澳门赌场

法式开辟 > C# > 注释

RSA加密给 Application Data 和 MachineKeys 文件夹分派权限且装置了补丁仍谢绝拜候的处理方式

亮术网 2020-04-07 本网首创

RSA加密呈现谢绝拜候 CreateProvHandle 的毛病,凡是给用户 IIS_WPG 分派对 Application Data(C:\Documents and Settings\All Users\Application Data)和 MachineKeys(C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys)文件夹读写的权限,题目就能够处理,详细请看《澳门赌场:处理rsa谢绝拜候 CreateProvHandle》一文。但偶然如许做了依然杯水车薪,即便装置了补丁 KB938397 也还不能处理题目。

停止以上操纵后又提醒 CryptographicException: 谢绝拜候,详细毛病信息以下:

CryptographicException: 谢绝拜候

Source: mscorlib

Stack:
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) 
at System.Security.Cryptography.Utils._GenerateKey(SafeProvHandle hProv, Int32 algid, CspProviderFlags flags, Int32 keySize, SafeKeyHandle& hKey)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters)
at LTS.Security.RSACrypto.GetKey(String containerName) 
at lt.mk.Login.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

TargetSite: Void ThrowCryptographicException(Int32)

 

 

把利用法式池的“预约义帐户”改成“本地体系”又提醒:

Error:句柄有效。

Source: mscorlib

Stack:
at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters)
at LTS.Security.RSACrypto.GetKey(String containerName)
at lt.mk.Login.Page_Load(Object sender, EventArgs e) at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

TargetSite: System.Security.Cryptography.SafeProvHandle CreateProvHandle(System.Security.Cryptography.CspParameters, Boolean)

这个题目比拟出格,四个网站三个都能够,就最早安排的这个背景办理登录不行,它的前台登录却能够,该分派的权限全分派且装置了一切补丁,依然不行;但能够肯定是无权限拜候密钥的题目,只是不晓得是哪一个。厥后发明有个密钥文件只要 1 KB 且是履行背景办理登录时天生的,给它分派“写”权限,题目处理。

 

 

处理方式:

翻开 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys,按照天生密钥的时候鉴定是哪一个文件(如 1ec97b70dfe69t3346f89a52d938180_d205c760-w627-6817-y9232f9482h8j1ef),这个文件凡是只要 1 KB,而后给它的用户 IIS_WPG(iis 6)、IIS_IUSRS(iis 7 以上)分派“写”的权限。

这个文件默许环境下,Administrator 也不权限检查和点窜,须要变动它的一切者,方式为:右键它 → 属性 → “宁静”选项卡 → 高等 → 一切者 → 挑选 Administrator → 肯定,详细方式可参考《澳门赌场:Windows2008点窜文件夹一切者》一文。

本文稀释标签:RSA权限