Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The following example shows an encrypted message being received and decrypted.
The example assumes that a SecHandle variable named phContext and a SOCKET structure named s are initialized. For the declarations and initiations of these variables, see Using SSPI with a Windows Sockets Client and Using SSPI with a Windows Sockets Server. This example includes calls to functions in Secur32.lib, which must be included among the link libraries.
SecPkgContext_StreamSizes Sizes;
SECURITY_STATUS scRet;
SecBufferDesc Message;
SecBuffer Buffers[4];
SecBuffer *pDataBuffer;
SecBuffer *pExtraBuffer;
SecBuffer ExtraBuffer;
PBYTE pbIoBuffer;
DWORD cbIoBuffer;
DWORD cbIoBufferLength;
//--------------------------------------------------------------------
// Get stream encryption properties.
scRet = QueryContextAttributes(
phContext,
SECPKG_ATTR_STREAM_SIZES,
&Sizes);
if(scRet != SEC_E_OK)
{
MyHandleError("Error reading SECPKG_ATTR_STREAM_SIZES\n");
}
//--------------------------------------------------------------------
// Allocate a working buffer. The plaintext sent to EncryptMessage
// should never be more than 'Sizes.cbMaximumMessage', so a buffer
// size of this plus the header and trailer sizes should be safe.
cbIoBufferLength = Sizes.cbHeader +
Sizes.cbMaximumMessage +
Sizes.cbTrailer;
pbIoBuffer = LocalAlloc(LMEM_FIXED, cbIoBufferLength);
if(pbIoBuffer == NULL)
{
MyHandleError("Error: Out of memory");
}
//--------------------------------------------------------------------
// Attempt to decrypt the data in the i/o buffer.
Buffers[0].pvBuffer = pbIoBuffer;
Buffers[0].cbBuffer = cbIoBuffer;
Buffers[0].BufferType = SECBUFFER_DATA;
Buffers[1].BufferType = SECBUFFER_EMPTY;
Buffers[2].BufferType = SECBUFFER_EMPTY;
Buffers[3].BufferType = SECBUFFER_EMPTY;
Message.ulVersion = SECBUFFER_VERSION;
Message.cBuffers = 4;
Message.pBuffers = Buffers;
scRet = DecryptMessage(
phContext,
&Message,
0,
NULL);
if(scRet == SEC_E_INCOMPLETE_MESSAGE)
{
//--------------------------------------------------------------------
// The input buffer contains only a fragment of an
// encrypted record. Read some more data from the server
// and then try the decryption again.
continue;
}
if(scRet != SEC_E_OK && scRet != SEC_I_RENEGOTIATE)
{
MyHandleError("Error returned by DecryptMessage");
}
//--------------------------------------------------------------------
// Locate data.
pDataBuffer = NULL;
pExtraBuffer = NULL;
while(!pDataBuffer && i < 4)
{
if(Buffers[i].BufferType == SECBUFFER_DATA)
{
pDataBuffer = &Buffers[i];
}
i++;
}
if(pDataBuffer)
{
//--------------------------------------------------------------------
// Display or otherwise process the decrypted data.
// ...
}