无法读取对ProgramData的最新更改
无法读取对ProgramData的最新更改
提问于 2017-08-04 13:49:51
我有一个使用Process.Start()执行可执行文件的程序。我调用的可执行文件是一个第三方程序,它更新ProgramData中的文件夹。一旦ProgramData中的文件夹得到更新,我的程序中的下一组行将尝试读取最新的更改。
我注意到,即使在执行可执行文件之后,也无法读取最新的更改,但是,当我从一开始再次运行程序时,我可以看到正在正确读取的更改。我假设这与AppDomain无法在执行过程中看到更改有关。
不管怎么说,我能让东西在这里工作吗?
在下面的方法HSMTransactionHandler内部代码中,如果出现带有消息HSM_ENCRYPTION_KEY_NOT_FOUND的异常,则通过调用方法UpdateFromRFS执行exe,然后递归调用HSMTransactionHandler。exe的执行将获得所需的资源,但代码不会读取它。如果我在当前程序执行期间运行另一个程序,则第二个程序读取资源时没有任何问题。这让我想到,如果进程或应用程序域能够看到ProgramData文件夹启动后发生的更改?
这样每个人都知道我正在使用PKCS11Interop库,这是一个围绕本机dll构建的托管.net包装器。我也不确定使用本机dll是否会造成这种情况。
任何帮助都将不胜感激。
以下是代码:
public sealed class KeyStoreOperations
{
private KeyStoreContext m_keyStoreContext;
private static Pkcs11 m_Pkcs11;
private static readonly object _syncLockPkcs11 = new object();
private static readonly object _syncLockHSMLogin = new object();
public KeyStoreOperations(KeyStoreContext keyStoreContext)
{
m_keyStoreContext = keyStoreContext;
InitializePkcs11Object();
}
public string Encrypt(string keyName, string message)
{
ValidateInputs(message, "Message");
var encryptedMessage = string.Empty;
HSMTransactionHandler((Session session) =>
{
Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS);
var publicKey = GetPublicKey(keyName, session);
if (publicKey == null)
throw new HSMException(ErrorConstant.HSM_ENCRYPTION_KEY_NOT_FOUND);
var originalKeyBytes = EncryptionHelper.Decode(message);
var encryptedKeyBytes = session.Encrypt(mechanism, publicKey, originalKeyBytes);
encryptedMessage = EncryptionHelper.Encode(encryptedKeyBytes);
});
return encryptedMessage;
}
public string Decrypt(string keyName, string cipher)
{
ValidateInputs(cipher, "Cipher");
var decryptedMessage = string.Empty;
HSMTransactionHandler((Session session) =>
{
Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS);
var privateKey = GetPrivateKey(keyName, session);
if (privateKey == null)
throw new HSMException(ErrorConstant.HSM_ENCRYPTION_KEY_NOT_FOUND);
var encryptedSymmetricKeyBytes = EncryptionHelper.Decode(cipher);
var decryptedSymmetricKeyBytes = session.Decrypt(mechanism, privateKey, encryptedSymmetricKeyBytes);
decryptedMessage = EncryptionHelper.Encode(decryptedSymmetricKeyBytes);
});
return decryptedMessage;
}
#region Private methods
#region Validations
private void ValidateInputs(string input, string name)
{
if (string.IsNullOrEmpty(input))
throw new ArgumentNullException(name);
}
#endregion Validations
private void HSMTransactionHandler(Action<Session> action, bool commit = false, int retrialAttempt = 5)
{
Slot hsmSlot = null;
Session hsmSession = null;
bool logggedIn = false;
try
{
hsmSlot = GetSlot(m_NCipherKeyStoreContext.ModuleToken);
hsmSession = hsmSlot.OpenSession(false);
lock (_syncLockHSMLogin)
{
hsmSession.Login(CKU.CKU_USER, m_NCipherKeyStoreContext.SecurityPin);
logggedIn = true;
action(hsmSession);
hsmSession.Logout();
logggedIn = false;
}
if (commit)
CommitToRFS();
}
catch (Pkcs11Exception ex)
{
HandleHSMErrors(ex);
}
catch (HSMException ex)
{
if (ex.Message == EncryptionKeyStoreErrorConstant.HSM_ENCRYPTION_KEY_NOT_FOUND && retrialAttempt > 0)
{
if (logggedIn)
{
hsmSession.Logout();
logggedIn = false;
}
if (!(hsmSession == null))
hsmSession.CloseSession();
UpdateFromRFS();
Thread.Sleep(1000);
HSMTransactionHandler(action, retrialAttempt: retrialAttempt - 1);
}
else
throw ex;
}
finally
{
if (logggedIn)
hsmSession.Logout();
if (!(hsmSession == null))
hsmSession.CloseSession();
}
}
private void UpdateFromRFS()
{
