解码OAEP填充时发生错误

While decrypting text using RSACryptoServiceProvider.Decrypt, I am getting the error:

在使用RSACryptoServiceProvider.Decrypt解密文本时,我收到错误:

Error occurred while decoding OAEP padding.

解码OAEP填充时发生错误。

Here's my code:

这是我的代码:

CspParameters cspParam = new CspParameters();

cspParam = new CspParameters();

cspParam.Flags = CspProviderFlags.UseMachineKeyStore;

clsCertificates cc = new clsCertificates();

string a = "";

cc.OpenStoreIE(ref a);

cc.SetProperties();

X509Certificate2 cert = new X509Certificate2();

cert = cc.x509_2Cert;

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParam);

//to gentrate private and public keys from the certificate

rsa.FromXmlString(cert.PublicKey.Key.ToXmlString(false));


String publicKey = rsa.ToXmlString(false); // gets the public key 
String privateKey = rsa.ToXmlString(true); // gets the private key working if paramter is false if true give error key is not valid for use in specified state

Response.Write("<Textarea rows=10 cols=100>PUBLIC: " + publicKey + "</TextArea>");

Response.Write("<Textarea rows=10 cols=100>PRIVATE: " + privateKey + "</Textarea>");

Response.Write("<BR>Encrypting the string \"HelloThere\" with the public Key:<BR>");

String str = "HelloThere";

RSACryptoServiceProvider RSA2 = new RSACryptoServiceProvider(cspParam);



//---Load the Public key---

RSA2.FromXmlString(publicKey);

//working with the folowing line instead of above but i need the keys of he certificte

//RSA2.ToXmlString(true);

Byte[] EncryptedStrAsByt = RSA2.Encrypt(System.Text.Encoding.Unicode.GetBytes(str), true);

String EncryptedStr = System.Text.Encoding.Unicode.GetString(EncryptedStrAsByt);

Response.Write("<Textarea rows=10 cols=100>Encrypted String: " + EncryptedStr + "</Textarea>");

Response.Write("<BR>Decrypting the Encrypted String with the Private key:<BR>");



RSACryptoServiceProvider RSA3 = new RSACryptoServiceProvider(cspParam);



//---Load the Private key---

RSA3.FromXmlString(privateKey);

//working with the folowing line instead of above but i need the keys of he certificte

//RSA3.ToXmlString(true);

Byte[] DecryptedStrAsByt = RSA3.Decrypt(EncryptedStrAsByt, true );//Error if true then error is error occured while decoding the OAE$P padding and if false then error is bad key i am using windows xp so it should be true.

String DecryptedStr = System.Text.Encoding.Unicode.GetString(DecryptedStrAsByt);

Response.Write("<Textarea rows=10 cols=100>Decrypted String: " + DecryptedStr + "</Textarea>");

The above is works if I am not using the keys of my digital certificate. but if the keys are from the digital certificate, I get the OAEP padding error.

如果我没有使用我的数字证书的密钥,以上是有效的。但如果密钥来自数字证书,我会收到OAEP填充错误。

Note: This question is in continuation of the Error occurred while decoding OAEP padding question

注意:此问题是在解码OAEP填充问题时发生错误的延续

8 个解决方案

#1

A common mistake is to try to decrypt using the public key.

一个常见的错误是尝试使用公钥解密。

#2

I ran into this exact problem. UnicodeEncoding.GetBytes is not always the inverse of UnicodeEncoding.GetString.

我遇到了这个问题。 UnicodeEncoding.GetBytes并不总是与UnicodeEncoding.GetString相反。

byte[] a = new byte[32];

RandomNumberGenerator gen = new RNGCryptoServiceProvider();
gen.GetBytes(a);

UnicodeEncoding byteConverter = new UnicodeEncoding();

byte[] b = byteConverter.GetBytes(byteConverter.GetString(a));

//byte array 'a' and byte array 'b' will not always contain the same elements.

This is why RSACryptoServiceProvider.Decrypt fails. A lot of encrypt/decrypt examples on the web use Unicode encoding. Do not use Unicode encoding. Use Convert.FromBase64String and Convert.ToBase64String instead.

这就是RSACryptoServiceProvider.Decrypt失败的原因。 Web上的许多加密/解密示例都使用Unicode编码。不要使用Unicode编码。请改用Convert.FromBase64String和Convert.ToBase64String。

#3

In my case the error has been caused by wrong padding settings.

在我的情况下,错误是由错误的填充设置引起的。

Error: RSA decrypt: error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error

I had openssl_public_encrypt() with OPENSSL_PKCS1_PADDING as a default value in PHP and keypair.decrypt() with the default value RSA_PKCS1_OAEP_PADDING in node-rsa.

我有openssl_public_encrypt(),其中OPENSSL_PKCS1_PADDING作为PHP中的默认值,keypair.decrypt()使用node-rsa中的默认值RSA_PKCS1_OAEP_PADDING。

So don't forget to check these options too.

所以不要忘记检查这些选项。

#4

This error normally indicates you are using a public key to decrypt, while you should be using a private key for decryption. Give it a try.

此错误通常表示您正在使用公钥进行解密,而您应该使用私钥进行解密。试试看。

#5

RSA encryption may result non readable character, make sure not to cut the string due to special character indicating end of something during write/read the encryption result; e.g you must not use strlen for it will stop when encounter a '\0' in the string.

RSA加密可能导致不可读的字符,确保在写入/读取加密结果期间由于特殊字符指示某事物的结束而不切断字符串;例如,你不能使用strlen,因为它会在字符串中遇到'\ 0'时停止。

#6

Another thing to check: it was giving me this error, on the decrypt operation, as a result of forgetting to pass the public key into the RSACryptoServiceProvider for the encrypt operation.

另一件需要检查的事情是:由于忘记将公钥传递给RSACryptoServiceProvider进行加密操作,它在解密操作时给了我这个错误。

#7

We were getting this issue when we were using the wrong key for decryption.

当我们使用错误的密钥进行解密时,我们遇到了这个问题。

#8

FYI, you can still be (en/de)crypting in the right key sequence (encr:pub key, decr:priv key), just that you mixed up the keys/decrypting using the private key from another cert/key pair, and not the one paired w/ the pub key with which u encrypted initially. If u turn off OAEP padding and get a "bad data" exception, that's another indication.

仅供参考,你仍然可以用正确的密钥序列(加密:pub密钥,decr:priv密钥)加密(en / de),只是你使用来自另一个证书/密钥对的私钥来混合密钥/解密,并且不是与你最初加密的pub键配对的。如果你关闭OAEP填充并获得“坏数据”异常,那就是另一个指示。

#1