2
  RSACryptoServiceProvider objRsaCrypto= new RSACryptoServiceProvider();
string xmlString = "<RSAKeyValue><Modulus>vafMwhQ1Z+zx1tpcUybDONf3M7IG8Xw6Q0eCsuWMRniqwUklnzndo9ExuAFC87oAywOcSSzSncLEgILxjiyNmnBe28whdDg+P1PJmDchmBIjzQKNpDIppOiaxGOUR8KqBwIMp24dZQtUqb9mElEEz5bOxZUwHLg2/fJ9bT+eE+VluHtYfuuS/nbhrvI6BHN2bm2CyITBAvT6loCm7mV/JZ0fT9nCsyn6rUsp+YCVbhrfMnyz9aW7NEkwncE7xz78LSIHaYgB19nPu5jkR6yUCLsNDV9wnOBjb1Xuh7NqTjt2yOAcH+Gt5ixukfKBROq67FlnQKZOa+mQNzkhytEeyw==</Modulus><Exponent>AQAB</Exponent><P>4tDAYRgWNcyB5dCN7kF8QUa4ddiw6siEblGnjcFpdrQLyJxFvCZ7Jlc/59Wmr8B/1G06coRla5NLBCtvh/Itovacfp00wNif5pBb/Tp9+quw5/GGSu/4/K/Ke0wQuhHdWNjzAriNxbpCRWD/EgzNngWS8KlufdymZyju6AWyEZk=</P><Q>1g8B7fQ3SMDZ2EyaiSscchj3lshJx9VR8EAN70aipu45LRsOWuHH7wTkfqp1LuB06LyCr7XLMwUQYrBM8mJOhtxsiissXe+Phw1kcXJo6hBrCPgfSKSkuHT8iR7OgZbzYA8zwMmr+m2WOuDsgxrQcb+hRVdC1QODqFb8C08YegM=</Q><DP>vW5Zbf4e9pmx142CLH3219HH12y9/aiwqi56QPNLML+Yo9iYiVaePdxa3DZdO6YLXRBI40HeLqVa3sWkJadHJDbRZxHG8FU73uWsXmcOtl/UpTLb1RRtICV1d9qEkdK/yiePdjNK/Nvd43HqNloJFLRVD7iCNo4lUD0ooxG2sek=</DP><DQ>BCeWaf/rcsYLdF9IQJFNpAlIBO0uQWqqhHc5zgMY9RR6l52G0czADKuTo8G7NIW2vy2pe6+TmhHnF4NEew/dZlCw6p2b5tbXek+QO4N09dYLvcjTEp3fdJUQsbifWXSMlLi20G8Zn2qxF8N107WZhhuqDaZ77ZZ737CQg8etOfE=</DQ><InverseQ>xEjq9mm61gofysxxgM6SnX5TQ5Lnpq0AvnsRBhQaatiGm8i+VnznMpk8zJgn/AspaYS62bFC/UdCd/b2VyXgZfBC/L1NdkIUNyOVAxNKhf95C4uQFFxe90RfuZjbbClFbm/tU7RmycHqciPXViI35tToF1CXMJsxd7q6M2iaXKc=</InverseQ><D>HVnfO/gBreRDJzOjDzFUDDOMK+F05qGJqMjj5sjUtUFOd9xYqLQ9Y3FoJuh3Ep4qKkEUSlTYAZdXbuYU+SJXBdw3KgAE+2YK6CUQ8XAy0ESaastm3U7wF/fxn8wjchmj07LS/4RwoycmQqD+7H3CZ1gZBwYILKGrzRBere4nCj/1i5LTbfweAMUo85KMfZDbGChlJUhd4vNiRPGmOeKCT1/xDAw/3ZKfUbhUjzBxg/1PThhLtv2wYEdkLpUq1RZmlJACtDD++fkt9x19UecfMpX7NmI43WLoc1x7ydtinrIO0b0NhFStXAPEQXlYyE4JvOSqIxJIbb/E7Vl5okVxOQ==</D></RSAKeyValue>";//my private key
  objRsaCrypto.FromXmlString(xmlString);
string cyphertextyear ="mell442PqhwZRDvAVawKhtspVWFsVG6x/6v7BzcaDvOFWImXOiq3hCZq6N0i7UpCkV8YVLLS/LTarWrSgrqskfQnIwA+inZIhfZLm3odUrYpBCMXJh9Y7s+6ugqiwpMu1xap9LBqhP7LdChwIV0c7GimgZKVVk7mZHBgmVOHRSx61RAx6HDkc0F7dfjBR+jUQR08knu4MUUNx7xQ6pSkg1MyTwrX4upMoodccBwni+cUFZWmIeEHazMMd2r6PkuwMvHkueFm0B4UsWnsqHtjgQuU5zmGx9rWpDIyDCKNTvWkTyB1lUrhpNk6qqeFZXVPPTsxfKcA0Pp2oz6ZF4ir";//my cypher text

 byte[] bytesCypherText = Convert.FromBase64String(cyphertextyear);
 byte[] bytesPlainTextData = objRsaCrypto.Decrypt(bytesCypherText, false);
  string strDecryptedVal = Encoding.ASCII.GetString(bytesPlainTextData);

I am using RSACryptoServiceProvider and decryption is working fine in windows 8 but failing in windows server 2012 r2 with below exception

System.Security.Cryptography.CryptographicException: Bad Data.

at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.RSACryptoServiceProvider.DecryptKey(SafeKeyHandle pKeyContext, Byte[] pbEncryptedKey, Int32 cbEncryptedKey, Boolean fOAEP, ObjectHandleOnStack ohRetDecryptedKey)
at System.Security.Cryptography.RSACryptoServiceProvider.Decrypt(Byte[] rgb, Boolean fOAEP)at

user3459002
  • 21
  • 4

1 Answers1

1

Your ciphertext is too short.

The length of bytesCypherText is 255, but your 2048-bit key produces a 256-byte response.

It seems that previous versions of Windows accepted too short and effectively prepended the value with extra zero bytes, and that they stopped doing that. (Most likely the original CAPI providers had the behavior of accepting "too short", but they have since been replaced with calls into the same backend that drives CNG; and it probably only accepts correctly sized data.)

If your ciphertext base64 were

AJnpZeONj6ocGUQ7wFWsCobbKVVhbFRusf+r+wc3Gg7zhViJlzoqt4QmaujdIu1KQpFfGFSy0vy02q1q
0oK6rJH0JyMAPop2SIX2S5t6HVK2KQQjFyYfWO7PuroKosKTLtcWqfSwaoT+y3QocCFdHOxopoGSlVZO
5mRwYJlTh0UsetUQMehw5HNBe3X4wUfo1EEdPJJ7uDFFDce8UOqUpINTMk8K1+LqTKKHXHAcJ4vnFBWV
piHhB2szDHdq+j5LsDLx5LnhZtAeFLFp7Kh7Y4ELlOc5hsfa1qQyMgwijU71pE8gdZVK4aTZOqqnhWV1
Tz07MXynAND6dqM+mReIqw==

You'll likely have better luck.

Alternatively:

if (bytesCypherText.Length * 8 < objRsaCrypto.KeySize)
{
    byte[] tmp = new byte[objRsaCrypto.KeySize / 8];
    Buffer.BlockCopy(
        bytesCypherText,
        0,
        tmp,
        tmp.Length - bytesCypherText.Length,
        bytesCypherText.Length);

    bytesCypherText = tmp;
}

byte[] bytesPlainTextData = objRsaCrypto.Decrypt(bytesCypherText, false);
bartonjs
  • 30,352
  • 2
  • 71
  • 111