[英](WIN32: 1400 ERROR_INVALID_WINDOW_HANDLE) while Signing a CSR with a SmartCard
我正在尝试使用CertEnroll :: CX509CertificateRequestPkcs10库从智能卡生成CSR。 如果我只是在一开始就运行它,它将很好。 但是,如果我事先运行ADAL登录流程,则会收到以下错误。
CertEnroll :: CX509CertificateRequestPkcs10 :: Encode:无效的窗口句柄。 0x80070578(WIN32:1400 ERROR_INVALID_WINDOW_HANDLE)
我调查了该错误,看来这是您调用不再存在的窗口时的原因。 由于我无法控制CertEnroll :: CX509CertificateRequestPkcs10 :: Encode调用的窗口,有没有一种方法可以清除指针或避免这种错误的方法?
供参考,这是我的注册代码
var request = new CX509CertificateRequestPkcs10();
request.Initialize(X509CertificateEnrollmentContext.ContextUser);
request.PrivateKey.ExportPolicy = X509PrivateKeyExportFlags.XCN_NCRYPT_ALLOW_EXPORT_NONE;
request.PrivateKey.Length = 2048;
request.PrivateKey.ProviderName = "Microsoft Base Smart Card Crypto Provider";
request.PrivateKey.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_SIGNING_FLAG;
request.PrivateKey.KeySpec = X509KeySpec.XCN_AT_KEYEXCHANGE;
request.PrivateKey.MachineContext = false;
if (!subjectName.StartsWith("CN="))
subjectName = $"CN={subjectName}";
var subjectEncoded = new CX500DistinguishedNameClass();
subjectEncoded.Encode(subjectName);
request.Subject = subjectEncoded;
request.Encode();
这是我的验证码
result = authContext.AcquireTokenAsync(ResourceId, clientId, redirectUri, new PlatformParameters(PromptBehavior.Always));
result.Wait();
_userName = result.Result.UserInfo.DisplayableId;
return result.Result.AccessToken;
我可以通过将提供程序更改为较新版本并将KeySec更改为None来解决此问题(因为对于新的Gen Storage提供程序而言,这是必需的):
request.PrivateKey.ProviderName = "Microsoft Smart Card Key Storage Provider";
request.PrivateKey.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_SIGNING_FLAG;
request.PrivateKey.KeySpec = X509KeySpec.XCN_AT_NONE;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.