DataProtectionBuilderExtensions DataProtectionBuilderExtensions DataProtectionBuilderExtensions Class

Definition

Extensions for configuring data protection using an IDataProtectionBuilder.

public static class DataProtectionBuilderExtensions
type DataProtectionBuilderExtensions = class
Public Module DataProtectionBuilderExtensions
Inheritance
DataProtectionBuilderExtensionsDataProtectionBuilderExtensionsDataProtectionBuilderExtensions

Methods

AddKeyEscrowSink(IDataProtectionBuilder, IKeyEscrowSink) AddKeyEscrowSink(IDataProtectionBuilder, IKeyEscrowSink) AddKeyEscrowSink(IDataProtectionBuilder, IKeyEscrowSink)

Registers a IKeyEscrowSink to perform escrow before keys are persisted to storage.

AddKeyEscrowSink(IDataProtectionBuilder, Func<IServiceProvider,IKeyEscrowSink>) AddKeyEscrowSink(IDataProtectionBuilder, Func<IServiceProvider,IKeyEscrowSink>) AddKeyEscrowSink(IDataProtectionBuilder, Func<IServiceProvider,IKeyEscrowSink>)

Registers a IKeyEscrowSink to perform escrow before keys are persisted to storage.

AddKeyEscrowSink<TImplementation>(IDataProtectionBuilder) AddKeyEscrowSink<TImplementation>(IDataProtectionBuilder) AddKeyEscrowSink<TImplementation>(IDataProtectionBuilder)

Registers a IKeyEscrowSink to perform escrow before keys are persisted to storage.

AddKeyManagementOptions(IDataProtectionBuilder, Action<KeyManagementOptions>) AddKeyManagementOptions(IDataProtectionBuilder, Action<KeyManagementOptions>) AddKeyManagementOptions(IDataProtectionBuilder, Action<KeyManagementOptions>)

Configures the key management options for the data protection system.

DisableAutomaticKeyGeneration(IDataProtectionBuilder) DisableAutomaticKeyGeneration(IDataProtectionBuilder) DisableAutomaticKeyGeneration(IDataProtectionBuilder)

Configures the data protection system not to generate new keys automatically.

PersistKeysToFileSystem(IDataProtectionBuilder, DirectoryInfo) PersistKeysToFileSystem(IDataProtectionBuilder, DirectoryInfo) PersistKeysToFileSystem(IDataProtectionBuilder, DirectoryInfo)

Configures the data protection system to persist keys to the specified directory. This path may be on the local machine or may point to a UNC share.

PersistKeysToRegistry(IDataProtectionBuilder, RegistryKey) PersistKeysToRegistry(IDataProtectionBuilder, RegistryKey) PersistKeysToRegistry(IDataProtectionBuilder, RegistryKey)

Configures the data protection system to persist keys to the Windows registry.

ProtectKeysWithCertificate(IDataProtectionBuilder, X509Certificate2) ProtectKeysWithCertificate(IDataProtectionBuilder, X509Certificate2) ProtectKeysWithCertificate(IDataProtectionBuilder, X509Certificate2)

Configures keys to be encrypted to a given certificate before being persisted to storage.

ProtectKeysWithCertificate(IDataProtectionBuilder, String) ProtectKeysWithCertificate(IDataProtectionBuilder, String) ProtectKeysWithCertificate(IDataProtectionBuilder, String)

Configures keys to be encrypted to a given certificate before being persisted to storage.

ProtectKeysWithDpapi(IDataProtectionBuilder) ProtectKeysWithDpapi(IDataProtectionBuilder) ProtectKeysWithDpapi(IDataProtectionBuilder)

Configures keys to be encrypted with Windows DPAPI before being persisted to storage. The encrypted key will only be decryptable by the current Windows user account.

ProtectKeysWithDpapi(IDataProtectionBuilder, Boolean) ProtectKeysWithDpapi(IDataProtectionBuilder, Boolean) ProtectKeysWithDpapi(IDataProtectionBuilder, Boolean)

Configures keys to be encrypted with Windows DPAPI before being persisted to storage.

ProtectKeysWithDpapiNG(IDataProtectionBuilder, String, DpapiNGProtectionDescriptorFlags) ProtectKeysWithDpapiNG(IDataProtectionBuilder, String, DpapiNGProtectionDescriptorFlags) ProtectKeysWithDpapiNG(IDataProtectionBuilder, String, DpapiNGProtectionDescriptorFlags)

Configures keys to be encrypted with Windows CNG DPAPI before being persisted to storage.

