Home/ Questions/Q 8657297
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T15:29:18+00:00

I ‘am working on an application that protect files by encrypt it with CryptEncrypt()

  • 0

I ‘am working on an application that protect files by encrypt it with CryptEncrypt() and use a session key, from documentation
I can’t find out what session it’s talking about . Is that means that if some one else takes my encrypted file to another machine (or on the same machine but different user) can not decrypted it even he has the password?

Can any one help me to clarify his point please.

Thanks in advance for your time.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Is that means that if some one else takes my encrypted file to another
    machine (or on the same machine but different user) can not decrypted
    it even he has the password?

    No,

    It’s common to generate the session key for both the encryption and decryption by generating a hash which matches a passphrase:

    // Hash in the password data. 
if(!CryptHashData( m_hHash, (BYTE *) m_strPassphrase.c_str(), (DWORD) m_strPassphrase.length(), 0)) 
{
    //  ...
}

// Derive a session key from the hash object. 
if(!CryptDeriveKey( m_hCryptProv, ENCRYPT_ALGORITHM, m_hHash, KEYLENGTH, &m_hKey))
{ 
    //...
}

    m_hKey can now be used for encryption/decryption.

    CryptEncrypt( m_hKey, NULL, bEOF, 0, m_pBlockBuffer, &dwCount, m_dwBufferLen)

    or ..

    CryptDecrypt( m_hKey, 0, bEOF, 0, m_pBlockBuffer, &dwCount)
    • 0