Search code examples
c#encryptioncertificatersapublic-key-encryption

System.Security.Cryptography.Cng: The parameter is incorrect

I used standard code to get this file encrypted. The certificate is not expired and the key is valid. I don't find the reason why it throws this exception.


        public byte[] EncryptDataOaepSha256(X509Certificate2 cert, byte[] data)
        {
            RSA rsa = cert.GetRSAPublicKey();

            if (rsa != null)
            {
                return rsa.Encrypt(data, RSAEncryptionPadding.OaepSHA256);
            }

           return null;
        }

enter image description here

Solution

  • @jdweng thanks for the code i fixed the problem to do this

       public byte[] EncryptDataOaepSha256(X509Certificate2 cert, byte[] data, ILogger log)
    {
        RSA rsa = cert.GetRSAPublicKey();
        byte[] input = data;
        long blocksize = 182;
        long byteCounterInt = 0;
        byte[] byteCounter = BitConverter.GetBytes(byteCounterInt);
        byte[] output = new byte[0];

        try
        {
            for (long i = 0; i < input.Length; i += blocksize)
            {
                long chunksize = (input.Length - i > blocksize) ? blocksize : input.Length - i;
                byte[] temp = new byte[chunksize];
                temp = temp.Concat(byteCounter).ToArray();
                Array.Copy(input, i, temp, 0, chunksize);
                byte[] encrypteByte = rsa.Encrypt(temp, RSAEncryptionPadding.OaepSHA256);

                if (output.Length > 0)
                {
                    output = output.Concat(encrypteByte).ToArray();
                }
                else
                {
                    output = encrypteByte;
                }
            }

            return output;
        }
        catch(Exception e)
        {
            log.LogCritical("Error encrypting a stream");
            log.LogCritical(e.Message);
            log.LogCritical(e.StackTrace);
            log.LogCritical(e.ToString());

            return null;
        }
    }

 public byte[] DecryptDataOaepSha256(X509Certificate2 cert, byte[] data, ILogger log)
    {
        RSA rsa = cert.GetRSAPublicKey();

        byte[] input = data;
        long blocksize = 190;
        long byteCounterInt = 0;
        byte[] byteCounter = BitConverter.GetBytes(byteCounterInt);
        byte[] output = new byte[0];

        try
        {
            for (long i = 0; i < input.Length; i += blocksize)
            {
                long chunksize = (input.Length - i > blocksize) ? blocksize : input.Length - i;
                byte[] temp = new byte[chunksize];
                Array.Copy(input, i, temp, 0, chunksize);
                byte[] tempMinBytecount = new byte[temp.Length - byteCounter.Length];
                Array.Copy(temp, byteCounter.Length, tempMinBytecount, 0, tempMinBytecount.Length);

                byte[] decrypteByte = rsa.Decrypt(tempMinBytecount, RSAEncryptionPadding.OaepSHA256);

                if (output.Length > 0)
                {
                    output = output.Concat(decrypteByte).ToArray();
                }
                else
                {
                    output = decrypteByte;
                }
            }

            return output;
        }
        catch (Exception e)
        {
            log.LogCritical("Error decrypting a stream");
            log.LogCritical(e.Message);
            log.LogCritical(e.StackTrace);
            log.LogCritical(e.ToString());

            return null;
        }

    }