Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/303.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# 在azure上存储和使用现有数据保护密钥_C#_Azure_Asp.net Core_Azure Storage Blobs_Data Protection - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# 在azure上存储和使用现有数据保护密钥

C# 在azure上存储和使用现有数据保护密钥

c# azure asp.net-core

C# 在azure上存储和使用现有数据保护密钥,c#,azure,asp.net-core,azure-storage-blobs,data-protection,C#,Azure,Asp.net Core,Azure Storage Blobs,Data Protection,我正在尝试将prem密钥与azure云设置同步,以便两个环境都可以解密授权标头访问令牌 目前我有以下设置: 已将此格式的现有xml密钥文件添加到azure blob存储: <?xml version="1.0" encoding="utf-8"?> <key id="id..." version="1"> <creationDate>2018-05-08T17:44:54.9313191Z</creationDate> <activa

我正在尝试将prem密钥与azure云设置同步,以便两个环境都可以解密授权标头访问令牌

目前我有以下设置:

已将此格式的现有xml密钥文件添加到azure blob存储:

<?xml version="1.0" encoding="utf-8"?>
<key id="id..." version="1">
  <creationDate>2018-05-08T17:44:54.9313191Z</creationDate>
  <activationDate>2018-05-08T17:44:54.8979462Z</activationDate>
  <expirationDate>2023-05-07T17:44:54.8979462Z</expirationDate>
  <descriptor deserializerType="Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel.AuthenticatedEncryptorDescriptorDeserializer, Microsoft.AspNetCore.DataProtection, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60">
    <descriptor>
      <encryption algorithm="AES_256_CBC" />
      <validation algorithm="HMACSHA256" />
      <masterKey p4:requiresEncryption="true" xmlns:p4="http://schemas.asp.net/2015/03/dataProtection">
        <!-- Warning: the key below is in an unencrypted form. -->
        <value>my-shared-key</value>
      </masterKey>
    </descriptor>
  </descriptor>
</key>
在启动过程中看到这些警告/错误:

warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
      Unknown element with name 'creationDate' found in keyring, skipping.
Loaded 
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'creationDate' found in keyring, skipping.
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'activationDate' found in keyring, skipping.
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
      Unknown element with name 'activationDate' found in keyring, skipping.
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'expirationDate' found in keyring, skipping.
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
      Unknown element with name 'expirationDate' found in keyring, skipping.
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:Warning: Unknown element with name 'descriptor' found in keyring, skipping.
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[15]
      Unknown element with name 'descriptor' found in keyring, skipping.

Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider:Error: An error occurred while reading the key ring.

System.InvalidOperationException: The key ring does not contain a valid default protection key. The data protection system cannot create a new key because auto-generation of keys is disabled.
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.CreateCacheableKeyRingCore(DateTimeOffset now, IKey keyJustAdded)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.ICacheableKeyRingProvider.GetCacheableKeyRing(DateTimeOffset now)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider.GetCurrentKeyRingCore(DateTime utcNow)
fail: Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider[48]
      An error occurred while reading the key ring.
我哪里出了问题

提前谢谢

更新:

还尝试了这种注册azure密钥的方法,但仍然看到相同的错误:

var storageAccount = CloudStorageAccount.Parse("<connectionstring + access key>");
var client = storageAccount.CreateCloudBlobClient();

var container = client.GetContainerReference("dev");
container.CreateIfNotExistsAsync().GetAwaiter().GetResult();

services.AddDataProtection()
       .SetApplicationName("common-name")
       .PersistKeysToAzureBlobStorage(container, "keys.xml")
       .DisableAutomaticKeyGeneration();

var-storageAccount=CloudStorageAccount.Parse(“”);
var client=storageAccount.CreateCloudBlobClient();
var container=client.GetContainerReference(“dev”);
container.CreateIfNotExistsAsync().GetAwaiter().GetResult();
services.AddDataProtection()
.SetApplicationName(“通用名称”)
.PersistKeysAzureBlobstorage(容器,“keys.xml”)
.DisableAutomaticyGeneration();
最后我自己找到了答案,不幸的是,这些信息没有记录在任何地方的MS Azure文档中

简单地说,您需要将关键xml元素包装在根
元素中

var storageAccount = CloudStorageAccount.Parse("<connectionstring + access key>");
var client = storageAccount.CreateCloudBlobClient();

var container = client.GetContainerReference("dev");
container.CreateIfNotExistsAsync().GetAwaiter().GetResult();

services.AddDataProtection()
       .SetApplicationName("common-name")
       .PersistKeysToAzureBlobStorage(container, "keys.xml")
       .DisableAutomaticKeyGeneration();