I'm looking at different solutions for windows cryptography, and stumbled across these two libraries. Their header files are Wincrypt.h and Sspi.h. They both seem to provide encryption and decryption routines: CryptEncryptMessage and EncryptMessage, they both provide encryption context handles and are really similar. So what do I use them for?
P.S. Also there is CNG, but that is, as I understood, just a successor to wincrypt, which will soon become deprecated.
According to MSDN, the EncryptMessage function encrypts a message to provide privacy. EncryptMessage allows the application to choose among cryptographic algorithms supported by the chosen mechanism.
This function is available as a SASL mechanism only.
For example, if you want use Microsoft's Security Support Provider Interface (SSPI) in a Windows Domain environment to send encrypted and signed messages between two entities (in C++).Then you can use EncryptMessage .
But CryptEncryptMessage is the CAPI2 PKI encryption API.
Very generically, in absence of context, the
EncryptMessageis meant to encrypt data for some entity for which you have a cert (only uses crypto) and works offline, theCryptEncryptMessagecan only be used between a client and a server after they have established a security context usingInitializeSecurityContext/AcceptSecurityContext.
If you want to learn more, please refer: Difference between CryptEncryptMessage EncryptMessage(Negotiate)