The CryptoKeyManager class provides a simple way to load, generate and manage generic crypto keys.
CryptoKeyManager allows you to load, save, generate, import, and export low-level crypto keys. One example of such keys are raw RSA keys stored in PKCS1 format or AES256 keys. CryptoKeyManager supports asymmetric, symmetric, and HMAC keys.
CryptoKeyManager is a typical companion for low-level cryptography classes, such as PublicKeyCrypto, SymmetricCrypto, and HashFunction. It can also be used to provide external key material to certificate objects, and to derive cryptographic keys from passwords.
Use ImportBytes or ImportFromFile method to load the key material from a buffer or file. Use ImportFromCert (and remember to assign the certificate object to the Certificate property before calling it) to import a key from an X.509 certificate. Once loaded, the key will be available in the Key property.
To generate a new key or keypair use Generate method. You can export the generated key using ExportBytes or ExportToFile method. You can attach the generated or loaded key to an external certificate object using the ExportToCert method.
Note: CryptoKeyManager can only work with one cryptographic key at a time. Use CryptoKeyStorage to access media containing more than one key.
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
|Certificate||A container for the certificate object.|
|Key||The key object that the manager is currently working with.|
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
|Config||Sets or retrieves a configuration setting.|
|DeriveKey||Generates a strong cryptographic key from a password.|
|ExportBytes||Exports the key to a byte array.|
|ExportToCert||Exports the key to a certificate.|
|ExportToFile||Exports the key to a file.|
|ExportToStream||Exports the key to a stream.|
|Generate||Generates a new crypto key.|
|GetKeyParam||Returns an algorithm-specific key parameter.|
|GetKeyParamStr||Returns an algorithm-specific key parameter to a string.|
|ImportBytes||Loads a key from a byte array.|
|ImportFromCert||Loads a key from a certificate.|
|ImportFromFile||Loads a key from a file.|
|ImportFromStream||Loads a key from a stream.|
|SetKeyParam||Sets an algorithm-specific key parameter.|
|SetKeyParamStr||Sets an algorithm-specific key parameter.|
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
|Error||Informs about an error during an operation.|
|Notification||This event notifies the application about an underlying control flow event.|
|PasswordNeeded||This event is fired when a decryption password is needed.|
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
|Argon2MemoryCost||Sets the memory cost parameter of Argon2 key derivation algorithm.|
|Argon2Parallelism||Sets the parallelism parameter of Argon2 key derivation algorithm.|
|Curve||The name of the curve of the newly added elliptic cryptography (EC) key.|
|DerivationAlgorithm||The algorithm to use for key derivation.|
|DeriveIterations||The number of iterations to use as part of key derivation routine.|
|HMACAlgorithm||Specifies the HMAC algorithm to use with the key derivation algorithm.|
|TempPath||Path for storing temporary files.|
|TempPath||Path for storing temporary files.|
|CheckKeyIntegrityBeforeUse||Enables or disable private key integrity check before use.|
|CookieCaching||Specifies whether a cookie cache should be used for HTTP(S) transports.|
|Cookies||Gets or sets local cookies for the class (supported for HTTPClient, RESTClient and SOAPClient only).|
|DefDeriveKeyIterations||Specifies the default key derivation algorithm iteration count.|
|EnableClientSideSSLFFDHE||Enables or disables finite field DHE key exchange support in TLS clients.|
|GlobalCookies||Gets or sets global cookies for all the HTTP transports.|
|HttpUserAgent||Specifies the user agent name to be used by all HTTP clients.|
|LogDestination||Specifies the debug log destination.|
|LogDetails||Specifies the debug log details to dump.|
|LogFile||Specifies the debug log filename.|
|LogFilters||Specifies the debug log filters.|
|LogFlushMode||Specifies the log flush mode.|
|LogLevel||Specifies the debug log level.|
|LogMaxEventCount||Specifies the maximum number of events to cache before further action is taken.|
|LogRotationMode||Specifies the log rotation mode.|
|MaxASN1BufferLength||Specifies the maximal allowed length for ASN.1 primitive tag data.|
|MaxASN1TreeDepth||Specifies the maximal depth for processed ASN.1 trees.|
|OCSPHashAlgorithm||Specifies the hash algorithm to be used to identify certificates in OCSP requests.|
|UseOwnDNSResolver||Specifies whether the client classes should use own DNS resolver.|
|UseSharedSystemStorages||Specifies whether the validation engine should use a global per-process copy of the system certificate stores.|
|UseSystemOAEPAndPSS||Enforces or disables the use of system-driven RSA OAEP and PSS computations.|
|UseSystemRandom||Enables or disables the use of the OS PRNG.|