Microsoft.AspNetCore.DataProtection

Determines whether an exception must be homogenized by being wrapped inside a CryptographicException before being rethrown.

Extension methods for working with .

Creates an instance of and ensures that it is assignable to .

Returns a given an . Guaranteed to return non-null, even if is null.

Signifies that the should bind this property from the registry.

Writes an unsigned 32-bit value to a memory address, big-endian.

Writes a signed 32-bit value to a memory address, big-endian.

Extensions for configuring data protection using an .

Sets the unique name of this application within the data protection system.

The . The application name. A reference to the after this operation has completed. This API corresponds to setting the property to the value of .

Registers a to perform escrow before keys are persisted to storage.

The . The instance of the to register. A reference to the after this operation has completed. Registrations are additive.

Registers a to perform escrow before keys are persisted to storage.

The concrete type of the to register. The . A reference to the after this operation has completed. Registrations are additive. The factory is registered as .

Registers a to perform escrow before keys are persisted to storage.

The . A factory that creates the instance. A reference to the after this operation has completed. Registrations are additive. The factory is registered as .

Configures the key management options for the data protection system.

The . An to configure the provided. A reference to the after this operation has completed.

Configures the data protection system not to generate new keys automatically.

The . A reference to the after this operation has completed. Calling this API corresponds to setting to 'false'. See that property's documentation for more information.

Configures the data protection system to persist keys to the specified directory. This path may be on the local machine or may point to a UNC share.

The . The directory in which to store keys. A reference to the after this operation has completed.

Configures the data protection system to persist keys to the Windows registry.

The . The location in the registry where keys should be stored. A reference to the after this operation has completed.

Configures keys to be encrypted with Windows DPAPI before being persisted to storage. The encrypted key will only be decryptable by the current Windows user account.

The . A reference to the after this operation has completed. This API is only supported on Windows platforms.

Configures keys to be encrypted with Windows DPAPI before being persisted to storage.

The . 'true' if the key should be decryptable by any use on the local machine, 'false' if the key should only be decryptable by the current Windows user account. A reference to the after this operation has completed. This API is only supported on Windows platforms.

Configures keys to be encrypted with Windows CNG DPAPI before being persisted to storage. The keys will be decryptable by the current Windows user account.

The . A reference to the after this operation has completed. See https://msdn.microsoft.com/en-us/library/windows/desktop/hh706794(v=vs.85).aspx for more information on DPAPI-NG. This API is only supported on Windows 8 / Windows Server 2012 and higher.

Configures keys to be encrypted with Windows CNG DPAPI before being persisted to storage.

The . The descriptor rule string with which to protect the key material. Flags that should be passed to the call to 'NCryptCreateProtectionDescriptor'. The default value of this parameter is . A reference to the after this operation has completed. See https://msdn.microsoft.com/en-us/library/windows/desktop/hh769091(v=vs.85).aspx and https://msdn.microsoft.com/en-us/library/windows/desktop/hh706800(v=vs.85).aspx for more information on valid values for the the and arguments. This API is only supported on Windows 8 / Windows Server 2012 and higher.

Sets the default lifetime of keys created by the data protection system.

The . The lifetime (time before expiration) for newly-created keys. See for more information and usage notes. A reference to the after this operation has completed.

Configures the data protection system to use the specified cryptographic algorithms by default when generating protected payloads.

The . Information about what cryptographic algorithms should be used. A reference to the after this operation has completed.

Configures the data protection system to use custom Windows CNG algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the and enumerations.

The . Information about what cryptographic algorithms should be used. A reference to the after this operation has completed. This API is only available on Windows.

Configures the data protection system to use custom algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the and enumerations.

The . Information about what cryptographic algorithms should be used. A reference to the after this operation has completed.

Configures the data protection system to use the for data protection services.

The . A reference to the after this operation has completed. If this option is used, payloads protected by the data protection system will be permanently undecipherable after the application exits.

Provides global options for the Data Protection system.

An identifier that uniquely discriminates this application from all other applications on the machine. The discriminator value is implicitly included in all protected payloads generated by the data protection system to isolate multiple logical applications that all happen to be using the same key material.

If two different applications need to share protected payloads, they should ensure that this property is set to the same value across both applications.

Contains static factory methods for creating instances.

Creates an given an .

The global options to use when creating the provider. Provides mandatory services for use by the provider. An .

Returns a unique identifier for this application.

The application-level . A unique application identifier, or null if is null or cannot provide a unique application identifier. The returned identifier should be stable for repeated runs of this same application on this machine. Additionally, the identifier is only unique within the scope of a single machine, e.g., two different applications on two different machines may return the same value. This identifier may contain security-sensitive information such as physical file paths, configuration settings, or other machine-specific information. Callers should take special care not to disclose this information to untrusted entities.