using (var rfsSyncProcess = GetRfsSyncProcess("--update"))
{
ExecuteRFSSyncProcess(rfsSyncProcess);
}
}
private Process GetRfsSyncProcess(string args)
{
Process rfsSyncProcess = new Process();
rfsSyncProcess.StartInfo.FileName = "C:\\Program Files (x86)\\nCipher\\nfast\\bin\\rfs-sync.exe";
rfsSyncProcess.StartInfo.Arguments = args;
return rfsSyncProcess;
}
private void ExecuteRFSSyncProcess(Process rfsSyncProcess)
{
rfsSyncProcess.Start();
rfsSyncProcess.WaitForExit();
}
private ObjectHandle GetPrivateKey(string keyName, Session session)
{
ObjectHandle privateKey = null;
List<ObjectHandle> foundObjects = null;
List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>();
objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, true));
foundObjects = session.FindAllObjects(objectAttributes);
if (foundObjects != null && foundObjects.Count > 0)
{
privateKey = foundObjects[0];
}
return privateKey;
}
private ObjectHandle GetPublicKey(string keyName, Session session)
{
ObjectHandle publicKey = null;
List<ObjectHandle> foundObjects = null;
List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>();
objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, false));
foundObjects = session.FindAllObjects(objectAttributes);
if (foundObjects != null && foundObjects.Count > 0)
{
publicKey = foundObjects[0];
}
return publicKey;
}
private List<ObjectAttribute> CreatePublicKeyTemplate(string keyName, byte[] ckaId)
{
List<ObjectAttribute> publicKeyAttributes = new List<ObjectAttribute>();
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, false));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ENCRYPT, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY_RECOVER, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_WRAP, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_MODULUS_BITS, Convert.ToUInt64(m_keyStoreContext.KeySize)));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PUBLIC_EXPONENT, new byte[] { 0x01, 0x00, 0x01 }));
return publicKeyAttributes;
}
private List<ObjectAttribute> CreatePrivateKeyTemplate(string keyName, byte[] ckaId)
{
List<ObjectAttribute> privateKeyAttributes = new List<ObjectAttribute>();
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SENSITIVE, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN_RECOVER, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_UNWRAP, true));
return privateKeyAttributes;
}
private Slot GetSlot(string tokenLabel)
{
Slot matchingSlot = null;
List<Slot> slots = m_Pkcs11.GetSlotList(true);
matchingSlot = slots[0];
if (tokenLabel != null)
{
matchingSlot = null;
foreach (Slot slot in slots)
{
TokenInfo tokenInfo = null;
try
{
tokenInfo = slot.GetTokenInfo();
}
catch (Pkcs11Exception ex)
{
if (ex.RV != CKR.CKR_TOKEN_NOT_RECOGNIZED && ex.RV != CKR.CKR_TOKEN_NOT_PRESENT)
throw;
}
if (tokenInfo == null)
continue;
if (!string.IsNullOrEmpty(m_keyStoreContext.ModuleToken))
if (0 != string.Compare(m_keyStoreContext.ModuleToken, tokenInfo.Label, StringComparison.Ordinal))
continue;
matchingSlot = slot;
break;
}
if (matchingSlot == null)
throw new HSMException(string.Format(ErrorConstant.HSM_CONFIGURATION_ERROR_INCORRECT_SLOT, tokenLabel));
}
return matchingSlot;
}
private void InitializePkcs11Object()
{
if (m_Pkcs11 == null)
{
lock (_syncLockPkcs11)
{
m_Pkcs11 = new Pkcs11(m_keyStoreContext.PKCS11LibraryPath, true);
}
}
}
private void HandleHSMErrors(Pkcs11Exception ex)
{
if (ex.RV == CKR.CKR_PIN_INCORRECT)
{
throw new HSMException(ErrorConstant.HSM_CONFIGURATION_ERROR_PIN_INCORRECT, ex);
}
else
{
