Cannot decrypt (NTE_BAD_DATA)

Cannot decrypt (NTE_BAD_DATA)

Post by Levy » Wed, 11 Oct 2006 18:56:08


his is a multi-part message in MIME format.


Hello,

I am trying to encrypt a block of data using RSA (in a C# webservice on a Win2003 server machine) and then decrypt it (using CryptoAPI from C++ on a WinXP machine). I cannot get it to work, I always get NTE_BAD_DATA.

To encrypt, I do the following:

CspParameters p = new CspParameters(1, "Microsoft Base Cryptographic Provider v1.0", "Container");
p.Flags = CspProviderFlags.UseMachineKeyStore; // Running in a webservice
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(1024,p);
byte[] encrypted_data = rsa.Encrypt(plain_data, false); // PKCS#1 v1.5 padding
byte[] key = rsa.ExportCspBlob(true);
The encrypted data and the private key is transported to the client machine (I do not wish to discuss why, as that's irrelevant to the problem itself), then I should be able to decrypt:

ATLSOAP_BLOB key;
ATLSOAP_BLOB encrypted_data;
HCRYPTPROV hProv = NULL;
HCRYPTKEY hKey = NULL;
DWORD dwError = NO_ERROR;
if( CryptAcquireContext(&hProv,_T("Container"),MS_DEF_PROV,PROV_RSA_FULL,0) &&
CryptImportKey(hProv,key.data,key.size,NULL,0,&hKey) &&
CryptDecrypt(hKey,NULL,TRUE,0,encrypted_data.data,&encrypted_data.size))
{
// success
}
else
dwError = GetLastError();

Can anyone tell me why this does not work? Am I missing anything? I guess there is some problem with the padding or the encrypted data, but I do not know why is that (apparently, I used non-OAEP padding both on the server and the client). I also manually selected the provider, so that I do not have surprises. More ideas, please?

Thanks,
Levente


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.5700.6" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT face=Arial size=2>Hello,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I am trying to encrypt a block of data using RSA
(in a C# webservice on a Win2003 server machine) and then decrypt it (using
CryptoAPI from C++ on a WinXP machine). I cannot get it to work, I always get
NTE_BAD_DATA.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>To encrypt, I do the following:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face="Lucida Console" color=#800000 size=2>CspParameters p = new
CspParameters(1, "Microsoft Base Cryptographic Provider v1.0",
"Container");</FONT></DIV>
<DIV><FONT face="Lucida Console" color=#800000 size=2>p.Flags =
CspProviderFlags.UseMachineKeyStore; // Running in a webservice</FONT></DIV>
<DIV><FONT face="Lucida Console" color=#800000 size=2>RSACryptoServiceProvider
rsa = new RSACryptoServiceProvider(1024,p);</FONT></DIV>
<DIV><FONT face="Lucida Console" color=#800000 size=2>byte[] encrypted_data =
rsa.Encrypt(plain_data, false); // PKCS#1 v1.5 padding</FONT></DIV>
<DIV><FONT face="Lucida Console" color=#800000 size=2>byte[] key =
rsa.ExportCspBlob(true);</FONT></DIV>
<DIV>
<P><FONT face=Aria