asp.net-core - 在 token 生成方法中使用 EncryptingCredentials 时出现 JWT 加密错误

Question

我在我的 ASP.net core 3.1 web api 中实现了 JWT token 。在 token 生成方法中，当我尝试使用 EncryptingCredentials 时出现以下错误:

IDX10662: The KeyWrap algorithm 'System.String' requires a key size of 'System.Int32' bits. Key '', is of size:'System.Int32'. (Parameter 'Length')

这是我的 token 生成方法:

public async Task<string> GenerateAsync(User user)
    {
        var secretKey = Encoding.UTF8.GetBytes(_siteSetting.JwtSettings.SecretKey); //"SampleSecretKeyChange" 
        var signingCredentials = new SigningCredentials(new SymmetricSecurityKey(secretKey), SecurityAlgorithms.HmacSha256Signature);

        var encryptionkey = Encoding.UTF8.GetBytes(_siteSetting.JwtSettings.Encryptkey);  //"AbcdefgHijklmnopk123456"
        var encryptingCredentials = new EncryptingCredentials(new SymmetricSecurityKey(encryptionkey), SecurityAlgorithms.Aes128KW, SecurityAlgorithms.Aes128CbcHmacSha256);

        var descriptor = new SecurityTokenDescriptor
        {
            Issuer = _siteSetting.JwtSettings.Issuer,
            Audience = _siteSetting.JwtSettings.Audience,
            IssuedAt = DateTime.Now,
            NotBefore = DateTime.Now.AddMinutes(_siteSetting.JwtSettings.NotBeforeMinutes),
            Expires = DateTime.Now.AddMinutes(_siteSetting.JwtSettings.ExpirationMinutes),
            SigningCredentials = signingCredentials,
            EncryptingCredentials = encryptingCredentials,
            Subject = new ClaimsIdentity(_getClaims(user))
        };

        var tokenHandler = new JwtSecurityTokenHandler();
        var securityToken = tokenHandler.CreateToken(descriptor);
        var jwt = tokenHandler.WriteToken(securityToken);           
        return await Task.FromResult(jwt);
    }

Answer 1

经过我所做的所有研究，我发现了问题所在。当您想在我描述的条件下使用 EncryptingCredentials 时，Encryptkey key 长度必须等于 16 个字符。