0

我尝试将 Pkcs11Interop 库用于我们的机构项目。但问题是,当我尝试从令牌卡中获取价值时,“尝试读取或写入受保护的内存。这通常表明其他内存已损坏”错误来自 Pkcs11Interop。我找不到任何解决方案。请帮助我,提前谢谢你。

项目是用 .Net Framework 4.5 编写的 Windows 窗体应用程序

错误: system.accessviolationexception {"Attempted to read or write protected memory. This is often an indication that other memory is corrupt."}

错误堆栈跟踪: 

 at Net.Pkcs11Interop.HighLevelAPI40.Session.GetAttributeValue(ObjectHandle objectHandle, List`1 attributes)
   at Net.Pkcs11Interop.HighLevelAPI40.Session.GetAttributeValue(ObjectHandle objectHandle, List`1 attributes)
   at EFinImza.Program.Main() in c:\HttpRoot\EFinImza\EFinImza\Program.cs:line 56
   at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
   at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()

代码是这样的:

static void Main()
    {
        try
        {
            string pkcs11Library = @"C:\Windows\System32\akisp11.dll";
            using (var pkcs11 = new Net.Pkcs11Interop.HighLevelAPI40.Pkcs11(pkcs11Library, false, false))
            {
                LibraryInfo info = pkcs11.GetInfo();
                foreach (Slot slot in pkcs11.GetSlotList(false))
                {
                    SlotInfo slotInfo = slot.GetSlotInfo();
                    if (slotInfo.SlotFlags.TokenPresent)
                    {
                        TokenInfo tokenInfo = slot.GetTokenInfo();

                        Session session = slot.OpenSession(false);
                        String pin = "*****";
                        session.Login(CKU.CKU_USER, pin);

                        // get all objects using empty ObjectAttributes list
                        List<ObjectHandle> handles = session.FindAllObjects(new List<ObjectAttribute>());
                        List<CKA> attrs = new List<CKA>();
                        attrs.Add(CKA.CKA_LABEL);

                        foreach (ObjectHandle handle in handles)
                        {
                            List<ObjectAttribute> oAttrs = session.GetAttributeValue(handle, attrs);   **//Error is getting here**
                        }

                        session.CloseSession();
                    }
                }

                pkcs11.Dispose();
            }

            Application.EnableVisualStyles();
            Application.SetCompatibleTextRenderingDefault(false);
        }
        catch (Exception ex)
        {
            throw ex;
        }

    }
4

1 回答 1

0

按照官方文档中的建议,在开始使用 Pkcs11Interop 之前,您至少应该熟悉PKCS#11 v2.20 规范“Chapter 2 - Scope”“Chapter 6 - General overview”“Chapter 10 - Objects”

您的代码首先查找所有对象,无论其类型如何(密钥、证书等),然后尝试读取CKA_VALUE每个单独对象的属性。CKA_VALUE不是所有对象类型的有效属性,我想这可能会导致您的问题。当然,表现良好的非托管 PKCS#11 库会返回CKR_ATTRIBUTE_TYPE_INVALID错误而不是段错误,但是那里有许多质量差的 PKCS#11 库不能很好地处理这种极端情况。

我建议您首先阅读规范中提到的章节,然后将传递给FindAllObjects()方法的搜索模板更改为仅搜索您真正感兴趣的特定对象类型。

于 2016-09-11T09:06:04.960 回答