Encrypting and decrypting a file

Ransomware has been one of the most popular malware to spread out globally. Its core element is being able to encrypt files.

In these encrypt and decrypt programs, we are going to learn about some of the basic APIs used in encryption and decryption.  

The API used to encrypt is CryptEncrypt, while CryptDecrypt is used for decryption. However, these APIs require at least a handle to the encryption key. To obtain the handle to the encryption key, a handle to the Cryptographic Service Provider (CSP) is required. In essence, before calling CryptEncrypt or CryptDecrypt, calling a couple of APIs is required to set up the algorithm that will be used.

In our program, CryptAcquireContextA is used to get a CryptoAPI ...

Get Mastering Reverse Engineering now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.