[CryptoAPI] RSA_Decrypt expected input
Forge component by Ricardo Silva

We are trying to use the RSA_Decrypt functionality of the CryptoAPI component.
Whenever we call the RSA_Decrypt function we get errors regarding the key input:

The parameter is incorrect.


The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.   

We have a PEM with our key so we tried the function RSA_PrivateKeyFromPEM.
We even tried generating a new key with RSA_NewKey and passing that to the decode but we always get one of the above errors.

What is the expected format of the RSA_Decrypt Private key input? Something seems to be wrong seeing that it doesn't even work with a key newly generated by the same component.

Kind regards,


Did you set anything in the padding?

I tried empty, or with all options given in the description of the padding fields

As I still had the Crypto API Demo open it seems to work ok looks like possibly mixing up the private and public keys

The action below

RSA_NewKey creates a private key

RSA_GetPublicKey gets the public key from the private key from RSA_NewKey

RSA_Encrypt using the public key from RSA_GetPublicKey

The RSA_Decrypt using the private key from RSA_NewKey

The public and private keys are XML if you are using your own keys if you have a private key as a pem then you can get the GetPrivateKeyFromPEM

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.