Re: ASN1 bad tag value met on EnvelopedData.Decrypt str
From: Valery Pryamikov (Valery_at_nospam.harper.no)
Date: Fri, 24 Sep 2004 22:28:51 +0200
looks just as RSA encrypted blob (1024 bit). It's not ASN1 DER encodded
data, ie. it's not PKCS7 enveloped data (which is expected by CAPICOM's
EnvelopedData) - no wonder you get ASN1 error. BTW base 64 is encoding (not
encryption). And RSA without padding ... sounds like a really bad idea.
"Kristine" <firstname.lastname@example.org> wrote in message
> Yes, Message contains the following encryption:
> Additionally, I found out that my "provider" is using BouncyCastle to
> encrypt; they wanted me to verify that I was using a RSA/ECB/NoPadding
> Algorithm and Base 64 decryption. I'm not sure how to verify this
> with CAPICOM.
> As a follow up, I did verify that the private key was found by using
> Thanks so much for your help, I do appreciate it!
> "Daniel Sie [MSFT]" <email@example.com> wrote in message
>> Can you dump out Message just before Decrypt to see what the value is?
>> Daniel Sie [MSFT]
>> This posting is provided "AS IS" with no warranties, and confers no
>> "Kristine" <firstname.lastname@example.org> wrote in message
>> > Users are being linked to our site, and the URL passed to us contains
>> > encrypted data (encrypted by JAVA). The site that is passing the URL
>> > to us and encrypting the parameter has my public key/certificate.
>> > When I try to decrypt using CAPICOM the "ASN1 bad tag value met" error
>> > is raised. I checked the decoded text on the ANS1 dump tool and it
>> > did not raise any errors. I've included my code below, if anyone sees
>> > anything wrong with it please let me know (this is the first time I've
>> > implemented the asynchronous/key pair).
>> > Would this error be raised if my private key was not found? Is there
>> > anyway to check that it was found? I did verify that the private key
>> > is associated with the certificate.
>> > Set Store = Server.CreateObject("CAPICOM.Store")
>> > Store.Open CAPICOM_LOCAL_MACHINE_STORE, "MY" ,0
>> > Set Certificates =
>> > Store.Certificates.Find(CAPICOM_CERTIFICATE_FIND_SUBJECT_NAME,
>> > SubjectName)
>> > Response.Write("<br>Certificate found: " & Store.Certificates.Count)
>> > If Store.Certificates.Count > 0 then
>> > Set EnvelopedData = Server.CreateObject("CAPICOM.EnvelopedData")
>> > EnvelopedData.Recipients.Add Store.Certificates(1)
>> > Message = Request.QueryString("query")
>> > Response.write "<p>Encrypt= " & Message
>> > 'EnvelopedData.Decrypt Message <---ERROR HERE
>> > 'str_out = EnvelopedData.Content
>> > 'response.write "<p>Decrypt= " & str_out
>> > Else
>> > response.write "<P>Could not find certificate."
>> > End If