The provided payload cannot be decrypted because it was not protected with this protection provider.

[pankajythakare]

While trying to use DangerousUnprotect(), I am getting above mentioned error message. Protect() & Unprotect is working fine. I am not able to understand what is causing this to throw said exception.

Can someone please advise me on what's wrong with data protection provider?

Package : Microsoft.AspNetCore.DataProtection.Extensions 2.1.1

class Program
    {
        public static void Main(string[] args)
        {
            var serviceCollection = new ServiceCollection();
            serviceCollection.AddDataProtection()
                .PersistKeysToFileSystem(new DirectoryInfo(@"c:\temp-keys"))
                .ProtectKeysWithDpapi();
            var services = serviceCollection.BuildServiceProvider();

            var instance = ActivatorUtilities.CreateInstance<Implementation>(services, services.GetService<IKeyManager>());

            var protectedPayload = instance.encrypt("test");
            var unprotectedPayload = instance.decrypt(protectedPayload);
            instance.revokeAllKeys();
            var dangerouslyUnprotectedPayload = instance.dangerousDecrypt(protectedPayload);
            Console.ReadKey();
        }
    }

    public class Implementation
    {
        private IDataProtector _pro;
        private IKeyManager _keymgr;

        public Implementation(IDataProtectionProvider provider, IKeyManager manager)
        {
            this._pro = provider.CreateProtector("purpose");
            this._keymgr = manager;
        }

        public string encrypt(string plain)
        {
            return this._pro.Protect(plain);
        }

        public string decrypt(string encrypted)
        {
            return this._pro.Unprotect(encrypted);
        }

        public string dangerousDecrypt(string encryptedWithRevokedKey)
        {
            var persistentProtector = this._pro as IPersistedDataProtector;
**// Throws exception at this execution
            var plain = persistentProtector.DangerousUnprotect(Encoding.UTF8.GetBytes(encryptedWithRevokedKey), true, out var migrate, out var revoked);**
            return Encoding.UTF8.GetString(plain);
        }

        public void revokeAllKeys()
        {
            this._keymgr.RevokeAllKeys(DateTimeOffset.Now);
        }
    }

[pankajythakare]

Is it is just because of the string overload used to Protect? Please advise because it's working fine when used byte[] overload to protect data. I am not sure if it's a bug or intended functionality. I was assuming that one of the overloads can be used to protect the data and other one can be used to unprotect. Please advise!

[masterjs]

Hello @pankajythakare ,
If I understand well your problem, you have more than one server that can encrypt your data. If its this, the issue might be in PersistKeysToFileSystem(new DirectoryInfo(@"c:\temp-keys")). These server should share the same keys, otherwise you'll have the mentioned problem. Often using a network share might do the trick. There's a sample here: https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-2.2#persistkeystofilesystem

hope this helps!
JS

[pankajythakare]

@masterjs : Thanks for your input. I am not having issue with key persistence as I have a centralized location for key management with my own implementation. Issue is with overloads used for encryption and decryption. As I have copied sample repro ( I am using only one machine through console application ) in my issue description, you can see that I am using string overload to protect a data. So what I am assuming is that to use DangerousUnprotect(), I should only use byte[] for protect instead of string one, feel free to correct me on this. I have exposed web APIs to encrypt and decrypt which accepts and returns string.

Thanks,
Pankaj

[pankajythakare]

Just changed line from where exception was thrown to below and fixed my issue. Instead of Encoding.UTF8.GetBytes(), I had to use WebEncoders.Base64UrlDecode().

var plain= persistedProtector.DangerousUnprotect(WebEncoders.Base64UrlDecode(encryptedWithRevokedKey), true, out var migrate, out var revoked);

[blowdart]

@pankajythakare Yup, your assumption on encoding was initially incorrect. As you can see in the source you got it right the second time around. And we just that encoding so data can be round tripped through forms and querystrings, plain base64 includes characters which could terminate strings.