RE: Cannot decrypt files encrypted using Crypto API on a different mac

Depends on HOW you want to get the decryption key on the second computer. Did
you export the encryption key (on the first computer) using the second
computer's public key? Here is how normally you do this:

1. On the second computer create a permanent container (CrytpAcquireContext
with CRYPT_NEWKEYSET and with a unique container name)
2. create a private/public key pair (CryptGenKey with AT_KEYEXCHANGE).
3. export the public key into a blob (CryptExportKey; hKey is what you get
from step 2, hExpKey is NULL, blob type is PUBLICKEYBLOB) and send this blob
to the other computer
4. on the first computer start a temp sesssion (CryptAcquireContext with
CRYPT_VERIFYCONTEXT)
5. generate a session key (CryptGenKey with algo preferably AES)
6. encrypt your data with this key (CryptEncypt)
7. import the other computer's public key (CryptImportKey, hPubKey NULL,
blob is what you got from step 3)
8. export the session key (protected by the other computer's public key:
CryptExportKey with hkey = key from step 5, hExpKey = key from step 7, blob
type = SIMPLEBLOB)
9. send the encrypted data AND the blob from step 8 to the other computer
10. On the second computer open the container of your private / public key
pair (CryptAcquireContext)
11. get your key pair (CryptGetUserKey with AT_KEYEXCHANGE)
12. import the session key (CryptImportKey with blob from step 8, and
hPubKey is the key handle from step 11)
13. Now you can decrypt the data with the key you got in step 12

Hope this helps,

Laszlo Elteto
SafeNet, Inc.

"vishalchowdhary" wrote:

Hi,
I'm new to the Crypto API and used it to encrypt a bunch of files. The
decryption works fine on my machine. However, when I try to decrypt the
encrypted files on a different machine, I get the error code 8009000d for
CryptImportKey()

Can anyone please help me?


Thanks,
Vishal
.

Relevant Pages

  • Re: public key crypto
    ... decryption algorithm (and the public key) and find a sequence of numbers ... that can act as a private key which is used to encrypt data. ... > Normally Alice will use Bob's public key to encrypt a message to Bob. ... >> Can we reverse the decryption process so as to generate a private key? ...
    (sci.crypt)
  • Re: RSA question
    ... key to encrypt and a public key for decryption? ... encrypt something which can be decrypted using a public key, ... is to put the licence code on the physical product so that it ...
    (sci.crypt)
  • Re: RSA Public Key problem c++ client to java server
    ... Take my public key in whatever format turns your crank ... from their certificate, encrypt ... some data that we know about (like "c decryption sucks") and post it right ... MSPublicKeyBlob and then decrypt it back at c-side (here is where it ...
    (microsoft.public.platformsdk.security)
  • Re: how to have a gpg public key?
    ... Having just a public key doesn't do you much good. ... You need both a private key and a public key; ... can encrypt and decrypt your messages and you are just ...
    (Debian-User)
  • Re: RSA Encrypt/Decrypt Problems
    ... You can generate a snk for each and replicate the public key part to each ... Then sym encrypt your data with the key and iv and store in the ... You could actually do it with small blocks and only the public rsa key, ... > key) with the symmetric key embedded in the file and encrypted using the ...
    (microsoft.public.dotnet.security)