ERROR_INVALID_DATA decrypting keyMaterial info from WiFi profile

Hi all,

As you may know, you can use Native WiFi API to access WiFi profile data on a Windows system. WlanGetProfile function can be used to get an Xml document with this data. The element within this document at path MSM/security/sharedKey/keyMaterial contains the WiFi network encrypted key.

You can decrypt this key by following the instructions in WlanGetProfile documentation:

By default, the keyMaterial element returned in the profile pointed to by the pstrProfileXml is encrypted. If your process runs in the context of the LocalSystem account on the same computer, then you can unencrypt key material by calling the CryptUnprotectData function.

 

Now, when doing that, we may get ERROR_INVALID_DATA when calling CryptUnprotectData on that encrypted key.

If this happens to you, note that keyMaterial value comes in the form of an Hexadecimal string. If you pass that string directly to CryptUnprotectData, you will get the error. We need to convert keyMaterial Hex string to the array of bytes it represents, and pass that array to CryptUnprotectData. That should work.

Regards,

Alex (Alejandro Campos Magencio)