Mimekit - 找不到合适的私钥用于解密
我正在尝试使用 Mimekit 库解密和加密 mime 消息,但是当我尝试将证书导入到 TemporarySecureMimeContext 然后解密消息时,我遇到以下错误:
找不到合适的私钥进行解密。 在 MimeKit.Cryptography.BouncyCastleSecureMimeContext.d__50.MoveNext() 在 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务) 在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务) 在 System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult() 在 MimeKit.Cryptography.ApplicationPkcs7Mime. d__11.MoveNext() 在 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务) 在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务) 在 System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() 在 C:\Dev\Euroval\PasarelaAceuro\Utils\MimeUtils\MimeMailUtils.cs 中的 Utils.MimeMailUtils.MimeMailUtils. d__3.MoveNext() 处:第 105 行 在 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务) 在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务) 在 System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() 在 PasarelaLibrary.Implementations.Caixa.GraphImplementation.LaCaixaGraphApiPasarela. d__15.MoveNext() 在 C:\Dev\Euroval\PasarelaAceuro\PasarelaLibrary\Implementations\Caixa\GraphImplementation\LaCaixaGraphApiPasarela.cs:第 362 行 在 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务) 在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务) 在 System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() 在 C:\Dev\Euroval\PasarelaAceuro\PasarelaLibrary\Implementations\Caixa\GraphImplementation\LaCaixaGraphApiPasarela.cs 中的 PasarelaLibrary.Implementations.Caixa.GraphImplementation\LaCaixaGraphApiPasarela. d__9.MoveNext() 处:第 167 行
这是我正在使用的代码:
public static async Task<MimeEntity> Decrypt(MimeMessage message, X509Certificate2 certificate)
{
var encryptedContent = (ApplicationPkcs7Mime)message.Body;
using var context = new TemporarySecureMimeContext();
context.Import(certificate.AsBouncyCastleCertificate());
return await encryptedContent.DecryptAsync(context);
}
这是我初始化证书的方式:
public void SetSecrets()
{
using KeyVaultClient client = VaultClientExtensions.GetKeyVaultClient(AzureVaultManagerSettings.ClientId, AzureVaultManagerSettings.ClientSecret);
var secret = AsyncUtil.RunSync(() => client.GetSecret<string>(AzureVaultManagerSettings.SecretUrl));
GraphApiSettings.PrivateCertificate = new X509Certificate2(
Convert.FromBase64String(secret),
string.Empty,
X509KeyStorageFlags.EphemeralKeySet | X509KeyStorageFlags.Exportable);
}
问题是我已经使用 WindowsSecureMimeContext 加密和解密消息,但问题是我的应用程序服务中部署了应用程序可以'由于缺乏权限,无法导入证书,并且我们无法授予它管理员权限。
--编辑--
我的证书已经有私钥
I'm trying to decrypt and encrypt mime messages with the Mimekit Library, but when I try to import the certificate to the TemporarySecureMimeContext and then decrypt a message I encounter the following error:
A suitable private key could not be found for decrypting. at MimeKit.Cryptography.BouncyCastleSecureMimeContext.<DecryptAsync>d__50.MoveNext() at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult() at MimeKit.Cryptography.ApplicationPkcs7Mime.<DecryptAsync>d__11.MoveNext() at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at Utils.MimeMailUtils.MimeMailUtils.<Decrypt>d__3.MoveNext() in C:\Dev\Euroval\PasarelaAceuro\Utils\MimeUtils\MimeMailUtils.cs:line 105 at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at PasarelaLibrary.Implementations.Caixa.GraphImplementation.LaCaixaGraphApiPasarela.<GetMessage>d__15.MoveNext() in C:\Dev\Euroval\PasarelaAceuro\PasarelaLibrary\Implementations\Caixa\GraphImplementation\LaCaixaGraphApiPasarela.cs:line 362 at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at PasarelaLibrary.Implementations.Caixa.GraphImplementation.LaCaixaGraphApiPasarela.<Descarga>d__9.MoveNext() in C:\Dev\Euroval\PasarelaAceuro\PasarelaLibrary\Implementations\Caixa\GraphImplementation\LaCaixaGraphApiPasarela.cs:line 167
and this is the code I'm using:
public static async Task<MimeEntity> Decrypt(MimeMessage message, X509Certificate2 certificate)
{
var encryptedContent = (ApplicationPkcs7Mime)message.Body;
using var context = new TemporarySecureMimeContext();
context.Import(certificate.AsBouncyCastleCertificate());
return await encryptedContent.DecryptAsync(context);
}
Here is how I initialize the certificate:
public void SetSecrets()
{
using KeyVaultClient client = VaultClientExtensions.GetKeyVaultClient(AzureVaultManagerSettings.ClientId, AzureVaultManagerSettings.ClientSecret);
var secret = AsyncUtil.RunSync(() => client.GetSecret<string>(AzureVaultManagerSettings.SecretUrl));
GraphApiSettings.PrivateCertificate = new X509Certificate2(
Convert.FromBase64String(secret),
string.Empty,
X509KeyStorageFlags.EphemeralKeySet | X509KeyStorageFlags.Exportable);
}
The problem with that is I already encrypted and decrypted messages using the WindowsSecureMimeContext, but the problem with that is my app service in which is deployed the application can't import the certificate due to lack of permissions and we cannot give it admin permissions.
--EDIT--
My Certificate already has a private key
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要导入私钥
You need to import the private key