异常中的.NET Core DataProtection空键元素

时间:2019-06-13 14:06:43

标签: c# asp.net-core .net-core asp.net-core-2.2 .net-core-2.2

我意识到我的DataProtection设置有问题。

实例(重新启动)有时(奇怪地并非总是如此)启动时,会显示以下异常:

Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[24]
        An exception occurred while processing the key element ''.
  System.Security.Cryptography.CryptographicException: Unable to retrieve the decryption key.
     at System.Security.Cryptography.Xml.EncryptedXml.GetDecryptionKey(EncryptedData encryptedData, String symmetricAlgorithmUri)
     at System.Security.Cryptography.Xml.EncryptedXml.DecryptDocument()
     at Microsoft.AspNetCore.DataProtection.XmlEncryption.EncryptedXmlDecryptor.Decrypt(XElement encryptedElement)
     at Microsoft.AspNetCore.DataProtection.XmlEncryption.XmlEncryptionExtensions.DecryptElement(XElement element, IActivator activator)
     at Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.IInternalXmlKeyManager.DeserializeDescriptorFromKeyElement(XElement keyElement)
  Microsoft.AspNetCore.DataProtection.KeyManagement.DefaultKeyResolver[12]
        Key {af566b69-5bd7-42ee-b630-a4eaa02526db} is ineligible to be the default key because its CreateEncryptor method failed.
  System.Security.Cryptography.CryptographicException: Unable to retrieve the decryption key.
     at System.Security.Cryptography.Xml.EncryptedXml.GetDecryptionKey(EncryptedData encryptedData, String symmetricAlgorithmUri)
     at System.Security.Cryptography.Xml.EncryptedXml.DecryptDocument()
     at Microsoft.AspNetCore.DataProtection.XmlEncryption.EncryptedXmlDecryptor.Decrypt(XElement encryptedElement)
     at Microsoft.AspNetCore.DataProtection.XmlEncryption.XmlEncryptionExtensions.DecryptElement(XElement element, IActivator activator)
     at Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager.Microsoft.AspNetCore.DataProtection.KeyManagement.Internal.IInternalXmlKeyManager.DeserializeDescriptorFromKeyElement(XElement keyElement)
     at Microsoft.AspNetCore.DataProtection.KeyManagement.DeferredKey.c__DisplayClass1_0.b__0()
     at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
     at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
     at System.Lazy`1.CreateValue()
     at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyBase.get_Descriptor()
     at Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.CngGcmAuthenticatedEncryptorFactory.CreateEncryptorInstance(IKey key)
     at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyBase.CreateEncryptor()
     at Microsoft.AspNetCore.DataProtection.KeyManagement.DefaultKeyResolver.CanCreateAuthenticatedEncryptor(IKey key)

检查数据保护存储会发现越来越多的密钥列表,我认为这不是预期的行为。

研究表明,许多日志都存在类似问题。就我而言,我想知道为什么第二个日志行显示空键元素“”。其他报告中的日志始终显示关键元素。

数据保护设置看起来像

services.AddDataProtection()
    .ProtectKeysWithCertificate(cert)
    .PersistKeysToStackExchangeRedis(conmx, "dpk-application-1")
    .SetApplicationName("application-1");

0 个答案:

没有答案