# Include <iostream> # include <string> # include "base. H "// provides the base64 transcoding function using namespace STD; # include" cryptlib. H "int main () {cryptinit (); // before calling cryptlib, you must execute init. After calling, you must execute endcryptend (); Return 0 ;} /***** self-signed certificate generated by cryptlib ***/void generatekey () {int * keyset; keyset = (int *) malloc (sizeof (int *)); // keystore context int * cryptcontext; cryptcontext = (int *) malloc (sizeof (int *); // encryption context int * cryptcertificate; cryptcertificate = (int *) m Alloc (sizeof (int *); // certificate context int status = cryptkeysetopen (keyset, crypt_unused, crypt_keyset_file, "d: \ private key file. p15 ", secret); // create a keystore, (crypt_keyopt_create) status = cryptcreatecontext (cryptcontext, crypt_unused, secret); // RSA algorithm key context status = cryptsetattributestring (* cryptcontext, crypt_ctxinfo_label, "test1", 5); // key label status = cryptgeneratekey (* cryptcontext); status = crypt Addprivatekey (* keyset, * cryptcontext, "1234"); // Add the private key status = cryptcreatecert (cryptcertificate, crypt_unused, crypt_certtype_certificate) to the keystore ); // create Certificate Status = cryptsetattribute (* cryptcertificate, crypt_certinfo_xy.pdf, 1 ); // set it to a simple certificate/* Add the public key and certificate owner name and sign the certificate with the private key */status = cryptsetattribute (* cryptcertificate, crypt_certinfo_subjectpublickey Info, * cryptcontext); // certificate Public Key binding status = cryptsetattributestring (* cryptcertificate, certificate, "test1", 5); // certificate cnstatus = cryptsigncert (* cryptcertificate, * cryptcontext); // use the private key to issue the certificate status = cryptaddpublickey (* keyset, * cryptcertificate); // Add the public key status = cryptdestroycert (* cryptcertificate) to the certificate ); status = cryptdestroycontext (* cryptcontext); status = cryptkeysetclose (* keyset);}/*** get the private key from the specified keystore and Signature and verification ***/void signature () {/* access the keystore and obtain the private key */int * keyset; keyset = (int *) malloc (sizeof (int *); int * sigkeycontext; sigkeycontext = (int *) malloc (sizeof (int *); int status = 0; status = cryptkeysetopen (keyset, crypt_unused, crypt_keyset_file, "d: \ private key file. p15 ", crypt_keyopt_readonly); // read the keystore, (crypt_keyopt_readonly) status = cryptgetprivatekey (* keyset, sigkeycontext, crypt_keyid_name," test1 "," 1234 ");// Use tags and protection keys to obtain the private key crypt_context hashcontext; void * signature; int signaturelength; status = cryptcreatecontext (& hashcontext, crypt_unused, crypt_algo_md5 ); // create a hash Context/* Abstract The data */status = cryptencrypt (hashcontext, "1234", 4); status = cryptencrypt (hashcontext, "1234", 0 ); /* allocate space for the signature value */INT signaturemaxlength; cryptcreatesignature (null, 0, & signaturemaxlength, * sigkeycontext, hashcontext); Signature = m Alloc (signaturemaxlength);/* sign the abstract using the private key */status = cryptcreatesignature (signature, signaturemaxlength, & signaturelength, * sigkeycontext, hashcontext); status = cryptdestroycontext (hashcontext ); /* Create hash context */status = cryptcreatecontext (& hashcontext, crypt_unused, crypt_algo_md5);/* digest data */status = cryptencrypt (hashcontext, "1234", 4 ); status = cryptencrypt (hashcontext, "1234", 0);/* use public Key verification signature */status = cryptchecksignature (signature, signaturelength, * sigkeycontext, hashcontext); status = cryptdestroycontext (hashcontext );} /***** export the public key in the specified keystore ***/void exportkey () {/* access the keystore to obtain the Public Key */int * keyset; keyset = (int *) malloc (sizeof (int *); int * sigkeycontext; sigkeycontext = (int *) malloc (sizeof (int *); int status = 0; status = cryptkeysetopen (keyset, crypt_unused, crypt_keyset_file, "d: \ private key F Ile. p15 ", encryption); status = cryptgetpublickey (* keyset, sigkeycontext, encryption," test1 "); // obtain the Public Key crypt_context pubkeycontext, cryptcontext; void * encryptedkey; int encryptedkeylength, encryptedkeymaxlength;/* generate protection key */status = cryptcreatecontext (& cryptcontext, crypt_unused, encrypted); status = cryptgeneratekey (cryptcontext); status = cryptexportkey (null, 0, & encrypted Keymaxlength, * sigkeycontext, cryptcontext); // obtain the public key size encryptedkey = malloc (encrypted); status = cryptexportkey (encryptedkey, encrypted, & encryptedkeylength, * sigkeycontext, cryptcontext ); // export the Public Key cout <(char *) encryptedkey <Endl;}/***** 3DES symmetric encryption ***/void encrypt (string text, string PWD, string IV, byte * result, int * length) {crypt_context context; int status = cryptcreatecontext (& C Ontext, crypt_unused, crypt_algo_3des); status = cryptsetattributestring (context, crypt_ctxinfo_iv, IV. c_str (), IV. size (); // initial vector status = cryptsetattributestring (context, crypt_ctxinfo_key, PWD. c_str (), PWD. size (); // key int