$ begingroup $ Optional arguments are a maintainability nightmare in libraries as they're implemented as compile-time constants in the calling assembly. Say you have prog.exe using your library lib.dll and you want to replace the 32 with 64 without recompiling prog.exe, this cannot be done. Dec 31, 2014 I was looking for some simple examples of using AES symmetric encryption to encrypt and decrypt data in C#. Though there are some very helpful resources out there, what I needed were basic routines that: - Take clear text and key as byte arrays and return encrypted text as a byte array. The secrets module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets. In particularly, secrets should be used in preference to the default pseudo-random number generator in the random module, which is designed for modelling and simulation, not security or cryptography.
-->hProv
Handle of a cryptographic service provider (CSP) created by a call toCryptAcquireContext.
dwLen
Number of bytes of random data to be generated.
pbBuffer
Buffer to receive the returned data. This buffer must be at least dwLen bytes in length.
Optionally, the application can fill this buffer with data to use as an auxiliary random seed.
If the function succeeds, the return value is nonzero (TRUE).
If the function fails, the return value is zero (FALSE). For extended error information, callGetLastError.
World of warcraft game key generator free. The error codes prefaced by 'NTE' are generated by the particular CSP being used. Some possible error codes are listed in the following table.
Return code | Description |
---|---|
| One of the parameters specifies a handle that is not valid. |
| One of the parameters contains a value that is not valid. This is most often a pointer that is not valid. |
| The hProv parameter does not contain a valid context handle. |
| The function failed in some unexpected way. |
The data produced by this function is cryptographically random. It is far more random than the data generated by the typical random number generator such as the one shipped with your C compiler.
This function is often used to generate random initialization vectors and salt values.
Software random number generators work in fundamentally the same way. They start with a random number, known as the seed, and then use an algorithm to generate a pseudo-random sequence of bits based on it. The most difficult part of this process is to get a seed that is truly random. This is usually based on user input latency, or the jitter from one or more hardware components.
With Microsoft CSPs, CryptGenRandom uses the same random number generator used by other security components. This allows numerous processes to contribute to a system-wide seed. CryptoAPI stores an intermediate random seed with every user. To form the seed for the random number generator, a calling application supplies bits it might have—for instance, mouse or keyboard timing input—that are then combined with both the stored seed and various system data and user data such as the process ID and thread ID, the system clock, the system time, the system counter, memory status, free disk clusters, the hashed user environment block. This result is used to seed the pseudorandom number generator (PRNG). In Windows Vista with Service Pack 1 (SP1) and later, an implementation of the AES counter-mode based PRNG specified in NIST Special Publication 800-90 is used. In Windows Vista, Windows Storage Server 2003, and Windows XP, the PRNG specified in Federal Information Processing Standard (FIPS) 186-2 is used. If an application has access to a good random source, it can fill the pbBuffer buffer with some random data before calling CryptGenRandom. The CSP then uses this data to further randomize its internal seed. It is acceptable to omit the step of initializing the pbBuffer buffer before calling CryptGenRandom.
The following example shows the generation of 8 random bytes. These can be used to create cryptographic keys or for any application that uses random numbers. For an example that includes the complete context for this example, see Example C Program: Duplicating a Session Key.
Dll Files Fixer 3.1.81 License Key allows you to solve all kinds of DLL errors which also include 59 operating systems including Windows 7, Windows XP, Windows Vista and Windows 8.
Minimum supported client | Windows XP [desktop apps only] |
Minimum supported server | Windows Server 2003 [desktop apps only] |
Target Platform | Windows |
Header | wincrypt.h |
Library | Advapi32.lib |
DLL | Advapi32.dll |
[ aws . kms ]
Generates a unique symmetric data key. This operation returns a plaintext copy of the data key and a copy that is encrypted under a customer master key (CMK) that you specify. You can use the plaintext key to encrypt your data outside of AWS KMS and store the encrypted data key with the encrypted data.
To generate a data key, specify the symmetric CMK that will be used to encrypt the data key. You cannot use an asymmetric CMK to generate data keys. To get the type of your CMK, use the DescribeKey operation.
You must also specify the length of the data key. Use either the KeySpec or NumberOfBytes parameters (but not both). For 128-bit and 256-bit data keys, use the KeySpec parameter.
If the operation succeeds, the plaintext copy of the data key is in the Plaintext field of the response, and the encrypted copy of the data key in the CiphertextBlob field.
To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext . To generate an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure random byte string, use GenerateRandom .
You can use the optional encryption context to add additional security to the encryption operation. If you specify an EncryptionContext , you must specify the same encryption context (a case-sensitive exact match) when decrypting the encrypted data key. Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the AWS Key Management Service Developer Guide .
The CMK that you use for this operation must be in a compatible key state. For details, see How Key State Affects Use of a Customer Master Key in the AWS Key Management Service Developer Guide .
We recommend that you use the following pattern to encrypt data locally in your application:
To decrypt data locally:
See also: AWS API Documentation
See 'aws help' for descriptions of global parameters.
--key-id (string)
Identifies the symmetric CMK that encrypts the data key.
To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with 'alias/' . To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.
For example:
To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey . To get the alias name and alias ARN, use ListAliases .
--encryption-context (map)
Specifies the encryption context that will be used when encrypting the data key.
An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.
For more information, see Encryption Context in the AWS Key Management Service Developer Guide .
Shorthand Syntax:
JSON Syntax:
--number-of-bytes (integer)
Specifies the length of the data key in bytes. For example, use the value 64 to generate a 512-bit data key (64 bytes is 512 bits). For 128-bit (16-byte) and 256-bit (32-byte) data keys, use the KeySpec parameter.
You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in every GenerateDataKey request.
--key-spec (string)
Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric key, or AES_256 to generate a 256-bit symmetric key.
You must specify either the KeySpec or the NumberOfBytes parameter (but not both) in every GenerateDataKey request.
Possible values:
--grant-tokens (list)
A list of grant tokens.
For more information, see Grant Tokens in the AWS Key Management Service Developer Guide .
Syntax:
--cli-input-json (string)Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton (string)Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.
See 'aws help' for descriptions of global parameters.
CiphertextBlob -> (blob)
Plaintext -> (blob)
KeyId -> (string)