I'm trying to figure out why I can't seem to decrypt an encrypted key from .NET with a X509 Certificate.
encryptedKey = "jW3VDsUZWIdzfZ1bPN3iKI2Pf9u22kUax0DFnF3A9H+nvcBQuVC2efw1FYGm5/AvnN27kXqA4PyCqcQLp/tguVqHtzdR7mJtkTCyY8TUoAej2Mqzv2uiEKULB/8rlPDl2DOkSMGJqieenAG/7gZjWhlU0eYrlcMi5dtAnPFTfy+LvtJ6bbGEDgy4FhoT49T6sO0kjBJHp5YI0p/CeEuc+WMT/BMGG1YuDPswltj0VzeaE3KbHSLvJPjGCQ3U0YkUWm8h9zM22S/mRvfMhEu1aRdQpojGUiSLKUJyotNu8fRulKeB1TVuE7AlDGrbAUsRtU+y6PdLMcEHW+BRq5Uouw==";
var encryptedKeyByte = Convert.FromBase64String(encryptedKey);
var clientCert = new X509Certificate2(@"C:\certificates\xxxxx.pfx", "xxxx");
var rsa = (RSACryptoServiceProvider)clientCert.PrivateKey;
byte key = rsa.Decrypt(encryptedKeyByte, false);
The error I get when I try to run the last line of the code rsa.Decrypt(encryptedKeyByte, false)
The parameter is incorrect.
In SOAP UI the decryption works where I use the same certificate. I just had to convert the file pfx to a jks file to get it working in SOAP UI. But other than that the settings look the same to me.
Here is a screen shot of the SOAP UI settings. I'm guessing the Signature Keystore
in the SOAP UI seetings is not used for the decryption process. The Decrypt Keystore
settings in SOAP UI is the one I'm using in .NET. Only in .NET its a pfx file.
I also imported the certificate to my local box to see some of the details. Here is what I see:
Please let me know if you need me to provide any other information or need me to test something out. Thanks in advance for your help.