当前位置:theitroad>C# m_safeCertContext 是无效句柄

C# m_safeCertContext 是无效句柄

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/442658/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-04 03:31:40  来源:igfitidea点击:

m_safeCertContext is an invalid handle

c#digital-signaturedigital-certificate

提问by Sergio

I've been wrestling with a problem, maybe you guys can point me in the right direction.

我一直在努力解决一个问题,也许你们可以指出我正确的方向。

I'm trying to digitally sign a pdf, on the webserver, over an https connection.

我正在尝试通过 https 连接在网络服务器上对 pdf 进行数字签名。

At page load i'm doing as so:

在页面加载时,我这样做:

HttpClientCertificate cs = Request.ClientCertificate;
X509Certificate card = new X509Certificate(cs.Certificate);
Org.BouncyCastle.X509.X509CertificateParser cp = new Org.BouncyCastle.X509.X509CertificateParser();
 Org.BouncyCastle.X509.X509Certificate[] chain = new Org.BouncyCastle.X509.X509Certificate[] { cp.ReadCertificate(card.GetRawCertData())};

I'm getting the error "m_safeCertContext is an invalid handle" at that last line of code.

我在最后一行代码中收到错误“m_safeCertContext 是无效句柄”。

Please note that:

请注意:

  • I am getting the same error using 2 completely different certificates.
  • The certificate is being retrieved to the "card" variable ok.
  • I used to get the card to X509Certificate2 but i read yesterday somewhere I'm not being able to find that the error could be solved by casting as a X509Certificate and then downcasting to X509Certificate2. It was one of those "well... this does not makes any sense but i havent tried it yet" moments.
  • I have tried to add [System.Security.SecurityCritical, System.Security.SecurityTreatAsSafe]property to all methods and even the class to see if it would work... no such luck.
  • 我使用 2 个完全不同的证书遇到相同的错误。
  • 正在将证书检索到“卡”变量中。
  • 我曾经将卡转至 X509Certificate2,但我昨天在某处读到我无法发现该错误可以通过转换为 X509Certificate 然后向下转换为 X509Certificate2 来解决。这是“嗯……这没有任何意义,但我还没有尝试过”的时刻之一。
  • 我试图为[System.Security.SecurityCritical, System.Security.SecurityTreatAsSafe]所有方法甚至类添加属性,以查看它是否有效......没有这样的运气。

Can anyone one give me a hint?

任何人都可以给我一个提示吗?

回答by DanM7

This can happen any time you access uninitialized fields in cryptography.

任何时候您访问密码学中的未初始化字段都可能发生这种情况。

In your code, if Request.ClientCertificatereturns an object with no raw certificate data then you will see the error when you call card.GetRawCertData()on your fourth line.

在您的代码中,如果Request.ClientCertificate返回一个没有原始证书数据的对象,那么您将card.GetRawCertData()在第四行调用时看到错误。

As a simple test, try the following:

作为一个简单的测试,请尝试以下操作:

var cert = new System.Security.Cryptography.X509Certificates.X509Certificate2();
Console.WriteLine(cert.Thumbprint);

This will throw the following exception because there is no thumbprint available:

这将引发以下异常,因为没有可用的指纹:

m_safeCertContext is an invalid handle.

with the given stack trace:

使用给定的堆栈跟踪:

at System.Security.Cryptography.X509Certificates.X509Certificate.ThrowIfContextInvalid()
at System.Security.Cryptography.X509Certificates.X509Certificate.SetThumbprint()
at System.Security.Cryptography.X509Certificates.X509Certificate.GetCertHashString()
at System.Security.Cryptography.X509Certificates.X509Certificate2.get_Thumbprint()
at MyEncryptionUtility.EncryptionUtilityForm.button1_Click(Object sender, EventArgs e) in C:\MyEncryptionUtility\EncryptionUtilityForm.cs:line 2864

回答by micahhoover

Looks like this is not your problem, but for others: make sure you don't call X509Certificate2.Reset() before trying to access any certificate related properties or methods.

看起来这不是您的问题,但对其他人来说:确保在尝试访问任何与证书相关的属性或方法之前不要调用 X509Certificate2.Reset()。

回答by Николай

 public bool ReadCertFromSignedFile(X509Certificate2 cert, string filename)
    {
        if (!string.IsNullOrWhiteSpace(filename) && File.Exists(filename))
        {
            var cert509 = X509Certificate.CreateFromSignedFile(filename);
            cert = new X509Certificate2(cert509.GetRawCertData());

            return CheckSertificate(cert);
        }
        else
        { throw new Exception("Сертификат не заполнен"); }
    }

method calling from another code like this

从这样的另一个代码调用方法

   if (_digitalSignatureService.ReadCertFromSignedFile(fileCert, file.SignFilePath))
                 {
                    if (!cert.Equals(fileCert))
                    {

Equals - calling error "m_safeCertContext is an invalid handle." because X509Certificate not exist

等于 - 调用错误“m_safeCertContext 是无效句柄”。因为 X509Certificate 不存在

decision

决定 

 public bool ReadCertFromSignedFile(X509Certificate2 cert, string filename)
    {
        if (!string.IsNullOrWhiteSpace(filename) && File.Exists(filename))
        {
            var cert509 = X509Certificate.CreateFromSignedFile(filename);

            cert.Import(cert509.GetRawCertData());

this code works!

这段代码有效!

相关推荐

C# 谁在 Dictionary<>.First() 上?

C# 谁在 Dictionary<>.First() 上?

C# 通过值/引用传递?

C# 通过值/引用传递?

在 64 位机器上以 32 位方式运行 C# 应用程序

在 64 位机器上以 32 位方式运行 C# 应用程序

C# 使用 .NET 使用同一进程执行多个命令行

C# 使用 .NET 使用同一进程执行多个命令行

相关推荐
最近更新
标签