Hi @john paul , It seems that you are using and modifying the example in this answer.
After comparing the codes, I ‘ve got the following issues:
- You initialize the
keyHandle
toNULL
before callingBCryptDecrypt
, which will result in an error ofSTATUS_INVALID_HANDLE
. - Did not pass the
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO authInfo
to theBCryptDecrypt
. - Check another answer in that link, at point 7&8:
Call BCryptEncrypt/BCryptDecrypt "N - 1" times
- The amount of data passed to each call must be a multiple of the algorithm's block size.
Call BCryptEncrypt/BCryptDecrypt one final time (with or without plain/cipher text input/output). The size of the input need not be a multiple of the algorithm's block
size for this call. dwFlags is still set to 0.
- Remove the BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG from the dwFlags field of the BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO structure using the &= syntax.
Change the following snip works for me:
std::vector<BYTE> decrypted;
{
//keyHandle = NULL;
decrypted.resize(bytesDone);
DWORD partSize = decrypted.size();
std::vector<BYTE> macContext(authTagLengths.dwMaxLength);
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO authInfo;
BCRYPT_INIT_AUTH_MODE_INFO(authInfo);
authInfo.pbNonce = (PUCHAR)&origNonce[0];
authInfo.cbNonce = origNonce.size();
authInfo.pbTag = &authTag[0];
authInfo.cbTag = authTag.size();
authInfo.pbMacContext = &macContext[0];
authInfo.cbMacContext = macContext.size();
// IV value is ignored on first call to BCryptDecrypt.
// This buffer will be used to keep internal IV used for chaining.
std::vector<BYTE> contextIV(256);
authInfo.dwFlags &= ~BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG;
bcryptResult = BCryptDecrypt
(
keyHandle,
&encrypted[0],
encrypted.size(),
&authInfo,
&contextIV[0],
contextIV.size(),
&decrypted[0],
//partSize,
decrypted.size(),
&bytesDone,
0
);
if (bcryptResult == STATUS_SUCCESS)
{
std::cout << "bytes done:" << bytesDone << endl;
std::cout << "Decrypted Data" << std::endl;
for (auto val : decrypted)
{
std::cout << std::hex << (0xFF & val) << std::endl;
}
}
}
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.