m_safeCertContext是一个无效的句柄

Question

我一直在努力解决问题,也许你们可以指出我正确的方向.

我正试图通过https连接在网络服务器上对pdf进行数字签名.

在页面加载时我正在这样做:

HttpClientCertificate cs = Request.ClientCertificate;
X509Certificate card = new X509Certificate(cs.Certificate);
Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
 Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.GetRawCertData())};

我在最后一行代码中收到错误"m_safeCertContext是一个无效的句柄".

请注意:

• 我使用2个完全不同的证书得到同样的错误.
• 证书正被检索到"卡"变量ok.
• 我以前把卡拿到了X509Certificate2,但我昨天在某处读到了我无法通过转换为X509Certificate然后向下转换到X509Certificate2来解决错误.这是其中之一"嗯......这没有任何意义,但我还没有尝试过"的时刻.
• 我试图将[System.Security.SecurityCritical, System.Security.SecurityTreatAsSafe]属性添加到所有方法甚至类中以查看它是否可行...没有这样的运气.

任何人都可以给我一个暗示吗？

Answer 1

只要您在加密中访问未初始化的字段,就会发生这种情况.

在您的代码中,如果Request.ClientCertificate返回没有原始证书数据的对象,那么当您card.GetRawCertData()在第四行上调用时,您将看到错误.

作为一个简单的测试,请尝试以下方法:

var cert = new System.Security.Cryptography.X509Certificates.X509Certificate2();
Console.WriteLine(cert.Thumbprint);

这将抛出以下异常,因为没有可用的指纹:

m_safeCertContext is an invalid handle.

使用给定的堆栈跟踪:

at System.Security.Cryptography.X509Certificates.X509Certificate.ThrowIfContextInvalid()
at System.Security.Cryptography.X509Certificates.X509Certificate.SetThumbprint()
at System.Security.Cryptography.X509Certificates.X509Certificate.GetCertHashString()
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_Thumbprint()
at MyEncryptionUtility.EncryptionUtilityForm.button1_Click(Object sender, EventArgs e) in C:\MyEncryptionUtility\EncryptionUtilityForm.cs:line 2864