|
Overview |
|
|
|
Group |
|
|
|
Quick Info
Windows NT
| Yes
| Win95
| OSR2
| Win32s
| No
| Import Library
| advapi32.lib
| Header File
| wincrypt.h
| Unicode
| WinNT
| Platform Notes
| None
|
|
|
CryptDecrypt
[New - Windows NT]
[New - Windows 95, OEM Service Release 2]
The
CryptDecrypt function is used to decrypt data that was previously encrypted via the
CryptEncrypt function.
BOOL CRYPTFUNC CryptDecrypt(
HCRYPTKEY hKey,
|
|
HCRYPTHASH hHash,
|
|
BOOL Final,
|
|
DWORD dwFlags,
|
|
BYTE *pbData,
|
|
DWORD *pdwDataLen
|
|
);
|
|
Parameters
hKey
[in] A handle to the key to use for the decryption. An application obtains
this handle by using either the
CryptGenKey or
CryptImportKey function.
This key specifies the decryption algorithm that is used.
hHash
[in] A handle to a hash object. This parameter is only used if a hash of the
data is to be computed. See the "Remarks" section for more information.
If no hash is to be done, this parameter must be zero.
Final
[in] The Boolean value that specifies whether this is the last section in a
series being decrypted. This will be TRUE if this is the last or only block. If
it is not, then it will be FALSE. See the "Remarks" section for more information.
dwFlags
[in] The flag values. This parameter is reserved for future use and should
always be zero.
pbData
[in/out] The buffer holding the data to be decrypted. Once that decryption has
been performed, the plaintext is placed back in this same buffer.
The number of encrypted bytes in this buffer is specified by
pdwDataLen.
pdwDataLen
[in/out] The address of the data length. Before calling this function, the
caller should set this parameter to the number of bytes to be decrypted. Upon
return, this address will contain the number of bytes of plaintext generated.
When a block cipher is used, this data length must be a multiple of the block
size, unless this is the final section of data to be decrypted and the
Final flag is TRUE.
Remarks
If data is to be decrypted and hashed simultaneously, a handle to a hash
object can be passed in the
hHash parameter. The hash value will be updated with the decrypted plaintext. This
option is useful when simultaneously decrypting and verifying a signature.
Prior to calling
CryptDecrypt, the application should obtain a handle to the hash object by calling the
CryptCreateHash function. Once the decryption is complete, the hash value can be obtained
(through
CryptGetHashParam) or it can be signed (through
CryptSignHash), or it can be used to verify a digital signature (through
CryptVerifySignature).
When a large amount of data needs to be decrypted, it can be done in sections.
This is done by calling
CryptDecrypt repeatedly. The
Final parameter should be set to TRUE only on the last invocation of
CryptDecrypt, so the decryption engine can properly finish the decryption process. The
following extra actions are performed when
Final is TRUE:
- If the key is a block cipher key, the data will be padded to a multiple of the
block size of the cipher. To find the block size of a cipher, use CryptGetKeyParam to get the KP_BLOCKLEN parameter of the key.
- If the cipher is operating in a chaining mode, the next CryptDecrypt operation will reset the cipher's feedback register to the KP_IV value of the
key.
- If the cipher is a stream cipher, the next CryptDecrypt call will reset the cipher to its initial state.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To retrieve extended error
information, use the
GetLastError function.
The following table lists the error codes most commonly returned by the
GetLastError function. The error codes prefaced by "NTE" are generated by the particular
CSP you are using.
Error
| Description
|
ERROR_INVALID_HANDLE
| One of the parameters specifies an invalid handle.
|
ERROR_INVALID_PARAMETER
| One of the parameters contains an invalid value. This is most often an illegal
pointer.
|
NTE_BAD_ALGID
| The hKey session key specifies an algorithm that this CSP does not support.
|
NTE_BAD_DATA
| The data to be decrypted is invalid. For example, when a block cipher is used
and the Final flag FALSE, the value specified by pdwDataLen must be a multiple of the block size. This error can also be returned when
the padding is found to be invalid.
|
NTE_BAD_FLAGS
| The dwFlags parameter is nonzero.
|
NTE_BAD_HASH
| The hHash parameter contains an invalid handle.
|
NTE_BAD_KEY
| The hKey parameter does not contain a valid handle to a key.
|
NTE_BAD_LEN
| The size of the output buffer is too small to hold the generated plaintext.
|
NTE_BAD_UID
| The CSP context that was specified when the key was created cannot be found.
|
NTE_DOUBLE_ENCRYPT
| The application attempted to decrypt the same data twice.
|
NTE_FAIL
| The function failed in some unexpected way.
|
Example
See "Decryption Example" in the section
Encrypting and Decrypting Data.
See Also
CryptCreateHash,
CryptEncrypt,
CryptGenKey,
CryptGetKeyParam,
CryptGetHashParam,
CryptImportKey,
CryptSignHash,
CryptVerifySignature
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
