RE: Decryption using private key from cert store failing with err

From: scott (sjumsdn_at_newsgroup.nospam)
Date: 02/23/05

  • Next message: Rhett Gong [MSFT]: "RE: Decryption using private key from cert store failing with err" 
    Date: Wed, 23 Feb 2005 14:31:01 -0800

    The reason we need to do a decrypt(private)/encrypt(public) is that that is
    part of the SSL standard. It decrypts with the private key and then the
    other side encrypts with the public key.

    Ignoring the issue of our need for a decrypt/encrypt as opposed to an
    encrypt/decrypt for the moment, we still have the issue of the cryptencrypt
    call taking 117 bytes as input and generating 128 bytes as output. What are
    the extra 11 bytes? They cannot just be padding, it appears to us that they
    contain information that is used by the cryptdecrypt call. This appears to
    make the MS cryptoapi unable to interoperate with the crypto libraries we are
    using on other platforms. The other libraries encrypt/decrypt calls do not
    change the number of bytes in the buffer.

    "Rhett Gong [MSFT]" wrote:

    > Hi Scott,
    > I afraid I can't make sure what you are trying to do there.
    > If you use sha1/md5, to successfully do the decrypt, we must have an
    > invalid cryptograph to decrypt, otherwise we will get invalid data
    > returned.
    > In addition, I guess you may want to decrypt "AAA..." to a unknown text,
    > and send it to server, server does the encryption and get "AAA..."
    > returned. If this is the case, I can't think any reason to use it in this
    > way instead of calling encrypt then decrypt, it should give you the same
    > result and process.
    >
    > And if there is any misunderstanding, please post more details on your
    > scenario here so that I get fully understand your problem.
    >
    >
    > Thanks,
    > Rhett Gong [MSFT]
    > Microsoft Online Partner Support
    > Get Secure! - www.microsoft.com/security
    >
    > This posting is provided "AS IS" with no warranties and confers no rights.
    >
    >

  • Next message: Rhett Gong [MSFT]: "RE: Decryption using private key from cert store failing with err"

    Relevant Pages

    • RE: RSACrypto.. - can I reuse the private key and more..?
      ... -Create RSACryptoServiceProvide with the same params for the CSP as above ... And it works - now the 2 machines use the same private key ... > 2) Is it possible to encrypt/decrypt using a key pair created by sn.exe> tool? ... I also> realized that there is also a problem when trying to decrypt with a private> key created by sn tool - an exception occurs - I have used thr right> container name and tried to decrypt info which has been encrypted with the> public key) ...
      (microsoft.public.dotnet.security)
    • Re: Encrypt/Decrypt Files
      ... I'm having problem with my simple encrypt/decrypt program. ... of my program is to encrypt a text file into a binary file ... What is 'sTmpString' pointing to? ... use this instead of the previous line, it will encrypt and decrypt ...
      (comp.os.msdos.programmer)
    • Re: Whats the safest way to store password?
      ... But the data that I need to encrypt/decrypt ... password, the hash value of the original data dose not help, I need to ... You can use two keys, one to encrypt the data, the private key and one to ... decrypt the data the public key. ...
      (borland.public.delphi.thirdpartytools.general)
    • Re: Decrypt problem using Rijndael
      ... you cannot use Unicode to convert between bytes and strings - replace all the conversions with Convert.From/To Base64String ... I'm using an algo to encrypt/decrypt an xml file using Rijndael. ... of the data to decrypt is invalid" ...
      (microsoft.public.dotnet.security)
    • Decrypt problem using Rijndael
      ... I'm using an algo to encrypt/decrypt an xml file using Rijndael. ... However, SOMETIMES the decrypt algo fails when I try to read the data in cryptostream: ...
      (microsoft.public.dotnet.security)