[英]Why am I getting a Bad Data exception only 5% of the time?
我有以下代码,大约有5%的时间抛出CryptographicException,并且我不知道为什么a)不能始终失败以及b)根本失败:
// Initialize the new secure keys
var keyGenerator = KeyGenerator.Create();
var keyPair = keyGenerator.GenerateKeyPair();
this._privateKey = keyPair.ToEncryptedPrivateKeyString(privateKeySecret);
this._publicKey = keyPair.ToPublicKeyString();
// Initialize the certificate generation
var certificateGenerator = new X509V3CertificateGenerator();
var serialNo = BigInteger.ProbablePrime(128, new Random());
certificateGenerator.SetSerialNumber(serialNo);
certificateGenerator.SetSubjectDN(GetLicenseeDN());
certificateGenerator.SetIssuerDN(GetLicencerDN());
certificateGenerator.SetNotAfter(DateTime.Now.AddYears(100));
certificateGenerator.SetNotBefore(DateTime.Now.Subtract(new TimeSpan(7, 0, 0, 0)));
certificateGenerator.SetSignatureAlgorithm("SHA512withRSA");
certificateGenerator.SetPublicKey(keyPair.PublicKey);
var result = certificateGenerator.Generate(keyPair.PrivateKey);
this._clientCertificate = new X509Certificate2(DotNetUtilities.ToX509Certificate(result));
this._clientCertificate.PrivateKey = DotNetUtilities.ToRSA((RsaPrivateCrtKeyParameters)keyPair.PrivateKey);
堆栈看起来像:
System.Security.Cryptography.CryptographicException: Bad Data.
Result StackTrace:
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.Utils._ImportKey(SafeProvHandle hCSP, Int32 keyNumber, CspProviderFlags flags, Object cspObject, SafeKeyHandle& hKey)
at System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters)
at Org.BouncyCastle.Security.DotNetUtilities.ToRSA(RsaPrivateCrtKeyParameters privKey) in C:\BouncyCastle\crypto\src\security\DotNetUtilities.cs:line 173
at EBSConnect.EBSClientBase.InitializeSecurity(String privateKeySecret) in c:\Projects\EBSConnect\Source\EBSConnect\EBSClientBase.cs:line 78
在其余时间(95%)中,此代码可以按预期工作,并且我能够使用此动态生成的证书与联合服务进行通信。 有任何想法吗?
假设您使用的是BouncyCastle C#1.7,则从BigInteger到byte []的转换存在一些问题(与前导零相关)。 这些已在源代码中修复,但尚未发布。 我建议制作最新DotNetUtilities类的本地副本,并在项目中使用它,直到有新版本发布为止。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.