throw new HSMException(ErrorConstant.HSM_CONFIGURATION_ERROR_GENERIC, ex);
}
}
#endregion
}编辑1:下面是对我有用的修改代码,请注意,这里最重要的是在cknfastrc文件中将变量cknfastrc设置为0。
public sealed class KeyStoreOperations
{
private KeyStoreContext m_keyStoreContext;
private static Pkcs11 m_Pkcs11;
private static readonly object _syncLockPkcs11 = new object();
private static readonly object _syncLockHSMLogin = new object();
public KeyStoreOperations(KeyStoreContext keyStoreContext)
{
m_keyStoreContext = keyStoreContext;
InitializePkcs11Object();
}
public string Encrypt(string keyName, string message)
{
ValidateInputs(message, "Message");
var encryptedMessage = string.Empty;
HSMTransactionHandler((Session session) =>
{
Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS);
var publicKey = GetPublicKey(keyName, session);
if (publicKey == null)
throw new HSMException(ErrorConstant.HSM_ENCRYPTION_KEY_NOT_FOUND);
var originalKeyBytes = EncryptionHelper.Decode(message);
var encryptedKeyBytes = session.Encrypt(mechanism, publicKey, originalKeyBytes);
encryptedMessage = EncryptionHelper.Encode(encryptedKeyBytes);
});
return encryptedMessage;
}
public string Decrypt(string keyName, string cipher)
{
ValidateInputs(cipher, "Cipher");
var decryptedMessage = string.Empty;
HSMTransactionHandler((Session session) =>
{
Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS);
var privateKey = GetPrivateKey(keyName, session);
if (privateKey == null)
throw new HSMException(ErrorConstant.HSM_ENCRYPTION_KEY_NOT_FOUND);
var encryptedSymmetricKeyBytes = EncryptionHelper.Decode(cipher);
var decryptedSymmetricKeyBytes = session.Decrypt(mechanism, privateKey, encryptedSymmetricKeyBytes);
decryptedMessage = EncryptionHelper.Encode(decryptedSymmetricKeyBytes);
});
return decryptedMessage;
}
#region Private methods
#region Validations
private void ValidateInputs(string input, string name)
{
if (string.IsNullOrEmpty(input))
throw new ArgumentNullException(name);
}
#endregion Validations
private void HSMTransactionHandler(Action<Session> action, bool commit = false, int retrialAttempt = 5)
{
Slot hsmSlot = null;
Session hsmSession = null;
bool logggedIn = false;
try
{
hsmSlot = GetSlot(m_NCipherKeyStoreContext.ModuleToken);
hsmSession = hsmSlot.OpenSession(false);
lock (_syncLockHSMLogin)
{
hsmSession.Login(CKU.CKU_USER, m_NCipherKeyStoreContext.SecurityPin);
logggedIn = true;
action(hsmSession);
hsmSession.Logout();
logggedIn = false;
}
if (commit)
CommitToRFS();
}
catch (Pkcs11Exception ex)
{
HandleHSMErrors(ex);
}
catch (HSMException ex)
{
if (ex.Message == EncryptionKeyStoreErrorConstant.HSM_ENCRYPTION_KEY_NOT_FOUND && retrialAttempt > 0)
{
if (logggedIn)
{
hsmSession.Logout();
logggedIn = false;
}
if (!(hsmSession == null))
{
hsmSession.CloseSession();
hsmSession = null;
}
UpdateFromRFS();
Thread.Sleep(1000);
if (!m_Pkcs11.Disposed)
{
m_Pkcs11.Dispose();
m_Pkcs11 = null;
}
HSMTransactionHandler(action, retrialAttempt: retrialAttempt - 1);
}
else
throw ex;
}
finally
{
if (logggedIn)
hsmSession.Logout();
if (!(hsmSession == null))
hsmSession.CloseSession();
}
}
private void UpdateFromRFS()
{
using (var rfsSyncProcess = GetRfsSyncProcess("--update"))
{
ExecuteRFSSyncProcess(rfsSyncProcess);
}
}
private Process GetRfsSyncProcess(string args)
{
Process rfsSyncProcess = new Process();
rfsSyncProcess.StartInfo.FileName = "C:\\Program Files (x86)\\nCipher\\nfast\\bin\\rfs-sync.exe";
rfsSyncProcess.StartInfo.Arguments = args;
return rfsSyncProcess;
}
private void ExecuteRFSSyncProcess(Process rfsSyncProcess)
{
