Windows 中使用 CryptoAPI Next Generation (CNG) 的 RSA 加密/解密存在错误?
我编写了一段代码,使用之前使用 CNG 生成的硬编码 RSA 密钥对来加密和解密数据。这是一个简单的程序,只需生成一些随机输入数据,使用公钥对其进行加密,然后使用私钥对生成的加密缓冲区进行解密。我打印所有的输入、中间和输出阶段来比较解密后的明文是否与原始输入明文相同,并重复整个加密-解密10次。
但是,我观察到,在某些情况下,加密和解密都很好,但在其他情况下,解密的明文与输入的明文根本不匹配。此类错误案例完全是随机且任意的,并且这些错误似乎没有任何模式。
这是 CNG 的 RSA 实现中的错误还是我做错了什么?
代码如下:
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <bcrypt.h>
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L)
#define PrivateKeySize 283
#define PublicKeySize 155
#define InputDataSize 128
PUCHAR encryptedBuffer;
ULONG encryptedBufferSize = 128;
VOID printMem(PVOID Mem, int length)
{
int i;
for (i = 0; i < length; i++)
printf("%02x ", ((unsigned char *)Mem)[i]);
}
VOID Decrypt()
{
unsigned char PrivateKey[PrivateKeySize] = {0x52, 0x53, 0x41, 0x32, 0x00, 0x04, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0xB7, 0x50, 0x52, 0xDD, 0x58, 0xE4, 0x96, 0xAF, 0x91, 0xE5, 0xB2, 0x7B, 0x0A, 0xE6, 0xAA, 0x1F, 0x71, 0x8A, 0x66, 0xC3, 0xF0, 0x21, 0xD8, 0xE6, 0x2C, 0xD6, 0x25, 0x2E, 0x77, 0x3C, 0x61, 0x08, 0x1B, 0x69, 0xE7, 0x58, 0xDF, 0x3B, 0x07, 0xFE, 0xF1, 0xDB, 0xBF, 0xA6, 0x35, 0xDF, 0xC7, 0x49, 0x06, 0xC8, 0xDB, 0x74, 0x2A, 0xB9, 0xED, 0xB3, 0x04, 0x80, 0x75, 0x5F, 0x71, 0x2C, 0xD0, 0x14, 0x0E, 0x81, 0x18, 0x00, 0x5E, 0x34, 0x5A, 0xC2, 0x3A, 0x84, 0x63, 0xB1, 0x6B, 0x04, 0x21, 0x49, 0x7F, 0xE0, 0xF3, 0x52, 0x5E, 0x61, 0x43, 0xB1, 0x8F, 0x7C, 0xF2, 0x74, 0x29, 0x28, 0x69, 0x20, 0x36, 0xC0, 0x92, 0x17, 0x42, 0x99, 0x72, 0xE5, 0xE7, 0x82, 0xBE, 0x8E, 0x3B, 0x3F, 0xC9, 0x0A, 0xE1, 0xC4, 0x63, 0x68, 0x73, 0x1D, 0x67, 0x8D, 0xC0, 0xA3, 0xB4, 0xBA, 0xF0, 0xB7, 0xB0, 0x9B, 0xBB, 0x3F, 0xB8, 0x6E, 0xC0, 0x34, 0x1E, 0xA0, 0x01, 0x4B, 0x6D, 0x47, 0x73, 0x3F, 0xA5, 0x39, 0x05, 0x27, 0xD4, 0xD1, 0x38, 0x34, 0x32, 0x2C, 0x5B, 0x03, 0x5F, 0x16, 0x21, 0x64, 0x04, 0xD5, 0x19, 0xDB, 0xE7, 0x80, 0xDA, 0xBD, 0xC4, 0x1E, 0xAB, 0x61, 0xC8, 0x84, 0xDF, 0x54, 0x16, 0x77, 0x98, 0x9B, 0x90, 0x03, 0x83, 0xC4, 0x8D, 0x25, 0xB1, 0x32, 0x67, 0x77, 0x6A, 0x1C, 0x64, 0x2D, 0xFA, 0x9E, 0xB9, 0x26, 0xB5, 0xF8, 0x47, 0x4A, 0x9C, 0x35, 0x89, 0x5F, 0x12, 0x0E, 0xFF, 0x60, 0x87, 0x1E, 0x27, 0xC1, 0xC5, 0x7C, 0x77, 0x0A, 0xAE, 0x11, 0x37, 0xE3, 0x42, 0x9B, 0xAF, 0x9D, 0xBC, 0xC2, 0x52, 0xF8, 0x85, 0xBA, 0xED, 0x8E, 0xC3, 0x73, 0x04, 0x0A, 0x53, 0xD2, 0x1D, 0xEF, 0xA0, 0x6A, 0xCD, 0xBE, 0x93, 0x49, 0x34, 0x3A, 0xBD, 0xDF, 0x6A, 0x33, 0x25, 0x91, 0xFC, 0xE7};
BCRYPT_ALG_HANDLE hAlgorithm = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
ULONG plaintextSize = 128;
PUCHAR decryptedBuffer;
ULONG decryptedBufferSize;
NTSTATUS status;
status = BCryptOpenAlgorithmProvider(&hAlgorithm,
BCRYPT_RSA_ALGORITHM,
NULL,
0);
if (!NT_SUCCESS(status)) {
printf("Failed to get algorithm provider..status : %08x\n",status);
goto cleanup;
}
status = BCryptImportKeyPair( hAlgorithm,
NULL,
BCRYPT_RSAPRIVATE_BLOB,
&hKey,
PrivateKey,
PrivateKeySize,
BCRYPT_NO_KEY_VALIDATION);
if (!NT_SUCCESS(status)) {
printf("Failed to import Private key..status : %08x\n",status);
goto cleanup;
}
status = BCryptDecrypt( hKey,
encryptedBuffer,
encryptedBufferSize,
NULL,
NULL,
0,
NULL,
0,
&decryptedBufferSize,
0);
if (!NT_SUCCESS(status)) {
printf("Failed to get required size of buffer..status : %08x\n", status);
goto cleanup;
}
decryptedBuffer = (PUCHAR)HeapAlloc (GetProcessHeap (), 0, decryptedBufferSize);
if (decryptedBuffer == NULL) {
printf("failed to allocate memory for buffer\n");
goto cleanup;
}
status = BCryptDecrypt( hKey,
encryptedBuffer,
encryptedBufferSize,
NULL,
NULL,
0,
decryptedBuffer,
decryptedBufferSize,
&decryptedBufferSize,
0);
if (!NT_SUCCESS(status)) {
printf("Failed decrypt buffer..status : %08x\n",status);
goto cleanup;
}
printf("Decrypted buffer\n");
printMem(decryptedBuffer, decryptedBufferSize);
printf("\n\n");
cleanup:
HeapFree(GetProcessHeap(), 0, decryptedBuffer);
BCryptDestroyKey(hKey);
BCryptCloseAlgorithmProvider(hAlgorithm, 0);
}
VOID Encrypt()
{
unsigned char PublicKey[PublicKeySize] = {0x52, 0x53, 0x41, 0x31, 0x00, 0x04, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0xB7, 0x50, 0x52, 0xDD, 0x58, 0xE4, 0x96, 0xAF, 0x91, 0xE5, 0xB2, 0x7B, 0x0A, 0xE6, 0xAA, 0x1F, 0x71, 0x8A, 0x66, 0xC3, 0xF0, 0x21, 0xD8, 0xE6, 0x2C, 0xD6, 0x25, 0x2E, 0x77, 0x3C, 0x61, 0x08, 0x1B, 0x69, 0xE7, 0x58, 0xDF, 0x3B, 0x07, 0xFE, 0xF1, 0xDB, 0xBF, 0xA6, 0x35, 0xDF, 0xC7, 0x49, 0x06, 0xC8, 0xDB, 0x74, 0x2A, 0xB9, 0xED, 0xB3, 0x04, 0x80, 0x75, 0x5F, 0x71, 0x2C, 0xD0, 0x14, 0x0E, 0x81, 0x18, 0x00, 0x5E, 0x34, 0x5A, 0xC2, 0x3A, 0x84, 0x63, 0xB1, 0x6B, 0x04, 0x21, 0x49, 0x7F, 0xE0, 0xF3, 0x52, 0x5E, 0x61, 0x43, 0xB1, 0x8F, 0x7C, 0xF2, 0x74, 0x29, 0x28, 0x69, 0x20, 0x36, 0xC0, 0x92, 0x17, 0x42, 0x99, 0x72, 0xE5, 0xE7, 0x82, 0xBE, 0x8E, 0x3B, 0x3F, 0xC9, 0x0A, 0xE1, 0xC4, 0x63, 0x68, 0x73, 0x1D, 0x67, 0x8D, 0xC0, 0xA3, 0xB4, 0xBA, 0xF0, 0xB7, 0xB0, 0x9B};
unsigned char InputData[InputDataSize];