An that is transient.

Payloads generated by a given instance can only be deciphered by that same instance. Once the instance is lost, all ciphertexts generated by that instance are permanently undecipherable.

Creates an ephemeral .

Creates an ephemeral , optionally providing services (such as logging) for consumption by the provider.

Provides access to configuration for the data protection system, which allows the developer to configure default cryptographic algorithms, key storage locations, and the mechanism by which keys are protected at rest.

If the developer changes the at-rest key protection mechanism, it is intended that he also change the key storage location, and vice versa. Similarly, when a developer modifies the default protected payload cryptographic algorithms, it is intended that he also select an explitiy key storage location. A call to should therefore generally be paired with a call to , for example. When the default cryptographic algorithms or at-rest key protection mechanisms are changed, they only affect new keys in the repository. The repository may contain existing keys that use older algorithms or protection mechanisms.

Provides access to the passed to this object's constructor.

An interface that can provide data protection services for data which has been persisted to long-term storage.

Cryptographically unprotects a piece of data, optionally ignoring failures due to revocation of the cryptographic keys used to protect the payload.

The protected data to unprotect. 'true' if the payload should be unprotected even if the cryptographic key used to protect it has been revoked (due to potential compromise), 'false' if revocation should fail the unprotect operation. 'true' if the data should be reprotected before being persisted back to long-term storage, 'false' otherwise. Migration might be requested when the default protection key has changed, for instance. 'true' if the cryptographic key used to protect this payload has been revoked, 'false' otherwise. Payloads whose keys have been revoked should be treated as suspect unless the application has separate assurance that the payload has not been tampered with. The plaintext form of the protected data. Implementations should throw CryptographicException if the protected data is invalid or malformed.

Represents a secret value.

The length (in bytes) of the secret value.

Writes the secret value to the specified buffer.

The buffer which should receive the secret value. The buffer size must exactly match the length of the secret value.

Wrappers around CryptProtectMemory / CryptUnprotectMemory.

A type which allows reading policy from the system registry.

Returns an array of s from the default registry location.

Represents a secret value stored in memory.

Creates a new Secret from the provided input value, where the input value is specified as an array segment.

Creates a new Secret from the provided input value, where the input value is specified as an array.

Creates a new Secret from the provided input value, where the input value is specified as a pointer to unmanaged memory.

Creates a new Secret from another secret object.

The length (in bytes) of the secret value.

Wipes the secret from memory.

Returns a Secret comprised entirely of random bytes retrieved from a cryptographically secure RNG.

Writes the secret value to the specified buffer.

The buffer size must exactly match the length of the secret value.

Writes the secret value to the specified buffer.

The buffer into which to write the secret value. The size (in bytes) of the provided buffer. The 'bufferLength' parameter must exactly match the length of the secret value.

A simplified default implementation of that understands how to call ctors which take .

A default whose wrapped is null.

Helpful extension methods on .

Throws if is not assignable to .

Contains XLinq constants.

The root namespace used for all DataProtection-specific XML elements and attributes.

Represents the type of decryptor that can be used when reading 'encryptedSecret' elements.

Elements with this attribute will be read with the specified deserializer type.

Elements with this name will be automatically decrypted when read by the XML key manager.

Elements where this attribute has a value of 'true' should be encrypted before storage.

Contains helpers to work with XElement objects.

Returns a new XElement which is a carbon copy of the provided element, but with no child nodes. Useful for writing exception messages without inadvertently disclosing secret key material. It is assumed that the element name itself and its attribute values are not secret.

Settings for configuring authenticated encryption algorithms.

The algorithm to use for symmetric encryption (confidentiality).

The default value is .

The algorithm to use for message authentication (tamper-proofing).

The default value is . This property is ignored if specifies a 'GCM' algorithm.

Validates that this is well-formed, i.e., that the specified algorithms actually exist and that they can be instantiated properly. An exception will be thrown if validation fails.

Performs a self-test of this encryptor by running a sample payload through an encrypt-then-decrypt operation. Throws if the operation fails.

Settings for configuring an authenticated encryption mechanism which uses Windows CNG algorithms in CBC encryption + HMAC authentication modes.

The name of the algorithm to use for symmetric encryption. This property corresponds to the 'pszAlgId' parameter of BCryptOpenAlgorithmProvider. This property is required to have a value.

The algorithm must support CBC-style encryption and must have a block size of 64 bits or greater. The default value is 'AES'.

The name of the provider which contains the implementation of the symmetric encryption algorithm. This property corresponds to the 'pszImplementation' parameter of BCryptOpenAlgorithmProvider. This property is optional.

