{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 乱世女痞 的问题《Error with CryptDecrypt winapi function?》','https://www.manongdao.com/q-1005481.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
i have write simple program to load a public key generated by openssl to decrypt a string encrypted by private key of the public key. But I don't know why I fail at
b = CryptDecrypt(hKey,NULL,FALSE,0,pbEncrypt,&cbEncrypt);
And i get error "8009000D NTE_NO_KEY Key does not exist.". Can someone explain this to me ?
void DecodeString()
{
CHAR* publicKey =
"-----BEGIN PUBLIC KEY-----"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+yyzdZaqcE7qOOZ8pyN"
"o1n3PS2U/ewT2gGSQeixP+VixQGrxnssT3zlbeUND8CVX+tZGwkcIZZD09Rkx9vh"
"z7vLUFD7dngupo/aL6pfehb95citD31DUswc9BTJjQySpSSG6zWDSBJMELDYaCa4"
"MIU7odoCg2EbQBwRWX7upWiR+shyxnPYklY8ZUpVCtIdHXmPO5eMaI1elftqNw1N"
"n/Id4pFFif11Lmny3s3ADfItuyMfTwU6jwgsPaoqrX5FCnurlAVl/mcfpMVpsPju"
"XWw2IlvZP5SkTW4G6V+Bt+xDI6SW3dvMi6gJngHLUKekbhZxcFWuv3hus8ojpo+I"
"mwIDAQAB"
"-----END PUBLIC KEY-----";
BYTE* derPubKey;
DWORD derPubKeyLen;
BOOL b = CryptStringToBinaryA(publicKey, 0, CRYPT_STRING_BASE64HEADER, NULL, &derPubKeyLen, NULL, NULL);
DWORD error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
derPubKey = new BYTE[derPubKeyLen];
b = CryptStringToBinaryA(publicKey, 0, CRYPT_STRING_BASE64HEADER, derPubKey, &derPubKeyLen, NULL, NULL);
error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
CERT_PUBLIC_KEY_INFO *publicKeyInfo;
DWORD publicKeyInfoLen;
HCRYPTPROV hProv = 0;
HCRYPTKEY hKey = 0;
b = CryptDecodeObjectEx(X509_ASN_ENCODING, X509_PUBLIC_KEY_INFO, derPubKey, derPubKeyLen, CRYPT_ENCODE_ALLOC_FLAG, NULL, &publicKeyInfo, &publicKeyInfoLen);
error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
b = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
b = CryptImportPublicKeyInfo(hProv, X509_ASN_ENCODING, publicKeyInfo, &hKey);
error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
//same test decrypt
CHAR* sameTest = "nJZ6MN6MIrpbLQiRvfLFIHHzneQBe2rucaKSykXeHgf8Zth5FNPZPdiPhWcHq0/K"
"KgRHv2ON+gPyFbjsdDl2cixPgNGXs1FfI/RvkH+Icn+6rYq5uPBM5oQVriyiWI9/"
"QiC56LP0ooouqLg9e2U5zJmC/ftCODkFyL748Fx3godXzDl1mNB7bx/Ua6Z93KeB"
"OgNvYZH3tcZZYlgoX4GVf4ocO0aZ8pQjEB8p9hMWfIDRCIckDAncy21tHDmWDqZ4"
"H7CZjbdNyaiWe5Cr6+CYs25+r3AdIlXOKWuphgbckKDHh4r7nMX0AX+iHXGjCgkM"
"iwi4yz7wF+Ow/CcGHkAMTQ==";
BYTE* pbEncrypt = 0;
DWORD cbEncrypt = 0;
b = CryptStringToBinaryA(sameTest, 0, CRYPT_STRING_BASE64, NULL, &cbEncrypt, NULL, NULL);
error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
pbEncrypt = new BYTE[cbEncrypt];
printf("%s\n",(CHAR*)pbEncrypt);
b = CryptStringToBinaryA(sameTest, 0, CRYPT_STRING_BASE64, pbEncrypt, &cbEncrypt, NULL, NULL);
error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
printf("%s\n",(CHAR*)pbEncrypt);
b = CryptDecrypt(hKey,NULL,FALSE,0,pbEncrypt,&cbEncrypt);
error = GetLastError();
_ASSERT(error == 0);
_ASSERT(b == TRUE);
printf("%s\n",(CHAR*)pbEncrypt);
}
You can't use the public key to decrypt something encrypted with the private key. The public key is used only for encryption, while the private key can be used only for decryption.
From Wikipedia: