The CRYPT_ENCRYPT_MESSAGE_PARA structure is used for encrypting messages.
typedef struct _CRYPT_ENCRYPT_MESSAGE_PARA {
DWORD cbSize;
DWORD dwMsgEncodingType;
HCRYPTPROV hCryptProv;
CRYPT_ALGORITHM_IDENTIFIER ContentEncryptionAlgorithm;
void *pvEncryptionAuxInfo;
DWORD dwFlags;
DWORD dwInnerContentType;
} CRYPT_ENCRYPT_MESSAGE_PARA, *PCRYPT_ENCRYPT_MESSAGE_PARA;
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING
However, it is required only to specify the message encoding here. Currently defined encoding types are shown in the following table.
Encoding type | Value |
---|---|
X509_ASN_ENCODING | 0x00000001 |
PKCS_7_ASN_ENCODING | 0x00010000 |
Unless there is a strong reason for passing in a specific cryptographic provider in hCryptProv, zero should be passed in. Passing in zero causes the default RSA or DSS provider to be acquired before doing hash, signature verification or recipient encryption operations.
The following encryption algorithms require that the ContentEncryptionAlgorithm's Parameters contain an encoded 8 byte Initialization Vector (IV) (see CryptSetKeyParam for more information about the KP_IV parameter).
szOID_OIWSEC_desCBC (CALG_DES)
szOID_RSA_DES_EDE3_CBC (CALG_3DES)
szOID_RSA_RC4 (CALG_RC4)
If the ContentEncryptionAlgorithm.Parameters.cbData = 0, then, an ASN.1 encoded OCTET STRING containing the IV is automatically generated. The IV is created using CryptGenRandom.
Note, when a message is decrypted, if it has an Initialization Vector parameter, the cryptographic message functions will call CryptSetKeyParam with the Initialization Vector before doing the decrypt.
The szOID_RSA_RC2CBC(CALG_RC2) algorithm requires the Parameters to be encoded as a CRYPT_RC2_CBC_PARAMETERS data structure. If the ContentEncryptionAlgorithm.Parameters.cbData = 0, then, an ASN.1 encoded CRYPT_RC2_CBC_PARAMETERS containing the IV is automatically generated. It defaults to the dwVersion corresponding to the 40 bit length. To override the default 40 bit length, the pvEncryptionAuxInfo member can be updated to point to a CMSG_RC2_AUX_INFO data structure which contains the bit length.
CRYPT_ALGORITHM_IDENTIFIER, CryptEncryptMessage, CryptSignAndEncryptMessage