The default value is null.

The length (in bits) of the key that will be used for symmetric encryption. This property is required to have a value.

The key length must be 128 bits or greater. The default value is 256.

The name of the algorithm to use for hashing data. This property corresponds to the 'pszAlgId' parameter of BCryptOpenAlgorithmProvider. This property is required to have a value.

The algorithm must support being opened in HMAC mode and must have a digest length of 128 bits or greater. The default value is 'SHA256'.

The name of the provider which contains the implementation of the hash algorithm. This property corresponds to the 'pszImplementation' parameter of BCryptOpenAlgorithmProvider. This property is optional.

The default value is null.

Validates that this is well-formed, i.e., that the specified algorithms actually exist and that they can be instantiated properly. An exception will be thrown if validation fails.

Settings for configuring an authenticated encryption mechanism which uses Windows CNG algorithms in GCM encryption + authentication modes.

The name of the algorithm to use for symmetric encryption. This property corresponds to the 'pszAlgId' parameter of BCryptOpenAlgorithmProvider. This property is required to have a value.

The algorithm must support CBC-style encryption and must have a block size exactly 128 bits. The default value is 'AES'.

The default value is null.

The length (in bits) of the key that will be used for symmetric encryption. This property is required to have a value.

The key length must be 128 bits or greater. The default value is 256.

Validates that this is well-formed, i.e., that the specified algorithm actually exists and can be instantiated properly. An exception will be thrown if validation fails.

Specifies a symmetric encryption algorithm to use for providing confidentiality to protected payloads.

The AES algorithm (FIPS 197) with a 128-bit key running in Cipher Block Chaining mode.

The AES algorithm (FIPS 197) with a 192-bit key running in Cipher Block Chaining mode.

The AES algorithm (FIPS 197) with a 256-bit key running in Cipher Block Chaining mode.

The AES algorithm (FIPS 197) with a 128-bit key running in Galois/Counter Mode (FIPS SP 800-38D).

This cipher mode produces a 128-bit authentication tag. This algorithm is currently only supported on Windows.

The AES algorithm (FIPS 197) with a 192-bit key running in Galois/Counter Mode (FIPS SP 800-38D).

This cipher mode produces a 128-bit authentication tag.

The AES algorithm (FIPS 197) with a 256-bit key running in Galois/Counter Mode (FIPS SP 800-38D).

This cipher mode produces a 128-bit authentication tag.

The basic interface for providing an authenticated encryption and decryption routine.

Validates the authentication tag of and decrypts a blob of encrypted data.

The ciphertext (including authentication tag) to decrypt. Any ancillary data which was used during computation of the authentication tag. The same AAD must have been specified in the corresponding call to 'Encrypt'. The original plaintext data (if the authentication tag was validated and decryption succeeded). All cryptography-related exceptions should be homogenized to CryptographicException.

Encrypts and tamper-proofs a piece of data.

Implemented by our settings classes to generalize creating configuration objects.

Creates a object from the given settings.

Performs a self-test of the algorithm specified by the settings object.

An optimized encryptor that can avoid buffer allocations in common code paths.

Encrypts and tamper-proofs a piece of data.

The plaintext to encrypt. This input may be zero bytes in length. A piece of data which will not be included in the returned ciphertext but which will still be covered by the authentication tag. This input may be zero bytes in length. The same AAD must be specified in the corresponding call to Decrypt. The number of bytes to pad before the ciphertext in the output. The number of bytes to pad after the ciphertext in the output. The ciphertext blob, including authentication tag. The ciphertext blob will be surrounded by the number of padding bytes requested. For instance, if the given (plaintext, AAD) input results in a (ciphertext, auth tag) output of 0x0102030405, and if 'preBufferSize' is 3 and 'postBufferSize' is 5, then the return value will be 0xYYYYYY0102030405ZZZZZZZZZZ, where bytes YY and ZZ are undefined. This method allows for a slight performance improvement over IAuthenticatedEncryptor.Encrypt in the case where the caller needs to prepend or append some data to the resulting ciphertext. For instance, if the caller needs to append a 32-bit header to the resulting ciphertext, then he can specify 4 for 'preBufferSize' and overwrite the first 32 bits of the buffer returned by this function. This saves the caller from having to allocate a new buffer to hold the final transformed result. All cryptography-related exceptions should be homogenized to CryptographicException.

Settings for configuring an authenticated encryption mechanism which uses managed SymmetricAlgorithm and KeyedHashAlgorithm implementations.

The type of the algorithm to use for symmetric encryption. The type must subclass . This property is required to have a value.

The algorithm must support CBC-style encryption and PKCS#7 padding and must have a block size of 64 bits or greater. The default algorithm is AES.