BCRYPT_ALG_HANDLE hAlgorithm = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
NTSTATUS status;
for (int i=0; i<128; i++)
InputData[i] = (unsigned char)rand();
printf("Random Data is \n");
printMem(InputData, InputDataSize);
printf("\n\n");
status = BCryptOpenAlgorithmProvider( &hAlgorithm,
BCRYPT_RSA_ALGORITHM,
NULL,
0 );
if (!NT_SUCCESS(status)) {
printf("Failed to get algorithm provider..status : %08x\n",status);
goto cleanup;
}
status = BCryptImportKeyPair( hAlgorithm,
NULL,
BCRYPT_RSAPUBLIC_BLOB,
&hKey,
PublicKey,
155,
BCRYPT_NO_KEY_VALIDATION );
if (!NT_SUCCESS(status)) {
printf("Failed to import Private key..status : %08x\n",status);
goto cleanup;
}
status = BCryptEncrypt( hKey,
InputData,
InputDataSize,
NULL,
NULL,
0,
NULL,
0,
&encryptedBufferSize,
0
);
if (!NT_SUCCESS(status)) {
printf("Failed to get required size of buffer..status : %08x\n",status);
goto cleanup;
}
encryptedBuffer = (PUCHAR)HeapAlloc (GetProcessHeap (), 0, encryptedBufferSize);
if (encryptedBuffer == NULL) {
printf("failed to allocate memory for blindedFEKBuffer\n");
goto cleanup;
}
status = BCryptEncrypt( hKey,
InputData,
InputDataSize,
NULL,
NULL,
0,
encryptedBuffer,
encryptedBufferSize,
&encryptedBufferSize,
0
);
if (!NT_SUCCESS(status)) {
printf("Failed encrypt data..status : %08x\n",status);
goto cleanup;
}
printf("Encrypted Data\n");
printMem(encryptedBuffer, encryptedBufferSize);
printf("\n\n");
cleanup:
if(hKey)
BCryptDestroyKey(hKey);
if(hAlgorithm)
BCryptCloseAlgorithmProvider(hAlgorithm, 0);
}
int __cdecl wmain(
int argc,
__in_ecount(argc) LPWSTR *wargv)
{
int i;
for (i=0; i<10; i++)
{
Encrypt();
Decrypt();
}
}
I have written a code to encrypt and decrypt data with a hardcoded RSA key pair that was previously generated using the CNG. It is a simple program that simply generates some random input data, encrypts it with the public key, and then decrypts the resulting encrypted buffer using the private key. I print all the input, intermediate and output stages to compare whether the decrypted plaintext is the same as the original input plaintext, and repeat the whole encrypt-decrypt 10 times.
However, I am observing that in some cases, the encryption and decryption are fine, but in others, the decrypted plaintext does not match the input plaintext at all. Such buggy cases are completely random and arbitrary and there does not seem to be any pattern to these bugs.
Is this a bug in the CNG's RSA implementation or am I doing something wrongly?
