Descifrado con RSA / ECB / PKCS1Padding

Following tag is a part of SAML response. I have to decrypt following CipherValue. I pass CipherValue ( string ) to following function but it did not return correct value, what am I doing wrong?

La documentación dice:

  1. Obtain the private key from the certificate.

  2. Decrypt the encrypted key using RSA/ECB/PKCS1Padding.

( key is following value)

private string RSADecryption(string dataToDecrypt) 

  String certificateLocation = ConfigurationManager.AppSettings.Get("CertificateLocation");
  String certificateStore = ConfigurationManager.AppSettings.Get("CertificateStore");
  string certificateSubject = ConfigurationManager.AppSettings.Get("CertificateSubject");
  String decryptedKey = string.Empty;
      X509Certificate2 encryptionCertificate = X509Utilities.GetCertificateBySubject(certificateSubject, certificateStore.ParseAsEnum<StoreName>(),
      if (encryptionCertificate == null )
          Helper.LogMessage(" Did not find Encryption Certificate on the sserver " );
      RSACryptoServiceProvider rsaProvider = (RSACryptoServiceProvider)encryptionCertificate.PrivateKey;
      byte[] cipherbytes = Convert.FromBase64String(dataToDecrypt);
      byte[] plainbytes = rsaProvider.Decrypt(cipherbytes, false);
      System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
      decryptedKey =  enc.GetString(plainbytes);

  catch (Exception e)
      Helper.LogMessage(e.Message + " Key Parsing error. DataToDecrypt = " + dataToDecrypt);
      throw e;
  return decryptedKey;


preguntado el 08 de noviembre de 11 a las 17:11

Please edit your question to include how the above code is currently failing (i.e. what's the exception). That will make it easier to help you. -

return value of the above function is "!???????q??$\"^?y??|J". I don't think this is a correct value. -

1 Respuestas

It's hard to be sure without being able to duplicate this or without the code that produced the encrypted value. My best guess, i.e. I've seen that too many times, is an texto encoding issue. That's even more likely since:

a) there's no exception is the crypto code (e.g. bad padding);

b) ASCII is not used very much these days so the following:

System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();

might not return what you expect.

So I would try UFT8, Unicode... and all variants (unless you have this documented somewhere).

respondido 09 nov., 11:00

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.