rfsSyncProcess.Start();
rfsSyncProcess.WaitForExit();
}
private ObjectHandle GetPrivateKey(string keyName, Session session)
{
ObjectHandle privateKey = null;
List<ObjectHandle> foundObjects = null;
List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>();
objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, true));
foundObjects = session.FindAllObjects(objectAttributes);
if (foundObjects != null && foundObjects.Count > 0)
{
privateKey = foundObjects[0];
}
return privateKey;
}
private ObjectHandle GetPublicKey(string keyName, Session session)
{
ObjectHandle publicKey = null;
List<ObjectHandle> foundObjects = null;
List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>();
objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, false));
foundObjects = session.FindAllObjects(objectAttributes);
if (foundObjects != null && foundObjects.Count > 0)
{
publicKey = foundObjects[0];
}
return publicKey;
}
private List<ObjectAttribute> CreatePublicKeyTemplate(string keyName, byte[] ckaId)
{
List<ObjectAttribute> publicKeyAttributes = new List<ObjectAttribute>();
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, false));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ENCRYPT, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY_RECOVER, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_WRAP, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_MODULUS_BITS, Convert.ToUInt64(m_keyStoreContext.KeySize)));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PUBLIC_EXPONENT, new byte[] { 0x01, 0x00, 0x01 }));
return publicKeyAttributes;
}
private List<ObjectAttribute> CreatePrivateKeyTemplate(string keyName, byte[] ckaId)
{
List<ObjectAttribute> privateKeyAttributes = new List<ObjectAttribute>();
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, keyName));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SENSITIVE, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN_RECOVER, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_UNWRAP, true));
return privateKeyAttributes;
}
private Slot GetSlot(string tokenLabel)
{
Slot matchingSlot = null;
List<Slot> slots = m_Pkcs11.GetSlotList(true);
matchingSlot = slots[0];
if (tokenLabel != null)
{
matchingSlot = null;
foreach (Slot slot in slots)
{
TokenInfo tokenInfo = null;
try
{
tokenInfo = slot.GetTokenInfo();
}
catch (Pkcs11Exception ex)
{
if (ex.RV != CKR.CKR_TOKEN_NOT_RECOGNIZED && ex.RV != CKR.CKR_TOKEN_NOT_PRESENT)
throw;
}
if (tokenInfo == null)
continue;
if (!string.IsNullOrEmpty(m_keyStoreContext.ModuleToken))
if (0 != string.Compare(m_keyStoreContext.ModuleToken, tokenInfo.Label, StringComparison.Ordinal))
continue;
matchingSlot = slot;
break;
}
if (matchingSlot == null)
throw new HSMException(string.Format(ErrorConstant.HSM_CONFIGURATION_ERROR_INCORRECT_SLOT, tokenLabel));
}
return matchingSlot;
}
private void InitializePkcs11Object()
{
if (m_Pkcs11 == null)
{
lock (_syncLockPkcs11)
{
m_Pkcs11 = new Pkcs11(m_keyStoreContext.PKCS11LibraryPath, true);
}
}
}
private void HandleHSMErrors(Pkcs11Exception ex)
{
if (ex.RV == CKR.CKR_PIN_INCORRECT)
{
throw new HSMException(ErrorConstant.HSM_CONFIGURATION_ERROR_PIN_INCORRECT, ex);
}
else
{
throw new HSMException(ErrorConstant.HSM_CONFIGURATION_ERROR_GENERIC, ex);
}
}
#endregion
}编辑2:我检查并发现它在没有将CKNFAST_ASSUME_SINGLE_PROCESS设置为0的情况下工作,所以可能所需要的就是释放pkcs11对象并重新初始化它。
回答 2
Stack Overflow用户
回答已采纳
发布于 2017-08-04 17:52:19
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/45508580
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号