RE: CryptoAPI - How can I use ECB cipher mode with RSA?

From: Robert Fox (RobertFox_at_discussions.microsoft.com)
Date: 09/07/04


Date: Tue, 7 Sep 2004 10:39:07 -0700

It was a java toolkit, I am not exactly sure which one, I know about the
little vs big endian issue, so I tried reversing the raw encrypted session
key before trying to import it.

 I had to do the same thing for verifying the signature, which I was able to
do, but not able to handle decrypting the session key.

"lelteto" wrote:

> NTE_BAD_VER is probably caused by invalid input data. You don't tell how you
> got the session key from the other party (ie. who encrypted it with the
> public key). Is the other side also CAPI? If not you need to convert the
> session key data into CAPI BLOB (and, most probably, reverse the byte order).
>
> Laszlo Elteto
> SafeNet, Inc.
>
> "Robert Fox" wrote:
>
> > Ok... I get all of this... what I do not get is when I decrypt a session key,
> > I get a NTE_BAD_VER error...
> >
> > it works when I generated and encrypted the session key, but not when my TP
> > sends it to me.
> >
> > Here the basic code:
> >
> > HCRYPTPROV hProv = pProvider->GetCryptProv();
> >
> > if (!CryptAcquireCertificatePrivateKey(cert.GetHandle(),
> > CRYPT_ACQUIRE_CACHE_FLAG, NULL,
> > &hProv, &dwKeySpec, &bCallerFreeProv))
> > {
> > CString strError = "";
> > getLastSecurityError(&hr, strError);
> > LogDiag(LOG_ERR, ECSMSG_PLAIN, "DecryptSessionKey: Failed to get private
> > key to sign data with: %s", strError);
> >
> > return S_OK;
> > }
> >
> > //decrypt sessionkey
> > HCRYPTKEY hPrivKey = 0;
> > if (!CryptGetUserKey(hProv, dwKeySpec, &hPrivKey))
> > {
> > CString strError = "";
> > getLastSecurityError(&hr, strError);
> > LogDiag(LOG_ERR, ECSMSG_PLAIN, "DecryptSessionKey: Failed to get private
> > key to sign data with: %s", strError);
> > return S_OK;
> > }
> > //this next call fails with NTE_BAD_VER
> > if (!CryptImportKey(hProv, pSessionKey, dwSessionLength, hPrivKey, 0,
> > phSymKey))
> > {
> > delete phSymKey;
> > CString strError = "";
> > getLastSecurityError(&hr, strError);
> > LogDiag(LOG_ERR, ECSMSG_PLAIN, "DecryptSessionKey: Failed to get decrypt
> > session key: %s", strError);
> >
> > if (pByteIV)
> > CryptoFree(pByteIV);
> > return S_OK;
> > }
> >
> > "lelteto" wrote:
> >
> > > RSA does not have cipher modes - only symmetric block ciphers have. You need
> > > to read a bit more about crypto. For you code just don't try to call
> > > CryptSetKeyParam for RSA keys.
> > >
> > > Laszlo Elteto
> > > SafeNet, Inc.
> > >
> > > "Robert Fox" wrote:
> > >
> > > > I am developing a low-level security applictaion and I am required to use
> > > > ECB, not CBC block cipher mode when encrypting/decrypting session keys using
> > > > RSA assymetric keys/algorithm.
> > > >
> > > > When I try and do this via CryptSetKeyParam, it fails with NTE_BAD_KEY
> > > >
> > > > from my research it appears that MS CryptoAPI only supports changing padding
> > > > and cipher modes on a symmetric key, but CBC/PKCS5 is all that is supported
> > > > for
> > > > RSA public/private keys.
> > > >
> > > > Is there a way around this? I am faced with abandoning CryptoAPI completely
> > > > in favor of OpenSSL if I cannot meet my trading partner's requirements.
> > > >
> > > > please email me at robertf@softshare.com