问题
While decrypting text using RSACryptoServiceProvider.Decrypt, I am getting the error:
Error occurred while decoding OAEP padding.
Here's my code:
CspParameters cspParam = new CspParameters();
cspParam = new CspParameters();
cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
clsCertificates cc = new clsCertificates();
string a = "";
cc.OpenStoreIE(ref a);
cc.SetProperties();
X509Certificate2 cert = new X509Certificate2();
cert = cc.x509_2Cert;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParam);
//to gentrate private and public keys from the certificate
rsa.FromXmlString(cert.PublicKey.Key.ToXmlString(false));
String publicKey = rsa.ToXmlString(false); // gets the public key
String privateKey = rsa.ToXmlString(true); // gets the private key working if paramter is false if true give error key is not valid for use in specified state
Response.Write("<Textarea rows=10 cols=100>PUBLIC: " + publicKey + "</TextArea>");
Response.Write("<Textarea rows=10 cols=100>PRIVATE: " + privateKey + "</Textarea>");
Response.Write("<BR>Encrypting the string \"HelloThere\" with the public Key:<BR>");
String str = "HelloThere";
RSACryptoServiceProvider RSA2 = new RSACryptoServiceProvider(cspParam);
//---Load the Public key---
RSA2.FromXmlString(publicKey);
//working with the folowing line instead of above but i need the keys of he certificte
//RSA2.ToXmlString(true);
Byte[] EncryptedStrAsByt = RSA2.Encrypt(System.Text.Encoding.Unicode.GetBytes(str), true);
String EncryptedStr = System.Text.Encoding.Unicode.GetString(EncryptedStrAsByt);
Response.Write("<Textarea rows=10 cols=100>Encrypted String: " + EncryptedStr + "</Textarea>");
Response.Write("<BR>Decrypting the Encrypted String with the Private key:<BR>");
RSACryptoServiceProvider RSA3 = new RSACryptoServiceProvider(cspParam);
//---Load the Private key---
RSA3.FromXmlString(privateKey);
//working with the folowing line instead of above but i need the keys of he certificte
//RSA3.ToXmlString(true);
Byte[] DecryptedStrAsByt = RSA3.Decrypt(EncryptedStrAsByt, true );//Error if true then error is error occured while decoding the OAE$P padding and if false then error is bad key i am using windows xp so it should be true.
String DecryptedStr = System.Text.Encoding.Unicode.GetString(DecryptedStrAsByt);
Response.Write("<Textarea rows=10 cols=100>Decrypted String: " + DecryptedStr + "</Textarea>");
The above is works if I am not using the keys of my digital certificate. but if the keys are from the digital certificate, I get the OAEP padding error.
Note: This question is in continuation of the Error occurred while decoding OAEP padding question
回答1:
A common mistake is to try to decrypt using the public key.
回答2:
I ran into this exact problem. UnicodeEncoding.GetBytes is not always the inverse of UnicodeEncoding.GetString.
byte[] a = new byte[32];
RandomNumberGenerator gen = new RNGCryptoServiceProvider();
gen.GetBytes(a);
UnicodeEncoding byteConverter = new UnicodeEncoding();
byte[] b = byteConverter.GetBytes(byteConverter.GetString(a));
//byte array 'a' and byte array 'b' will not always contain the same elements.
This is why RSACryptoServiceProvider.Decrypt fails. A lot of encrypt/decrypt examples on the web use Unicode encoding. Do not use Unicode encoding. Use Convert.FromBase64String and Convert.ToBase64String instead.
回答3:
This error normally indicates you are using a public key to decrypt, while you should be using a private key for decryption. Give it a try.
回答4:
In my case the error has been caused by wrong padding settings.
Error: RSA decrypt: error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error
I had openssl_public_encrypt() with OPENSSL_PKCS1_PADDING as a default value in PHP and keypair.decrypt() with the default value RSA_PKCS1_OAEP_PADDING in node-rsa.
So don't forget to check these options too.
回答5:
RSA encryption may result non readable character, make sure not to cut the string due to special character indicating end of something during write/read the encryption result; e.g you must not use strlen for it will stop when encounter a '\0' in the string.
回答6:
Another thing to check: it was giving me this error, on the decrypt operation, as a result of forgetting to pass the public key into the RSACryptoServiceProvider for the encrypt operation.
回答7:
We were getting this issue when we were using the wrong key for decryption.
回答8:
FYI, you can still be (en/de)crypting in the right key sequence (encr:pub key, decr:priv key), just that you mixed up the keys/decrypting using the private key from another cert/key pair, and not the one paired w/ the pub key with which u encrypted initially. If u turn off OAEP padding and get a "bad data" exception, that's another indication.
来源:https://stackoverflow.com/questions/954416/error-occurred-while-decoding-oaep-padding