BcryptDecrypt returns 0xC000003E(STATUS_DATA_ERROR)

Ritu Varkey 41 Reputation points
2023-05-19T06:41:46.69+00:00
#define 
AESBLOCKLEN
bool decrypt(PBTYE data, DWORD size)
{
   NTSTATUS status = 0;
	// Set up the initial vector
	PBYTE pbIV = nullptr;
	bool ret = true;


	pbIV = (PBYTE)HeapAlloc(GetProcessHeap(), 0, AESBLOCKLEN);
	if (NULL == pbIV)
	{
		ret = false;
	}

	
	PBYTE pbPlainTet = nullptr;
	DWORD cbPlainText = 0;

	if (!NT_SUCCESS(status = BCryptDecrypt(
			hKey,
		    data,
		    size,
			NULL,
			pbIV,
			AESBLOCKLEN,
			NULL,
			0,
			&cbPlainText,
		BCRYPT_BLOCK_PADDING)))
	{
			wprintf(L"**** Error 0x%x returned by BCryptDecrypt\n", status);
	}

	pbPlainText = (PBYTE)HeapAlloc(GetProcessHeap(), 0, cbPlainText);
	if (NULL == pbPlainText)
	{
		return false;
	}

	if (!NT_SUCCESS(status = BCryptDecrypt(
			hKey,
			data,
		    size,
			NULL,
			pbIV,
		    AESBLOCKLEN,
			pbPlainText,
			cbPlainText,
			&cbPlainText,
		BCRYPT_BLOCK_PADDING)))
	{
			
			if (status == -1073741762)//0xC000003E(STATUS_DATA_ERROR)
			{
				bool res = decryptwithoutpadding(data,size);
		        if(res)
				  return true;
			}
			return false;
	}


BcryptDecrypt returns 0xC000003E(STATUS_DATA_ERROR) so I tried the same without the BCRYPT_BLOCK_PADDING flag(set to 0). The function is successful(returns 0). But the data is not decrypted correctly.
Would like to know why I am getting the STATUS_DATA_ERROR , is it related to padding? How can I get this working.

Thanks in advance!
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,928 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 44,101 Reputation points
    2023-05-19T11:11:29.5566667+00:00

    Hello there,

    This is caused by the flag BCRYPT_BLOCK_PADDING.

    If you are trying to decrypt a buffer that was not encrypted with this flag (or, equivalently, was not encrypted with the same padding algorithm) the API will fail with this obscure status.

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments No comments

  2. Ritu Varkey 41 Reputation points
    2023-05-22T06:33:07.1466667+00:00

    I tried replacing BCRYPT_BLOCK_PADDING without 0.It Decrypts without error but fails the CRC check

    0 comments No comments