keysize; status = cryptgetattribute (context, crypt_ctxinfo_keysize, & keysize); If (text. size () % keysize> 0) {* length = text. size () + keysize-text. size () % keysize;} else {* length = text. si Ze () ;}for (INT I = 0; I <text. size (); I ++) {result [I] = text [I]; // store it in the byte array} status = cryptencrypt (context, result, * length ); // encryption for (INT I = 0; I <* length; I ++) {printf ("% x", result [I]);} status = cryptdestroycontext (context); If (status! = 0) cout <"fail" <Endl;} void decrypt (byte * ENC, int * length, string PWD, string IV) {crypt_context context; int status = cryptcreatecontext (& context, crypt_unused, crypt_algo_3des); status = cryptsetattributestring (context, crypt_ctxinfo_iv, IV. c_str (), IV. size (); status = cryptsetattributestring (context, crypt_ctxinfo_key, PWD. c_str (), PWD. size (); int keysize; status = cryptgetattribute (context, crypt_ctxinfo_keysize, & keysize); status = cryptdecrypt (context, ENC, * length); status = cryptdestroycontext (context );} /*** public key encryption envelope, returns the base64 encoded string */string envelop (string text, string Keyfile) {byte * message; message = new byte [text. size ()]; for (INT I = 0; I <text. size (); I ++) {message [I] = text [I];} int messagelength = text. size ();/* access the keystore and obtain the Public Key */int * keyset; keyset = (int *) malloc (sizeof (int *); int * pubkeycontext; pubkeycontext = (int *) malloc (sizeof (int *); int status = 0; status = cryptkeysetopen (keyset, crypt_unused, crypt_keyset_file, Keyfile. c_str (), encrypted); status = cryptgetpublickey (* keyset, pubkeycontext, crypt_keyid_name, "test1"); cryptenvelope; int bytescopied; status = cryptcreateenvelope, crypt_format_cryptlib);/* Add the Public Key */status = cryptsetattribute (cryptenvelope, crypt_envinfo_publickey, * pubkeycontext);/* Add the data size information and data, wrap up the processing, and pop out the processed data */status = cryptsetattribute (cryptenvelope, encrypted, messagelength); status = cryptpushdata (cryptenvelope, message, messagelength, & encrypted); status = encrypted (cryptenvelope ); byte * envelopeddata; envelopeddata = new byte [1000]; int bytes = 1000; status = cryptpopdata (cryptenvelope, envelopeddata, encrypted, & bytescopied); status = encrypted (cryptenvelope ); string base64result = base64_encode (envelopeddata, bytescopied); cout <base64result <Endl; return base64result;} string develop (string ENV, string Keyfile) {byte * message; string debase = base64_decode (ENV); message = new byte [debase. size ()]; for (INT I = 0; I <debase. size (); I ++) {message [I] = debase [I];} int * privkeycontext; privkeycontext = (int *) malloc (sizeof (int *)); int messagelength = debase. size (); message [messagelength] = '\ 0'; crypt_envelope cryptenvelope; int bytescopied, status;/* access keystore */int * keyset; keyset = (int *) malloc (sizeof (int *); status = cryptkeysetopen (keyset, crypt_unused, crypt_keyset_file, Keyfile. c_str (), encrypted); status = encrypted (* keyset, privkeycontext, crypt_keyid_name, "test1", "1234"); status = cryptcreateenvelope (& cryptenvelope, crypt_unused, crypt_format_auto ); /* push in the enveloped data and the private decryption key required to de-envelope it, and pop out the recovered message */status = cryptpushdata (cryptenvelope, message, messagelength, & bytescopied); status = cryptsetattribute (cryptenvelope, encrypt, * privkeycontext); status = cryptflushdata (cryptenvelope); byte * result; Result = new byte [1000]; int resultlength = 1000; status = cryptpopdata (cryptenvelope, result, resultlength, & bytescopied); status = cryptdestroyenvelope (cryptenvelope); cout <(char *) Result <Endl; string r = string (char *) result); return r;} string exportcert (string Keyfile) {/* access the keystore and obtain the Public Key */int * keyset; keyset = (int *) malloc (sizeof (int *); int * certcontext; certcontext = (int *) malloc (sizeof (int *); int status = 0; status = cryptkeysetopen (keyset, crypt_unused, crypt_keyset_file, Keyfile. c_str (), plaintext); status = cryptgetpublickey (* keyset, certcontext, crypt_keyid_name, "test1"); void * certificate; int certlength; int certmaxlength; status = cryptexportcert (null, 0, & certmaxlength, crypt_certformat_certificate, * certcontext);/* allocate memory for the encoded certificate */certificate = malloc (certmaxlength ); /* export the encoded certificate from the certificate object */status = cryptexportcert (certificate, certmaxlength, & certlength, percent, * certcontext); unsigned char * certchar = (unsigned char *) certificate; certchar [certlength] = '\ 0'; string cert_base64 = base64_encode (certchar, certlength); Return cert_base64;} void importcert (string cert_base64) {crypt_certificate cryptcertificate; int status; string certstr = base64_decode (cert_base64);/* import the certificate object from the encoded certificate */byte * Cert; int certlength = certstr. size (); Cert = new byte [certlength]; for (INT I = 0; I <certlength; I ++) {Cert [I] = certstr [I];} CERT [certlength] = '\ 0'; status = cryptimportcert (CERT, certlength, crypt_unused, & cryptcertificate );}