RE: Failed to decrypt



This is most probably because of the default key size difference. For RC2
(and RC4) please always explicitly set the key size via
CryptSetKeyParam(KP_EFFECTIVE_KEYLEN).

BTW you should not use RC2 or RC4 or even DES. If you can control both sides
at least use DES3, but preferably AES.

Laszlo Elteto
SafeNet, Inc.

"Charles Zhang" wrote:

I have a server application and client application.

The server creates a exchange key pair and the public exchange key is
transferred to client side.

The client side creates a session key then export it using the server's
public exchange key.

The server import the session key using its private exchange key.

Then the server and client use the session key for encryption.


However, when the session key handle is used to decrypt I get "Bad Data"
error in the case as outlined below

1. The client runs on Windows 2000 and the server runs Windows XP or
Windows 2003.
2. The CSP is "Microsoft Strong Cryptographic Provider"
3. The encryption algorithm is "CALG_RC2"
4. The session key is more than 40 bits ( tried 40 bits, 56 bits and 128
bits. 40 bits worked fine when 56 bits and 128 bits did not work).

By the way, when using the session key handle to encrypt a message on
the client side, no errors are returned.

When both client and server runs on Windows 2000, no errors returned.

When client runs on Windows XP and the server runs on Windows XP/Windows
2003, no errors returned.

I would like someone to point out about what I am doing wrong.

By the way, I am using "Cryptography API"

I use "CryptImportKey" to import session key then use CryptDecrypt to
descrypt messages.


Charles Zhang

Thanks

.



Relevant Pages

  • RE: Printing from Win9x clients stops
    ... Open Server Management. ... then right-click the name of the computer running Windows Small Business ... >From the client computer: ... The Select Network Component Type ...
    (microsoft.public.windows.server.sbs)
  • RE: Printing from Win9x clients stops
    ... The printers with 9x drivers on the server appeared automatically in the ... > then right-click the name of the computer running Windows Small Business ... > From the client computer: ... The Select Network Component Type ...
    (microsoft.public.windows.server.sbs)
  • Re: after installing KB011829 OWA is not working anymore
    ... Based on my research, after you install hotfix KB911829, I suggest we ... Profile WMI Provider to each client computer that is running Windows Vista ... If you are running the Premium Edition of Windows Small Business Server ...
    (microsoft.public.exchange.connectivity)
  • Re: DHCP Issues. Very strange
    ... I understand the issue to be: some client computers ... can not obtain IP from SBS server. ... it is most possible a client side issue of Windows ... since you have join it to SBS domain and the Windows XP SP2 ...
    (microsoft.public.windows.server.sbs)
  • Authentication flaw in microsoft SMB protocol
    ... Microsoft uses SMB Protocol for “File and Printer sharing service” in all ... Authentication is used to authenticate the client on the server. ... logged-in user requests for a network share on the server, Windows ...
    (Bugtraq)