X509证书加解密

发布于 2024-07-21 08:11:23 字数 1880 浏览 9 评论 0原文

我刚刚开始学习 XML 安全性。 我们有 VS-2005 和 ASP.NET 2.0。 我想将 XML 发送到外部 URL 并且需要对其进行加密。 我正在做的正是 MSDN 文章 ms229744ms229943 正在做,但是在执行 DecryptDocument() 方法时,我不断收到“无法检索解密密钥”。 我正在使用我们的 SSL Web 证书,并且目前使用 X509Certificate 对 XML 进行数字签名,并且工作正常。

我还要求其他人从另一家商店尝试这个,他们也遇到了同样的错误。 X509 解密方法是否有记录的问题? 在下面的测试代码中,我将 XML 发布到另一个尝试解密 XML 的网页。 我不明白的是,如果 DecryptDocument() 方法甚至不检查公钥是否嵌入,它如何工作。 这是问题所在吗? 如果是这样,我如何检查以确保它嵌入在 XML 中? 任何帮助表示赞赏。 谢谢!

Private Function EncryptXml(ByVal xmlDoc As XmlDocument, ByVal Cert As X509Certificates.X509Certificate2) As XmlDocument

   Dim dataNodes As XmlNodeList = xmlDoc.SelectNodes("Agency")
   If dataNodes.Count <> 1 Then
       Return Nothing 
   End If  
   Dim elementToEncrypt As XmlElement = CType(xmlDoc.GetElementsByTagName("Agency")(0), XmlElement)
   Dim eXml As New EncryptedXml()
   Dim Key As RSACryptoServiceProvider = CType(Cert.PrivateKey, RSACryptoServiceProvider)
   Dim edElement As EncryptedData = eXml.Encrypt(elementToEncrypt, Cert)
   EncryptedXml.ReplaceElement(elementToEncrypt, edElement, False)
   Return xmlDoc 
End Function



Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
If Not IsPostBack Then
   If Request.Form("hdnSignedXML") IsNot Nothing Then
   Dim strXML As String = Request.Form("hdnSignedXML")
   Dim xmlDoc As New XmlDocument
   xmlDoc.LoadXml(strXML)
   xmlDoc.PreserveWhitespace = True
   Response.ContentType = "text/plain"
   Response.Write(strXML)

   Dim exml As New Xml.EncryptedXml(xmlDoc)
   exml.DecryptDocument()
   xmlDoc.Save("C:/inetpub/TestExampleDecrypted.xml")


   Response.End()

End If

End Sub

J.P

I'm just starting to learn XML security. We have VS-2005 & ASP.Net 2.0. I want to send XML to a outside URL and it needs to be encrypted. I'm doing exactly what the MSDN articles ms229744 & ms229943 are doing, but when doing the DecryptDocument() method, I keep getting the "Unable to retrieve the decryption key." I'm using our SSL web certificate, and I currently use X509Certificate to digitally sign the XML and it works fine.

I also asked somebody else to try this from a different shop and they are getting the same error. Is there a documented problem with the X509 decryption methods? In test code below, I'm posting the XML to another web page that is attempting to decrypt the XML. What I don't understand is how the DecryptDocument() method can work if it doesn't even check to see if the Public key is embedded. Is this the problem? If so, how do I check to make sure it is embedded in the XML? Any help is appreciated. Thanks!

Private Function EncryptXml(ByVal xmlDoc As XmlDocument, ByVal Cert As X509Certificates.X509Certificate2) As XmlDocument

   Dim dataNodes As XmlNodeList = xmlDoc.SelectNodes("Agency")
   If dataNodes.Count <> 1 Then
       Return Nothing 
   End If  
   Dim elementToEncrypt As XmlElement = CType(xmlDoc.GetElementsByTagName("Agency")(0), XmlElement)
   Dim eXml As New EncryptedXml()
   Dim Key As RSACryptoServiceProvider = CType(Cert.PrivateKey, RSACryptoServiceProvider)
   Dim edElement As EncryptedData = eXml.Encrypt(elementToEncrypt, Cert)
   EncryptedXml.ReplaceElement(elementToEncrypt, edElement, False)
   Return xmlDoc 
End Function



Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
If Not IsPostBack Then
   If Request.Form("hdnSignedXML") IsNot Nothing Then
   Dim strXML As String = Request.Form("hdnSignedXML")
   Dim xmlDoc As New XmlDocument
   xmlDoc.LoadXml(strXML)
   xmlDoc.PreserveWhitespace = True
   Response.ContentType = "text/plain"
   Response.Write(strXML)

   Dim exml As New Xml.EncryptedXml(xmlDoc)
   exml.DecryptDocument()
   xmlDoc.Save("C:/inetpub/TestExampleDecrypted.xml")


   Response.End()

End If

End Sub

jP

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

憧憬巴黎街头的黎明 2024-07-28 08:11:23

您的 Web 进程很可能无法访问私钥。 我曾经遇到过同样的事情,并在此项目中发布了答案:

从命令行设置证书的读取权限

如果您仍然遇到问题,对于我们的加密例程,我们引用了http://msdn.microsoft.com/en-us/magazine/cc163454.aspx

Chances are, your web process can't access the private key. I ran into the same thing once, and posted an answer in this item:

Set read permission for certificate from command line

In case you still have issues, for our encryption routines, we referenced http://msdn.microsoft.com/en-us/magazine/cc163454.aspx

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文