RE: How to find best available encryption for MSOffice apps
- From: lelteto <lelteto@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 28 Nov 2006 08:11:02 -0800
1. Yes, you can select the provider directly in the CryptAcquireContext's
pszProvider parameter. Most of Microsoft's standard providers are always
available on all Windows versions. (see the names in wincrypt.h as
MS_DEF_PROV, MS_STRONG_PROV, etc.)
Note that the Enhanced provider (MS_ENHANCED_PROV) may NOT be available on
all systems - only on those where the 128-bit encryption is installed.
2. For the algo you can either loop through (PP_ENUMALGS_EX) or you can try
to generate a key with the desired algo. If key gen suceeds the algo is
(Since key gen for symmetric keys is nothing more than generating random
bytes it's very fast.) You can simply release the key handle after that.
I am writing a program that updates password protection for various types of.
Office Documents behind the scenes.
I want to offer my users the "most compatible" and "best available"
protection for their PC.
Most compatible basically equals MS Office 97/2000 Encryption
Best available is a little more tricky. I have figured out how to loop
through all of the algorithms provided by one CryptProvider, but is there a
way for me to check for one particular provider and algorithm?
For example, if I want to see if the user has Microsoft Strong Encryption
Provider RC4 algorithm available. Right now I cycle through ALL of the
various Provider Types based on SDK documentation (see very bottom) and ALL
of the algorithms for each provider type until I hit on the right combination
"Microsoft Strong Cryptographic Provider" and "RC4"
Outer loop -
CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_AES, 0);
CryptGetProvParam(hCryptProv, PP_NAME, pbData, &cbData, 0); //provider name
Inner loop -
CryptGetProvParam(hCryptProv, PP_ENUMALGS_EX, (BYTE *) &EnumAlgs,
&cbData, dFlag)) //algorithm name is in EnumAlgs.szName
There HAS to be an easier way!!!
*** From Platform SDK***
There are currently a number of predefined provider types. The next sections
provide information on the following provider types: