How can I decrypt a string using CryptUnprotectData

Question

I have been trying to decrypt some encrypted data (AES key encrypting chrome cookies) via the c++ CryptUnprotectData function for a short while now, but I cant seem to get it working. Currently the function will fail and return an error code of 13 (meaning "The parameter is incorrect."). Here is my code so far:

#include <iostream>
#include <Windows.h>
#include <wincrypt.h>
#include <fstream>
#include <string>
#include <vector>
using namespace std;

std::string GetLastErrorAsString()
{
    DWORD errorMessageID = ::GetLastError();
    if(errorMessageID == 0) {
        return std::string();
    }

    LPSTR messageBuffer = nullptr;

    size_t size = FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,NULL, errorMessageID, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPSTR)&messageBuffer, 0, NULL);

    std::string message(messageBuffer, size);

    LocalFree(messageBuffer);

    return message;
}

int main()
{



    string data = "(data I want to decode)";
    cout << data;


    DATA_BLOB DataBytes;

    DataBytes.pbData = (BYTE*)data.data();
    DataBytes.cbData = (DWORD)data.size()+1;


    DATA_BLOB output;
    output.pbData = NULL;
    output.cbData = (DWORD)data.size();


    CryptUnprotectData(&DataBytes, NULL, NULL, NULL, NULL, 0, &output);

    cout << GetLastErrorAsString() << endl;
    cout << output.pbData;


    LocalFree(output.pbData);



    return 0;
}

If anyone can provide any help, that would be greatly appreciated.

I have tried different variations of the data types the parameters are stored in, although it still returns this error.

Answer 1

I modified your code, which is as follows. It only implements simple decryption. And the data is not encrypted, so CryptUnprotectData() does not return the correct value.

#include <stdio.h>
#include <windows.h>
#include <Wincrypt.h>
#include <string>
#include <vector>
#include <fstream>
#include <iostream>
using namespace std;

#define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)

#pragma comment (lib, "Crypt32.lib")



int main()
{
    // Decrypt data from DATA_BLOB DataOut to DATA_BLOB DataVerify.

//--------------------------------------------------------------------
// Declare and initialize variables.
    string data = ("data I want to decode \n");
    cout << data;

    LPWSTR pDescrOut = NULL;

    DATA_BLOB DataBytes;
    BYTE* pbDataOutput = (BYTE*)data.data();
    DWORD cbDataOutput = strlen((char*)pbDataOutput) + 1;
    DataBytes.pbData = pbDataOutput;
    DataBytes.cbData = cbDataOutput;
    
    //DATA_BLOB DataVerify;
    


    //--------------------------------------------------------------------
    // The buffer DataOut would be created using the CryptProtectData
    // function. If may have been read in from a file.

    //--------------------------------------------------------------------
    //   Begin unprotect phase.
    BOOL res = CryptUnprotectData(
        &DataBytes,
        &pDescrOut,
        NULL,                 // Optional entropy
        NULL,                 // Reserved
        NULL,                 // Here, the optional 
        // prompt structure is not
        // used.
        0,
        &DataBytes);
    if (res==1)
    {
        printf("The decrypted data is: %s\n", DataBytes.pbData);
        printf("The description of the data was: %s\n", pDescrOut);

    }
    else
    {
        printf("Decryption error!");
    }
//    LocalFree(DataVerify.pbData);
    LocalFree(pDescrOut);
    //LocalFree(DataBytes.pbData);
}

It is recommended to refer to Microsoft's official documentation when you add additional code.