More Crypto API

This week I finished my college course on Java programming. I am hoping this will free up some time to get back to my Black Hat projects. Specifically I have some ideas about the Windows Task Manager control which I have previously written about. I may be posting a new program to enable and disable Task Manager silently. However for now I thought I would talk some more about the Windows Crypto API.

I have written at length regarding Crypto API details that I have reverse engineered by browsing the C header files provided by Microsoft. In addition, I discovered some Crypto API documentation in the Microsoft Developer Network web site. So without further ado, let’s get into some Crypto API details.

The Crypto API supports PKCS #7. Recall that this is a standard published by RSA Laboratories, a division of RSA Data Securities. PKCS #7 covers cryptographic message syntax (CMS) structures. Going back to terminology, a digest is the result of applying a hash to data. The digest is sometimes called the hash itself.

Although “message” is a generic term, it has a more specific meaning within the Crypto API and security. A message is data that has already been encoded. Normally this data has been signed. It includes a certificate.

One goal of the Crypto API are to provide simplified message functions. The functions are very high level. They in turn wrap many lower level messages. They shorten the code required to accomplish security purposes.

Finally I want to define some file extensions used by the Crypto API. The “.cat” files are those with a digital thumbprint. And a “.stl” is a file with a certificate trust list. On that note, I may provide another Crypto API post in the future which covers certificate services. For now I bid you a good day.