src*_*aks 6 c# encryption wcf rsacryptoserviceprovider
我为Encrypt/Decrypt Streams写了一个代码块.代码在我的本地机器上工作.但是当我在网上发布我的代码时,解密函数会抛出"Bad Data"异常这是我的Encrypton和Decryption函数
private static MemoryStream EncryptStream(XmlDocument xmlDoc, XmlElement elementToEncrypt, string password)
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = password;
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);
RijndaelManaged sessionKey = null;
try
{
if (xmlDoc == null)
throw new ArgumentNullException("xmlDoc");
if (rsaKey == null)
throw new ArgumentNullException("rsaKey");
if (elementToEncrypt == null)
throw new ArgumentNullException("elementToEncrypt");
sessionKey = new RijndaelManaged();
sessionKey.KeySize = 256;
EncryptedXml eXml = new EncryptedXml();
byte[] encryptedElement = eXml.EncryptData(elementToEncrypt, sessionKey, false);
EncryptedData edElement = new EncryptedData();
edElement.Type = EncryptedXml.XmlEncElementUrl;
edElement.Id = EncryptionElementID;
edElement.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES256Url);
EncryptedKey ek = new EncryptedKey();
byte[] encryptedKey = EncryptedXml.EncryptKey(sessionKey.Key, rsaKey, false);
ek.CipherData = new CipherData(encryptedKey);
ek.EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
edElement.KeyInfo = new KeyInfo();
KeyInfoName kin = new KeyInfoName();
kin.Value = KeyName;
ek.KeyInfo.AddClause(kin);
edElement.CipherData.CipherValue = encryptedElement;
edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey(ek));
EncryptedXml.ReplaceElement(elementToEncrypt, edElement, false);
if (sessionKey != null)
{
sessionKey.Clear();
}
rsaKey.Clear();
MemoryStream stream = new MemoryStream();
xmlDoc.Save(stream);
stream.Position = 0;
Encoding encodeing = System.Text.UnicodeEncoding.Default;
return stream;
}
catch (Exception e)
{
if (sessionKey != null)
{
sessionKey.Clear();
}
rsaKey.Clear();
throw (e);
}
}
private static MemoryStream DecryptStream(XmlDocument xmlDoc, string password)
{
CspParameters cspParams = new CspParameters();
cspParams.KeyContainerName = password;
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);
EncryptedXml exml = null;
try
{
if (xmlDoc == null)
throw new ArgumentNullException("xmlDoc");
if (rsaKey == null)
throw new ArgumentNullException("rsaKey");
exml = new EncryptedXml(xmlDoc);
exml.AddKeyNameMapping(KeyName, rsaKey);
exml.DecryptDocument();
rsaKey.Clear();
MemoryStream outStream = new MemoryStream();
xmlDoc.Save(outStream);
outStream.Position = 0;
return outStream;
}
catch (Exception e)
{
rsaKey.Clear();
throw (e);
}
}
在"exml.DecryptDocument();"上抛出异常 线.
你对问题和解决方案有什么想法吗?
编辑:
在MSDN页面,有如下的评语
要将XML加密与X.509证书一起使用,必须安装Microsoft Enhanced Cryptographic Provider,并且X.509证书必须使用增强型提供程序.如果您没有安装Microsoft增强加密提供程序或X.509证书不使用增强的提供程序,则在解密XML文档时将引发带有"未知错误"的CryptographicException.
您对"Microsoft Enhanced Cryptographic Provider"和"X.509 certificate"有什么想法吗?我的问题可以与这些相关吗?
不要重新发明加密协议。你会弄错的。举个例子,错误地处理存储在CSP中的 RSA 密钥并期望它们神奇地出现在任何计算机上。
要加密传输中的数据,请使用 SSL/TLS。.Net 提供开箱即用的SslStream. 对于 WCF,请参阅如何:使用 SSL 配置 IIS 托管的 WCF 服务。
| 归档时间: |
|
| 查看次数: |
1177 次 |
| 最近记录: |