash, 0, &hKey)) {
dwError = GetLastError();
sprintf(buffer, "Error %x during CryptDeriveKey", dwError);
return Error(buffer);
}

// Destroy hash object.
CryptDestroyHash(hHash);
hHash = 0;


将密文解密到纯文本中。 // Decrypt the Data.
if ( ! CryptDecrypt(hKey, 0, true, 0, pbData, &dwCryptDataLen)) {
dwError = GetLastError();
sprintf(buffer, "Error %x during CryptDecrypt", dwError);
return Error(buffer);
}

//Terminate the string with a null
pbData[dwCryptDataLen] = NULL;


设置返回值，大扫除，然后搞定。 //Place Decrypted data into retval
*bstrPlainText = SysAllocString(A2OLE((const char *)pbData));

// Destroy session key.
if(hKey) CryptDestroyKey(hKey);

// Release provider handle.
if(hProv) CryptReleaseContext(hProv, 0);

return S_OK;
}

原著:讨饭猫
来自:chinaasp.com