Windows error 0x80090027, -2146893785

In explicable error with RSA encrypt (with RSAEncryptionPadding.OaepSHA256) based on the input bytes

I am using C# with .net core 3.1 on windows 10. The option 1 in the following code successfully encrypts the plane bytes but the option 2 throw an error on Encrypt method. The only difference is the input bytes. private byte[] TestCode() { var cert = new X509Certificate2("<PEM-FILE-WITH-CERTIFICATE>"); var [...] read more

client certificate authentication not working with chrome and apache2 server

I am attempting to use client certificates to limit secure access to an apache2 web server. However after installation google chrome returns a ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED error. First I set up the CA for the Web Server by creating a CA key and an X509 PEM file: openssl genrsa -out CA.key 2048 [...] read more

Usage of Win32 API Ncrypt and Bcrypt : why the tutorial code fails after a very simple variation?

I practice using the win32 APIs to do some crypto stuff. I began with the code demo found here. It compiled it with Visual 2017 under Windows 10 x64, and it worked fine. Then I tried to play a little with it: changing signature algo, hash algo and key storage. [...] read more

How to decrypt data that is encrypted by OpenSSL with RSA_PKCS1_OAEP_PADDING using NCryptDecrypt?

I have difficulty to decrypt data being encrypted using OpenSSL and RSA_PKCS1_OAEP_PADDING padding option. What I am doing is: BCRYPT_ALG_HANDLE hCryptAlg = NULL; BCRYPT_OAEP_PADDING_INFO paddingInfo = { 0 }; DWORD cbDecryptedMessage; BYTE* pbDecryptedMessage = NULL; paddingInfo.pszAlgId = BCRYPT_SHA1_ALGORITHM; // Open an algorithm handle. BCryptOpenAlgorithmProvider(&hCryptAlg, BCRYPT_RSA_ALGORITHM, NULL, 0); // Calculate the [...] read more

Error while trying to set key ID (NCRYPT_NAME_PROPERTY) - 0x80090027 - Invalid parameter

I am trying to change key ID (Key name), I am using NCrypt: First I am calling NCryptOpenStorageProvider to initialize provider handle, after that I am calling NcryptOpenKey to initialize key handle this functions works well without errors. After that I call NCryptSetProperty string name = "keyName"; byte[] nameBytes = [...] read more

Windows C++ crypto API: how to disable pin code UI for smart card

I have the following C++ code (based on Microsoft API examples), it uses message signing and encryption API to produce PKCS#7 message. There is a hardware token with certificate inserted (Yubikey) which requires a PIN code for the signing operation. I want to disable the standard Windows pin popup and [...] read more

Invalid parameter in encrypt (JavaScript, UWP)

I would like to encrypt data in UWP appliaction writen in javascript. var publicKey = Windows.Security.Cryptography.Core.PersistedKeyProvider.openPublicKeyFromCertificate(cert, "", Windows.Security.Cryptography.Core.CryptographicPadding.none); var buffer = Windows.Security.Cryptography.CryptographicBuffer.createFromByteArray(bytes); var iv = null; var encrypted = Windows.Security.Cryptography.Core.CryptographicEngine.encrypt(publicKey, buffer, iv); But I get exception on the last line: 0x80090027 - JavaScript runtime error: Parametr není správný. (Invalid parameter) [...] read more

Creating a certificate request with the Windows Certificate Enrollment API returns error "The parameter is incorrect. 0x80090027"

I'm trying to write a program which can generate a certificate and sign it with a company CA. The code runs fine locally on my Windows 10 machine, but once I deploy the program to a Windows Server 2012R2 server, it keeps returning: { "ClassName": "System.Runtime.InteropServices.COMException", "Message": "CertEnroll::CX509Enrollment::_CreateRequest: The parameter [...] read more