ProtectKeysWithDpapiNG(IDataProtectionBuilder) ProtectKeysWithDpapiNG(IDataProtectionBuilder) ProtectKeysWithDpapiNG(IDataProtectionBuilder)

Configures keys to be encrypted with Windows CNG DPAPI before being persisted to storage. The keys will be decryptable by the current Windows user account.

SetApplicationName(IDataProtectionBuilder, String) SetApplicationName(IDataProtectionBuilder, String) SetApplicationName(IDataProtectionBuilder, String)

Sets the unique name of this application within the data protection system.

SetDefaultKeyLifetime(IDataProtectionBuilder, TimeSpan) SetDefaultKeyLifetime(IDataProtectionBuilder, TimeSpan) SetDefaultKeyLifetime(IDataProtectionBuilder, TimeSpan)

Sets the default lifetime of keys created by the data protection system.

UnprotectKeysWithAnyCertificate(IDataProtectionBuilder, X509Certificate2[]) UnprotectKeysWithAnyCertificate(IDataProtectionBuilder, X509Certificate2[]) UnprotectKeysWithAnyCertificate(IDataProtectionBuilder, X509Certificate2[])

Configures certificates which can be used to decrypt keys loaded from storage.

UseCryptographicAlgorithms(IDataProtectionBuilder, AuthenticatedEncryptionSettings) UseCryptographicAlgorithms(IDataProtectionBuilder, AuthenticatedEncryptionSettings) UseCryptographicAlgorithms(IDataProtectionBuilder, AuthenticatedEncryptionSettings)

Configures the data protection system to use the specified cryptographic algorithms by default when generating protected payloads.

UseCryptographicAlgorithms(IDataProtectionBuilder, AuthenticatedEncryptorConfiguration) UseCryptographicAlgorithms(IDataProtectionBuilder, AuthenticatedEncryptorConfiguration) UseCryptographicAlgorithms(IDataProtectionBuilder, AuthenticatedEncryptorConfiguration)

Configures the data protection system to use the specified cryptographic algorithms by default when generating protected payloads.

UseCustomCryptographicAlgorithms(IDataProtectionBuilder, ManagedAuthenticatedEncryptionSettings) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, ManagedAuthenticatedEncryptionSettings) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, ManagedAuthenticatedEncryptionSettings)

Configures the data protection system to use custom algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the EncryptionAlgorithm and ValidationAlgorithm enumerations.

UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngCbcAuthenticatedEncryptionSettings) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngCbcAuthenticatedEncryptionSettings) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngCbcAuthenticatedEncryptionSettings)

Configures the data protection system to use custom Windows CNG algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the EncryptionAlgorithm and ValidationAlgorithm enumerations.

UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngGcmAuthenticatedEncryptionSettings) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngGcmAuthenticatedEncryptionSettings) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngGcmAuthenticatedEncryptionSettings)

Configures the data protection system to use custom Windows CNG algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the EncryptionAlgorithm and ValidationAlgorithm enumerations.

UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngCbcAuthenticatedEncryptorConfiguration) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngCbcAuthenticatedEncryptorConfiguration) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngCbcAuthenticatedEncryptorConfiguration)

Configures the data protection system to use custom Windows CNG algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the EncryptionAlgorithm and ValidationAlgorithm enumerations.

UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngGcmAuthenticatedEncryptorConfiguration) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngGcmAuthenticatedEncryptorConfiguration) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, CngGcmAuthenticatedEncryptorConfiguration)

Configures the data protection system to use custom Windows CNG algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the EncryptionAlgorithm and ValidationAlgorithm enumerations.

UseCustomCryptographicAlgorithms(IDataProtectionBuilder, ManagedAuthenticatedEncryptorConfiguration) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, ManagedAuthenticatedEncryptorConfiguration) UseCustomCryptographicAlgorithms(IDataProtectionBuilder, ManagedAuthenticatedEncryptorConfiguration)

Configures the data protection system to use custom algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the EncryptionAlgorithm and ValidationAlgorithm enumerations.

UseEphemeralDataProtectionProvider(IDataProtectionBuilder) UseEphemeralDataProtectionProvider(IDataProtectionBuilder) UseEphemeralDataProtectionProvider(IDataProtectionBuilder)

Configures the data protection system to use the EphemeralDataProtectionProvider for data protection services.

Applies to