0

Here is my process:

CryptoAPI:

  1. Generate AES session key
  2. Use recipient's public key to encrypt and export (1) in a SIMPLEBLOB with RSA
  3. Send SIMPLEBLOB to recipient

Java:

  1. Recipient receives (3)
  2. Recipient wants to decrypt SIMPLEBLOB using his private key

This is pretty standard I believe. There is a need to byte reverse the received byte array (from step 4 above). However, for some reason, the number of bytes received is above the maximum allowable number of bytes that RSA algorithm can decrypt. The error is "javax.crypto.IllegalBlockSizeException: Data must not be longer than 256 bytes". So there is something else going on that I don't understand. Can someone explain how to properly decrypt the SIMPLEBLOB in Java? Resources would help.

KyleM
  • 4,445
  • 9
  • 46
  • 78
  • Have you seen http://msdn.microsoft.com/en-us/library/windows/desktop/aa375601.aspx#simp_BLOB ? The data produced by `CryptExportKey` contains a certain header, in addition to the actual cyphertext. – Igor Tandetnik Aug 01 '13 at 23:10
  • @IgorTandetnik Thanks I don't know how I missed that. So I would just strip out the "BYTE encryptedkey[rsapubkey.bitlen/8];" part from the SIMPLEBLOB, reverse the bytes, then decrypt it using RSA in Java. – KyleM Aug 02 '13 at 04:24
  • How do you distribute the public keys? Is there a reason why TLS cannot be used here? – ntoskrnl Aug 02 '13 at 05:56
  • @ntoskrnl Suffice to say that I successfully imported the public key with CryptoAPI. – KyleM Aug 02 '13 at 18:38

1 Answers1

0

Have a look at this page: SIMPLEBLOB structure The first 12 Bytes of the blob belong to BLOBHEADER. To decrypt the key, start from the 12th position of the encrypted blob.

andret8
  • 286
  • 1
  • 8
  • 18
  • Yeah we solved this, see the comments on my question above. Thanks for answering though. – KyleM Sep 25 '13 at 16:23