wpf CryptographicException: Access denied - 如何授予对用户存储的访问权限?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/37998580/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
CryptographicException: Access denied - How to give access on User store?
提问by Shiju Samuel
I am trying to load a certificate from a pfx file in a WPF application and it gives me an access denied error.
我正在尝试从 WPF 应用程序中的 pfx 文件加载证书,它给了我一个拒绝访问错误。
using (FileStream stream = System.IO.File.OpenRead(certificatePath))
{
using (BinaryReader reader = new BinaryReader(stream))
{
buffer = reader.ReadBytes((int)stream.Length);
}
}
X509Certificate2 certificate = new X509Certificate2(buffer, password);
System.Security.Cryptography.CryptographicException: Access denied.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password) at HelloWorld.HelloClient.Models.Infrastructure.ReadCertificateFromPfxFile(String certificatePath, String password)
System.Security.Cryptography.CryptographicException:拒绝访问。
在 System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr 密码, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) .X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password) at System.Security.Cryptography.X509Certificate2..ctor(Byte[] rawData, String password) at HelloModels.InCertificate. (字符串证书路径,字符串密码)
The last line in snippet is causing an exception, and if I run it as an administrator it works fine. The issue seems to be the default constructor of X509Certificate2 tries to put private key in the user store. I am not using web application. thispost doesn't resolve my issue. I think the current user might not have access to his own private key store. But how can I give that access?
代码段中的最后一行导致异常,如果我以管理员身份运行它,它工作正常。问题似乎是 X509Certificate2 的默认构造函数试图将私钥放入用户存储中。我没有使用网络应用程序。这篇文章没有解决我的问题。我认为当前用户可能无法访问他自己的私钥存储。但是我怎样才能授予这种访问权限?
回答by Shiju Samuel
Posting a fix if someone looking for a solution for similar issue. I ran sysinternal process monitorand realized the constructor call was creating a key in machine key folder and gave user access to write on machine key.
如果有人正在寻找类似问题的解决方案,请发布修复程序。我运行了sysinternal 进程监视器并意识到构造函数调用正在机器密钥文件夹中创建一个密钥,并授予用户在机器密钥上写入的权限。
回答by coconochao
Just in case it helps someone, "CryptographicException: Access denied" can be caused by lack of space in the disc, that was my case.
以防万一它对某人有帮助,“加密异常:拒绝访问”可能是由于光盘空间不足造成的,这就是我的情况。