Code follows:
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <bcrypt.h>
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L)
#define PrivateKeySize 283
#define PublicKeySize 155
#define InputDataSize 128
PUCHAR encryptedBuffer;
ULONG encryptedBufferSize = 128;
VOID printMem(PVOID Mem, int length)
{
int i;
for (i = 0; i < length; i++)
printf("%02x ", ((unsigned char *)Mem)[i]);
}
VOID Decrypt()
{
unsigned char PrivateKey[PrivateKeySize] = {0x52, 0x53, 0x41, 0x32, 0x00, 0x04, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0xB7, 0x50, 0x52, 0xDD, 0x58, 0xE4, 0x96, 0xAF, 0x91, 0xE5, 0xB2, 0x7B, 0x0A, 0xE6, 0xAA, 0x1F, 0x71, 0x8A, 0x66, 0xC3, 0xF0, 0x21, 0xD8, 0xE6, 0x2C, 0xD6, 0x25, 0x2E, 0x77, 0x3C, 0x61, 0x08, 0x1B, 0x69, 0xE7, 0x58, 0xDF, 0x3B, 0x07, 0xFE, 0xF1, 0xDB, 0xBF, 0xA6, 0x35, 0xDF, 0xC7, 0x49, 0x06, 0xC8, 0xDB, 0x74, 0x2A, 0xB9, 0xED, 0xB3, 0x04, 0x80, 0x75, 0x5F, 0x71, 0x2C, 0xD0, 0x14, 0x0E, 0x81, 0x18, 0x00, 0x5E, 0x34, 0x5A, 0xC2, 0x3A, 0x84, 0x63, 0xB1, 0x6B, 0x04, 0x21, 0x49, 0x7F, 0xE0, 0xF3, 0x52, 0x5E, 0x61, 0x43, 0xB1, 0x8F, 0x7C, 0xF2, 0x74, 0x29, 0x28, 0x69, 0x20, 0x36, 0xC0, 0x92, 0x17, 0x42, 0x99, 0x72, 0xE5, 0xE7, 0x82, 0xBE, 0x8E, 0x3B, 0x3F, 0xC9, 0x0A, 0xE1, 0xC4, 0x63, 0x68, 0x73, 0x1D, 0x67, 0x8D, 0xC0, 0xA3, 0xB4, 0xBA, 0xF0, 0xB7, 0xB0, 0x9B, 0xBB, 0x3F, 0xB8, 0x6E, 0xC0, 0x34, 0x1E, 0xA0, 0x01, 0x4B, 0x6D, 0x47, 0x73, 0x3F, 0xA5, 0x39, 0x05, 0x27, 0xD4, 0xD1, 0x38, 0x34, 0x32, 0x2C, 0x5B, 0x03, 0x5F, 0x16, 0x21, 0x64, 0x04, 0xD5, 0x19, 0xDB, 0xE7, 0x80, 0xDA, 0xBD, 0xC4, 0x1E, 0xAB, 0x61, 0xC8, 0x84, 0xDF, 0x54, 0x16, 0x77, 0x98, 0x9B, 0x90, 0x03, 0x83, 0xC4, 0x8D, 0x25, 0xB1, 0x32, 0x67, 0x77, 0x6A, 0x1C, 0x64, 0x2D, 0xFA, 0x9E, 0xB9, 0x26, 0xB5, 0xF8, 0x47, 0x4A, 0x9C, 0x35, 0x89, 0x5F, 0x12, 0x0E, 0xFF, 0x60, 0x87, 0x1E, 0x27, 0xC1, 0xC5, 0x7C, 0x77, 0x0A, 0xAE, 0x11, 0x37, 0xE3, 0x42, 0x9B, 0xAF, 0x9D, 0xBC, 0xC2, 0x52, 0xF8, 0x85, 0xBA, 0xED, 0x8E, 0xC3, 0x73, 0x04, 0x0A, 0x53, 0xD2, 0x1D, 0xEF, 0xA0, 0x6A, 0xCD, 0xBE, 0x93, 0x49, 0x34, 0x3A, 0xBD, 0xDF, 0x6A, 0x33, 0x25, 0x91, 0xFC, 0xE7};
BCRYPT_ALG_HANDLE hAlgorithm = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
ULONG plaintextSize = 128;
PUCHAR decryptedBuffer;
ULONG decryptedBufferSize;
NTSTATUS status;
status = BCryptOpenAlgorithmProvider(&hAlgorithm,
BCRYPT_RSA_ALGORITHM,
NULL,
0);
if (!NT_SUCCESS(status)) {
printf("Failed to get algorithm provider..status : %08x\n",status);
goto cleanup;
}
status = BCryptImportKeyPair( hAlgorithm,
NULL,
BCRYPT_RSAPRIVATE_BLOB,
&hKey,
PrivateKey,
PrivateKeySize,
BCRYPT_NO_KEY_VALIDATION);
if (!NT_SUCCESS(status)) {
printf("Failed to import Private key..status : %08x\n",status);
goto cleanup;
}
status = BCryptDecrypt( hKey,
encryptedBuffer,
encryptedBufferSize,
NULL,
NULL,
0,
NULL,
0,
&decryptedBufferSize,
0);
if (!NT_SUCCESS(status)) {
printf("Failed to get required size of buffer..status : %08x\n", status);
goto cleanup;
}
decryptedBuffer = (PUCHAR)HeapAlloc (GetProcessHeap (), 0, decryptedBufferSize);
if (decryptedBuffer == NULL) {
printf("failed to allocate memory for buffer\n");
goto cleanup;
}
status = BCryptDecrypt( hKey,
encryptedBuffer,
encryptedBufferSize,
NULL,
NULL,
0,
decryptedBuffer,
decryptedBufferSize,
&decryptedBufferSize,
0);
if (!NT_SUCCESS(status)) {
printf("Failed decrypt buffer..status : %08x\n",status);
goto cleanup;
}
printf("Decrypted buffer\n");
printMem(decryptedBuffer, decryptedBufferSize);
printf("\n\n");
cleanup:
HeapFree(GetProcessHeap(), 0, decryptedBuffer);
BCryptDestroyKey(hKey);
BCryptCloseAlgorithmProvider(hAlgorithm, 0);
}
VOID Encrypt()
{
unsigned char PublicKey[PublicKeySize] = {0x52, 0x53, 0x41, 0x31, 0x00, 0x04, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0xB7, 0x50, 0x52, 0xDD, 0x58, 0xE4, 0x96, 0xAF, 0x91, 0xE5, 0xB2, 0x7B, 0x0A, 0xE6, 0xAA, 0x1F, 0x71, 0x8A, 0x66, 0xC3, 0xF0, 0x21, 0xD8, 0xE6, 0x2C, 0xD6, 0x25, 0x2E, 0x77, 0x3C, 0x61, 0x08, 0x1B, 0x69, 0xE7, 0x58, 0xDF, 0x3B, 0x07, 0xFE, 0xF1, 0xDB, 0xBF, 0xA6, 0x35, 0xDF, 0xC7, 0x49, 0x06, 0xC8, 0xDB, 0x74, 0x2A, 0xB9, 0xED, 0xB3, 0x04, 0x80, 0x75, 0x5F, 0x71, 0x2C, 0xD0, 0x14, 0x0E, 0x81, 0x18, 0x00, 0x5E, 0x34, 0x5A, 0xC2, 0x3A, 0x84, 0x63, 0xB1, 0x6B, 0x04, 0x21, 0x49, 0x7F, 0xE0, 0xF3, 0x52, 0x5E, 0x61, 0x43, 0xB1, 0x8F, 0x7C, 0xF2, 0x74, 0x29, 0x28, 0x69, 0x20, 0x36, 0xC0, 0x92, 0x17, 0x42, 0x99, 0x72, 0xE5, 0xE7, 0x82, 0xBE, 0x8E, 0x3B, 0x3F, 0xC9, 0x0A, 0xE1, 0xC4, 0x63, 0x68, 0x73, 0x1D, 0x67, 0x8D, 0xC0, 0xA3, 0xB4, 0xBA, 0xF0, 0xB7, 0xB0, 0x9B};
unsigned char InputData[InputDataSize];
BCRYPT_ALG_HANDLE hAlgorithm = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
NTSTATUS status;
for (int i=0; i<128; i++)
InputData[i] = (unsigned char)rand();
printf("Random Data is \n");
printMem(InputData, InputDataSize);
printf("\n\n");
status = BCryptOpenAlgorithmProvider( &hAlgorithm,
BCRYPT_RSA_ALGORITHM,
NULL,
0 );
if (!NT_SUCCESS(status)) {
printf("Failed to get algorithm provider..status : %08x\n",status);
goto cleanup;
}
status = BCryptImportKeyPair( hAlgorithm,
NULL,
BCRYPT_RSAPUBLIC_BLOB,
