BcryptDecrypt returns 0xC000003E(STATUS_DATA_ERROR)

Question

#define 
AESBLOCKLEN
bool decrypt(PBTYE data, DWORD size)
{
   NTSTATUS status = 0;
	// Set up the initial vector
	PBYTE pbIV = nullptr;
	bool ret = true;


	pbIV = (PBYTE)HeapAlloc(GetProcessHeap(), 0, AESBLOCKLEN);
	if (NULL == pbIV)
	{
		ret = false;
	}

	
	PBYTE pbPlainTet = nullptr;
	DWORD cbPlainText = 0;

	if (!NT_SUCCESS(status = BCryptDecrypt(
			hKey,
		    data,
		    size,
			NULL,
			pbIV,
			AESBLOCKLEN,
			NULL,
			0,
			&cbPlainText,
		BCRYPT_BLOCK_PADDING)))
	{
			wprintf(L"**** Error 0x%x returned by BCryptDecrypt\n", status);
	}

	pbPlainText = (PBYTE)HeapAlloc(GetProcessHeap(), 0, cbPlainText);
	if (NULL == pbPlainText)
	{
		return false;
	}

	if (!NT_SUCCESS(status = BCryptDecrypt(
			hKey,
			data,
		    size,
			NULL,
			pbIV,
		    AESBLOCKLEN,
			pbPlainText,
			cbPlainText,
			&cbPlainText,
		BCRYPT_BLOCK_PADDING)))
	{
			
			if (status == -1073741762)//0xC000003E(STATUS_DATA_ERROR)
			{
				bool res = decryptwithoutpadding(data,size);
		        if(res)
				  return true;
			}
			return false;
	}


BcryptDecrypt returns 0xC000003E(STATUS_DATA_ERROR) so I tried the same without the BCRYPT_BLOCK_PADDING flag(set to 0). The function is successful(returns 0). But the data is not decrypted correctly.
Would like to know why I am getting the STATUS_DATA_ERROR , is it related to padding? How can I get this working.

Thanks in advance!

Answer 1

Hello there,

This is caused by the flag BCRYPT_BLOCK_PADDING.

If you are trying to decrypt a buffer that was not encrypted with this flag (or, equivalently, was not encrypted with the same padding algorithm) the API will fail with this obscure status.

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer–

Answer 2

I tried replacing BCRYPT_BLOCK_PADDING without 0.It Decrypts without error but fails the CRC check