如何在hsm内部使用c#cng加密数据并使用从不可提取的密钥?
我使用.net core 3.1使用从不可提取的hsm密钥(Securosys Primus hsm密钥存储提供程序)加密密码。下面是我正在尝试做的代码如何在hsm内部使用c#cng加密数据并使用从不可提取的密钥?,c#,encryption,.net-core,hsm,cng,C#,Encryption,.net Core,Hsm,Cng,我使用.net core 3.1使用从不可提取的hsm密钥(Securosys Primus hsm密钥存储提供程序)加密密码。下面是我正在尝试做的代码 public byte[] EncryptPasswordWithProvider ( string plainText, string cngProviderName, string cngProviderKey )
public byte[] EncryptPasswordWithProvider
(
string plainText,
string cngProviderName,
string cngProviderKey
)
{
byte[] result;
CngProvider cngProvider = new CngProvider(cngProviderName);
using (AesCng aesCng = new AesCng(cngProviderKey, cngProvider))
{
aesCng.GenerateIV();
ICryptoTransform encryptor = aesCng.CreateEncryptor();
using MemoryStream msKeyEncrypt = new MemoryStream();
using CryptoStream csKeyEncrypt =
new CryptoStream(msKeyEncrypt, encryptor, CryptoStreamMode.Write);
byte[] dataToEncrypt = Encoding.UTF8.GetBytes(plainText);
csKeyEncrypt.Write(dataToEncrypt, 0, dataToEncrypt.Length); //an error occurs here
csKeyEncrypt.FlushFinalBlock();
result = msKeyEncrypt.ToArray();
}
return result;
}
at Internal.Cryptography.BasicSymmetricCipherNCrypt.Transform(Byte[] input, Int32 inputOffset, Int32 count, Byte[] output, Int32 outputOffset)
at Internal.Cryptography.BasicSymmetricCipherNCrypt.TransformFinal(Byte[] input, Int32 inputOffset, Int32 count)
at Internal.Cryptography.UniversalCryptoEncryptor.UncheckedTransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at Internal.Cryptography.UniversalCryptoTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.<FlushFinalBlockAsync>d__29.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
at System.IO.Stream.Close()
at System.IO.Stream.Dispose()
at Intellicard.PasswordManager.Services.PasswordService.a(String plainText, String cngProviderName, String cngProviderKey) in D:\Projects\passwordManager\trunk\PasswordToolVersion2\Intellicard.PasswordManager\Services\PasswordService.cs:line 402
at Intellicard.PasswordManager.Controllers.ConfigurationController.GetEncryptedData(IEnumerable`1 dataToEncrypt, EncryptionConfigurationModel currentEncryptionConfiguration) in D:\Projects\passwordManager\trunk\PasswordToolVersion2\Intellicard.PasswordManager\Controllers\ConfigurationController.cs:line 184
at Intellicard.PasswordManager.Controllers.ConfigurationController.<UpdateEncryptionConfigurationData>d__14.MoveNext() in D:\Projects\passwordManager\trunk\PasswordToolVersion2\Intellicard.PasswordManager\Controllers\ConfigurationController.cs:line 227
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Extensions.Internal.ObjectMethodExecutorAwaitable.Awaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.<Execute>d__0.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Threading.Tasks.ValueTask`1.get_Result()
at System.Runtime.CompilerServices.ValueTaskAwaiter`1.GetResult()
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<<InvokeActionMethodAsync>g__Logged|12_1>d.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<<InvokeNextActionFilterAsync>g__Awaited|10_0>d.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<<InvokeNextResourceFilter>g__Awaited|24_0>d.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<<InvokeAsync>g__Logged|17_1>d.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.AspNetCore.Builder.RouterMiddleware.<Invoke>d__4.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.<Invoke>d__6.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Microsoft.AspNetCore.Builder.Extensions.MapMiddleware.<Invoke>d__3.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at Intellicard.PasswordManager.Middleware.TokenCreationMiddleware.<InvokeAsync>d__3.MoveNext() in D:\Projects\passwordManager\trunk\PasswordToolVersion2\Intellicard.PasswordManager\Middleware\TokenCreationMiddleware.cs:line 40
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
此代码适用于标准Microsoft软件密钥存储提供程序,具有两种类型的密钥(可提取和不可提取)。问题出在HSM库中。在向支持服务发送消息后,所有问题都得到了解决。问题出在HSM库中。在向支持服务部门发送消息后,一切都已修复
SPHK_Encrypt: EncryptData failed with 0xee000041(TLSTATUS_INVALID_PARAMETER).