&hKey,
PublicKey,
155,
BCRYPT_NO_KEY_VALIDATION );
if (!NT_SUCCESS(status)) {
printf("Failed to import Private key..status : %08x\n",status);
goto cleanup;
}
status = BCryptEncrypt( hKey,
InputData,
InputDataSize,
NULL,
NULL,
0,
NULL,
0,
&encryptedBufferSize,
0
);
if (!NT_SUCCESS(status)) {
printf("Failed to get required size of buffer..status : %08x\n",status);
goto cleanup;
}
encryptedBuffer = (PUCHAR)HeapAlloc (GetProcessHeap (), 0, encryptedBufferSize);
if (encryptedBuffer == NULL) {
printf("failed to allocate memory for blindedFEKBuffer\n");
goto cleanup;
}
status = BCryptEncrypt( hKey,
InputData,
InputDataSize,
NULL,
NULL,
0,
encryptedBuffer,
encryptedBufferSize,
&encryptedBufferSize,
0
);
if (!NT_SUCCESS(status)) {
printf("Failed encrypt data..status : %08x\n",status);
goto cleanup;
}
printf("Encrypted Data\n");
printMem(encryptedBuffer, encryptedBufferSize);
printf("\n\n");
cleanup:
if(hKey)
BCryptDestroyKey(hKey);
if(hAlgorithm)
BCryptCloseAlgorithmProvider(hAlgorithm, 0);
}
int __cdecl wmain(
int argc,
__in_ecount(argc) LPWSTR *wargv)
{
int i;
for (i=0; i<10; i++)
{
Encrypt();
Decrypt();
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
这不是 CNG 中的错误,而是原始 RSA 加密工作方式的产物。您正在加密的一些随机值大于密钥的模数(模数是 RSA 密钥中的 2 个素数相乘的值),这意味着值会环绕(如果您设置
InputData [0] = 0您将看到输入和输出始终匹配)。您还需要将
BCRYPT_PAD_PKCS1或BCRYPT_PAD_OAEP作为原始数据传递给BCryptEncrypt/BCryptDecrypt的 dwFlags 参数RSA 加密并不安全。如果您使用BCRYPT_PAD_OAEP,您还必须提供BCRYPT_OAEP_PADDING_INFO 结构。This is not a bug in CNG, it's an artifact of the way raw RSA encryption works. Some of the random values that you are encrypting are greater than the modulus of the key (the modulus is the value of the 2 prime numbers in the RSA key multiplied together), which means values wrap-around (if you set
InputData[0] = 0you will see that input and output always match).You'll also want to be either passing
BCRYPT_PAD_PKCS1orBCRYPT_PAD_OAEPto the dwFlags parameter ofBCryptEncrypt/BCryptDecryptas raw RSA encryption is not secure. If you useBCRYPT_PAD_OAEPyou'll also have to supply aBCRYPT_OAEP_PADDING_INFO structure.您的问题是否可能源于将
NULLIV 传递给BCryptEncrypt,如底部的社区注释中所述:BCryptEncrypt 函数
Is it possible your problem stems from passing a
NULLIV toBCryptEncryptas remarked upon in Community notes at the bottom of:BCryptEncrypt function
我尝试了你的代码,如果我使
InputData的生成静态而不是随机,例如:它不返回任何错误,我认为 rand() 的极值存在问题。
I tried your code and if I make the generation of
InputDatastatic and not random such as:It does not return any error, I think there are problems with the extreme values of rand().