locked
Using crypto api (NET app/win32 app) RRS feed

  • Question

  •  

    Hello, I'm using the RSACryptoServiceProvider from the .NET framework, and setting a key like this:

    RSAParameters rsaParams = new RSAParameters();

    rsaParams.Modulus = K_MODULUS;

    rsaParams.Exponent = K_PUBLIC_EXPONENT;

    with those constants arrays generated with the crypto api call CryptExportKey from other application (win32 - who also has all the PRIVATEKEYBLOB) and knows the private exponent to do decryption...

    But when I encrypt some chain from .NET and decrypting with an API call to CryptDecrypt from a win32 application the process fail with code:

      { Bad Data. }
      NTE_BAD_DATA = DWORD($80090005);
      {$EXTERNALSYM NTE_BAD_DATA}

     

    So how can I resolve this problem???

     

    Regards,

    M

    Thursday, January 19, 2006 9:21 PM

Answers

  • RSACryptoServiceProvider has this reversing behavior in all versions of the runtime (if we were to change it, it would break people who upgrade).

    If doing a reverse doesn't help, ensure that your padding is the same.  If Windows is using OAEP and RSACryptoServiceProvider is using PKCS (or the opposite), then you'll get this error as well.

    -Shawn

    Tuesday, January 24, 2006 4:36 PM
  • I believe that is because the standardized version of these structures are in big-endian format for compatibility with other systems...

    Monday, November 19, 2007 5:28 PM

All replies

  • The RSACryptoServiceProvider has strange behavior around the EncryptData / DecryptData functions.  In fact, if you examine them you'll find that the output is reversed!  I have more details in my blog entry here:

    http://blogs.msdn.com/shawnfa/archive/2005/12/05/500144.aspx

    -Shawn

    • Unmarked as answer by The Markus Thursday, March 5, 2009 6:33 PM
    Monday, January 23, 2006 11:05 PM
  •  

    Hello, I'm working with the framework v1.1.4322 and doing the reverse of the RSACryptoServiceProvider result as you said but the decryption with CAPI functions doesn't work...

    Maybe I'm doing something wrong or maybe the straight reverse only works for v1.0; Could you help me???

    Regards,
    M

    • Proposed as answer by ronal lee Monday, February 23, 2009 2:55 PM
    Tuesday, January 24, 2006 4:10 PM
  • RSACryptoServiceProvider has this reversing behavior in all versions of the runtime (if we were to change it, it would break people who upgrade).

    If doing a reverse doesn't help, ensure that your padding is the same.  If Windows is using OAEP and RSACryptoServiceProvider is using PKCS (or the opposite), then you'll get this error as well.

    -Shawn

    Tuesday, January 24, 2006 4:36 PM
  •  

    Hi, I tried. I've called CryptDecrypt with dwFlags param = CRYPT_OAEP = 64 and inputing the reverse stream obtained from the RSACryptoServiceProvider (with fOAEP to true) but the bad data result keeps on...

     

    Could I try something else???

     

    Thanks,

    Markus

    Tuesday, January 24, 2006 5:46 PM
  • I believe that is because the standardized version of these structures are in big-endian format for compatibility with other systems...

    Monday, November 19, 2007 5:28 PM