RE: Decryption using private key from cert store failing with err
From: Rhett Gong [MSFT] (v-raygon_at_online.microsoft.com)
Date: 02/24/05
- Next message: Pavel Lebedinsky: "Re: Process.Start() in windows service on Windows Server 2003, problem"
- Previous message: scott: "RE: Decryption using private key from cert store failing with err"
- In reply to: scott: "RE: Decryption using private key from cert store failing with err"
- Next in thread: Rhett Gong [MSFT]: "RE: Decryption using private key from cert store failing with err"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Feb 2005 02:43:08 GMT
>call taking 117 bytes as input and generating 128 bytes as output. What
are
>the extra 11 bytes? They cannot just be padding, it appears to us that
they
>contain information that is used by the cryptdecrypt call
Yes, you are right. In Windows 2000 and later, the encryption uses PKCS #1
Type 2 padding. On decryption, this padding is verified. The length of
plaintext data that can be encrypted with a call to CryptEncrypt with an
RSA key is the length of the key modulus minus eleven bytes. The eleven
bytes is the chosen minimum for PKCS #1 padding. The ciphertext is returned
in little-endian format.
Thanks,
Rhett Gong [MSFT]
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties and confers no rights.
- Next message: Pavel Lebedinsky: "Re: Process.Start() in windows service on Windows Server 2003, problem"
- Previous message: scott: "RE: Decryption using private key from cert store failing with err"
- In reply to: scott: "RE: Decryption using private key from cert store failing with err"
- Next in thread: Rhett Gong [MSFT]: "RE: Decryption using private key from cert store failing with err"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
