如何解密被CryptProtectData函数冻结的数据？ [英] How to decrypt data which is crypted by CryptProtectData function?

问题描述

我知道CryptProtectData函数crypts数据使用Windows用户的密码，我可以解密它使用CryptUnprotectData函数，当我登录crypter用户，如何可能解密数据只使用密码，而不是登录用户？

$ CryptProtectData使用加密算法，该算法从环境变量（如当前计算机ID和用户凭据）中导出其密钥。这也意味着你需要是加密用户在大多数情况下解密。

但是，有一个小警告，你可以绕过用户凭据进入弥补关键;但最糟糕的是，您可以做的最好的办法是加密可以在同一台计算机上任何用户解密的内容。

如此处，可以将dwFlags设置为CRYPTPROTECT_LOCAL_MACHINE（dwFlags是枚举，您可以简单地将其设置为 uint 0）。
当你在加密的东西上调用CryptUnprotectData时，确保也将dwFlags设置为uint（0），这两个函数将是完全对称的，并且彼此工作良好。我已经亲自试过这个，并可以证明它的工作原理。

是的，这整个需要相同的机器系统真的很烦人，但它是迄今为止安全的方式加密并且确定世界上没有其他计算机可以解密。

希望这有帮助，
Nashwan。

I know that CryptProtectData function crypts data using windows user's password, I can decrypt it using CryptUnprotectData function when I am logged in crypter user, how is possible to decrypt data using only password and not logged in user?

解决方案

CryptProtectData uses an encryption algorithm which derives its key from environment variables such as the current machine ID and user credentials. This also implies that you need to be the encrypting user to decrypt in most cases.

There is a small caveat, however, where you can bypass the user credentials getting into the make up of the key; but sadly the best you can do is encrypt something that can be decrypted by any user on the same machine.

As presented here, you can set the dwFlags to "CRYPTPROTECT_LOCAL_MACHINE" (dwFlags being an enum, you can simply set it to a uint 0). Just be sure to also set dwFlags to uint(0) when you call CryptUnprotectData on your encrypted stuff and the two functions will be perfectly symmetric and work fine with each other. I have personally tried this and can attest that it works.

Yes, this whole needing the same machine system gets really annoying, but it is by far the securest way to encrypt something and be sure no other computer in the world can decrypt it.

Hope this helped, Nashwan.

这篇关于如何解密被CryptProtectData函数冻结的数据？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！