C# JWT解密失败(密钥集不存在)
我最近遇到了一个奇怪的问题,当我试图用私钥和公钥对签名时。在开发人员机器上,一切都按预期工作,但在测试环境中,相同的代码只会引发异常:System.Security.Cryptography.Cryptography异常:密钥集不存在 这是我的密码:C# JWT解密失败(密钥集不存在),c#,.net-core,jwt,jwt-auth,C#,.net Core,Jwt,Jwt Auth,我最近遇到了一个奇怪的问题,当我试图用私钥和公钥对签名时。在开发人员机器上,一切都按预期工作,但在测试环境中,相同的代码只会引发异常:System.Security.Cryptography.Cryptography异常:密钥集不存在 这是我的密码: public JwtSecurityToken DeCrypt(StreamReader tokenStreamReader) { JwtSecurityToken jwtSecurityTo
public JwtSecurityToken DeCrypt(StreamReader tokenStreamReader)
{
JwtSecurityToken jwtSecurityToken = null;
var succeeded = false;
var exceptions = new List<Exception>();
var certificates = certificateProvider.GetCertificates(true);
if(certificates == null || certificates.Count == 0)
throw new InvalidOperationException("No certificates found");
foreach (var certificate in certificates)
{
if (!succeeded)
{
try
{
var x509SecurityKey = new X509SecurityKey(certificate);
var handler = new JwtSecurityTokenHandler();
handler.ValidateToken(
tokenStreamReader.ReadToEnd(),
new TokenValidationParameters
{
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = false,
TokenDecryptionKey = x509SecurityKey,
SignatureValidator = (ss, parameters) => new JwtSecurityToken(ss),
},
out var securityToken);
jwtSecurityToken = (JwtSecurityToken)securityToken;
succeeded = true;
}
catch (Exception e)
{
exceptions.Add(e);
}
}
}
if (!succeeded)
throw new AggregateException("JWT decryption failed", exceptions);
return jwtSecurityToken;
}
公共JwtSecurityToken解密(StreamReader tokenStreamReader)
{
JwtSecurityToken JwtSecurityToken=null;
var=false;
var exceptions=新列表();
var certificates=certificateProvider.GetCertificates(true);
如果(证书==null | |证书.计数==0)
抛出新的InvalidOperationException(“未找到证书”);
foreach(证书中的var证书)
{
如果(!成功)
{
尝试
{
var x509SecurityKey=新的x509SecurityKey(证书);
var handler=新的JwtSecurityTokenHandler();
handler.ValidateToken(
tokenStreamReader.ReadToEnd(),
新的TokenValidationParameters
{
validateisuer=false,
ValidateAudience=false,
ValidateLifetime=false,
TokenDecryptionKey=x509SecurityKey,
SignatureValidator=(ss,参数)=>新JwtSecurityToken(ss),
},
out var securityToken);
jwtSecurityToken=(jwtSecurityToken)securityToken;
成功=真;
}
捕获(例外e)
{
例外情况。添加(e);
}
}
}
如果(!成功)
抛出新的AggregateException(“JWT解密失败”,异常);
返回jwtSecurityToken;
}