我试图弄清楚为什么我似乎无法使用X509证书从.NET解密加密的密钥。

    encryptedKey = "jW3VDsUZWIdzfZ1bPN3iKI2Pf9u22kUax0DFnF3A9H+nvcBQuVC2efw1FYGm5/AvnN27kXqA4PyCqcQLp/tguVqHtzdR7mJtkTCyY8TUoAej2Mqzv2uiEKULB/8rlPDl2DOkSMGJqieenAG/7gZjWhlU0eYrlcMi5dtAnPFTfy+LvtJ6bbGEDgy4FhoT49T6sO0kjBJHp5YI0p/CeEuc+WMT/BMGG1YuDPswltj0VzeaE3KbHSLvJPjGCQ3U0YkUWm8h9zM22S/mRvfMhEu1aRdQpojGUiSLKUJyotNu8fRulKeB1TVuE7AlDGrbAUsRtU+y6PdLMcEHW+BRq5Uouw==";

    var encryptedKeyByte = Convert.FromBase64String(encryptedKey);

    var clientCert = new X509Certificate2(@"C:\certificates\xxxxx.pfx", "xxxx");

    var rsa = (RSACryptoServiceProvider)clientCert.PrivateKey;

    byte[] key = rsa.Decrypt(encryptedKeyByte, false);

当我尝试运行代码的最后一行时遇到的错误 rsa.Decrypt(encryptedKeyByte, false)

参数错误。

在SOAP UI中，解密在我使用相同证书的地方起作用。我只需要将文件pfx转换为jks文件，即可使其在SOAP UI中工作。但是除此之外，这些设置对我来说看起来是相同的。这是SOAP UI设置的屏幕截图。我猜想SOAP UI出现的签名密钥库未用于解密过程。SOAP UI中的“解密密钥库”设置是我在.NET中使用的设置。仅在.NET中有一个pfx文件。

这是MMC的证书详细信息

Stacktrace错误：

服务器堆栈跟踪：

   at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)

   at System.Security.Cryptography.RSACryptoServiceProvider.DecryptKey(SafeKeyHandle pKeyContext, Byte[] pbEncryptedKey, Int32 cbEncryptedKey, Boolean fOAEP, ObjectHandleOnStack ohRetDecryptedKey)

   at System.Security.Cryptography.RSACryptoServiceProvider.Decrypt(Byte[] rgb, Boolean fOAEP)

   at Microsoft.Austria.WcfHelpers.SoapWithAttachments.SwaEncoder.ReadMessage(Stream stream, Int32 maxSizeOfHeaders, String contentType) in C:\Crap\Stuff\CARES\Microsoft.Austria.WcfHelpers.SoapWithAttachments\SwaEncoder.cs:line 503

   at Microsoft.Austria.WcfHelpers.SoapWithAttachments.SwaEncoder.ReadMessage(Stream stream, Int32 maxSizeOfHeaders, String contentType) in C:\Crap\Stuff\CARES\Microsoft.Austria.WcfHelpers.SoapWithAttachments\SwaEncoder.cs:line 458

Exception rethrown at [0]: