Have received a report that some certificates do not work using the module's current default behavior of enabling OAEP padding when encrypting / decrypting key data with RSA certificates. The error was: Unprotect-Data : Exception calling "Decrypt" with "2" argument(s): "Error occurred while decoding OAEP padding."
I haven't been able to reproduce this problem myself yet, but we were able to determine that using the older PKCS#1 v1.15 padding (by setting the second parameter to RsaCryptoServiceProvider.Encrypt() and .Decrypt() to $false) resolved the problem.
Look into a way to allow a user to specify this padding scheme, if needed. (Probably by adding switches to Protect-Data and Add-ProtectedDataCredential, with corresponding data stored along with the keydata objects for Unprotect-Data to use later.)
Have received a report that some certificates do not work using the module's current default behavior of enabling OAEP padding when encrypting / decrypting key data with RSA certificates. The error was:
Unprotect-Data : Exception calling "Decrypt" with "2" argument(s): "Error occurred while decoding OAEP padding."I haven't been able to reproduce this problem myself yet, but we were able to determine that using the older PKCS#1 v1.15 padding (by setting the second parameter to RsaCryptoServiceProvider.Encrypt() and .Decrypt() to $false) resolved the problem.
Look into a way to allow a user to specify this padding scheme, if needed. (Probably by adding switches to
Protect-DataandAdd-ProtectedDataCredential, with corresponding data stored along with the keydata objects forUnprotect-Datato use later.)