The length (in bits) of the key that will be used for symmetric encryption. This property is required to have a value.

The key length must be 128 bits or greater. The default value is 256.

The type of the algorithm to use for validation. Type type must subclass . This property is required to have a value.

The algorithm must have a digest length of 128 bits or greater. The default algorithm is HMACSHA256.

Validates that this is well-formed, i.e., that the specified algorithms actually exist and can be instantiated properly. An exception will be thrown if validation fails.

Contains helper methods for generating cryptographic algorithm factories.

Creates a factory that wraps a call to .

Specifies a message authentication algorithm to use for providing tamper-proofing to protected payloads.

The HMAC algorithm (RFC 2104) using the SHA-256 hash function (FIPS 180-4).

The HMAC algorithm (RFC 2104) using the SHA-512 hash function (FIPS 180-4).

Represents a generalized authenticated encryption mechanism.

A descriptor which can create an authenticated encryption system based upon the configuration provided by an object.

A class that can deserialize an that represents the serialized version of an .

Imports the from serialized XML.

Represents a configured authenticated encryption mechanism which uses Windows CNG algorithms in CBC encryption + HMAC authentication modes.

A descriptor which can create an authenticated encryption system based upon the configuration provided by an object.

A class that can deserialize an that represents the serialized version of an .

Imports the from serialized XML.

Represents a configured authenticated encryption mechanism which uses Windows CNG algorithms in GCM encryption + authentication modes.

A descriptor which can create an authenticated encryption system based upon the configuration provided by an object.

A class that can deserialize an that represents the serialized version of an .

Imports the from serialized XML.

Creates an from this using a random 512-bit master key generated from a secure PRNG.

The basic configuration that serves as a factory for types related to authenticated encryption.

Creates a new instance based on this configuration. The newly-created instance contains unique key material and is distinct from all other descriptors created by the method.

A unique .

A self-contained descriptor that wraps all information (including secret key material) necessary to create an instance of an .

Creates an instance based on the current descriptor.

An instance. For a given descriptor, any two instances returned by this method should be considered equivalent, e.g., the payload returned by one's method should be consumable by the other's method.

Exports the current descriptor to XML.

An wrapping the which represents the serialized current descriptor object. The deserializer type must be assignable to . If an element contains sensitive information (such as key material), the element should be marked via the extension method, and the caller should encrypt the element before persisting the XML to storage.

The basic interface for deserializing an XML element into an .

Deserializes the specified XML element.

The element to deserialize. The represented by .

A type that knows how to create instances of an given specific secret key material.

Creates a new instance from this configuration given specific secret key material.

Represents a configured authenticated encryption mechanism which uses managed and types.

A descriptor which can create an authenticated encryption system based upon the configuration provided by an object.

A class that can deserialize an that represents the serialized version of an .

Imports the from serialized XML.

Converts an to an <masterKey> element which is marked as requiring encryption.

Converts a base64-encoded string into an .

Marks the provided as requiring encryption before being persisted to storage. Use when implementing .

Wraps an that contains the XML-serialized representation of an along with the type that can be used to deserialize it.

Creates an instance of an .

The XML-serialized form of the . The class whose method can be used to deserialize .

The class whose method can be used to deserialize the value stored in .

An XML-serialized representation of an .

Base class used for all CNG-related authentication encryption operations.

Default implementation of .

Creates a new configuration object linked to a .

An interface into that also supports limited dependency injection (of ).

Creates an instance of and ensures that it is assignable to .

Implements policy for resolving the default key from a candidate keyring.

The window of time before the key expires when a new key should be created and persisted to the keyring to ensure uninterrupted service.

If the propagation time is 5 days and the current key expires within 5 days, a new key will be generated.

The maximum skew that is allowed between servers. This is used to allow newly-created keys to be used across servers even though their activation dates might be a few minutes into the future.

If the max skew is 5 minutes and the best matching candidate default key has an activation date of less than 5 minutes in the future, we'll use it.

Gets the default service (could return null).

Gets the default service (must not be null).

The basic implementation of , where the incoming XML element hasn't yet been fully processed.

The basic interface for representing an authenticated encryption key.

The date at which encryptions with this key can begin taking place.

The date on which this key was created.

The date after which encryptions with this key may no longer take place.

An expired key may still be used to decrypt existing payloads.

Returns a value stating whether this key was revoked.

A revoked key may still be used to decrypt existing payloads, but the payloads must be treated as tampered unless the application has some other assurance that the payloads are authentic.

The id of the key.

Creates an IAuthenticatedEncryptor instance that can be used to encrypt data to and decrypt data from this key.

An IAuthenticatedEncryptor.

The basic interface for implementing a key escrow sink.

is distinct from in that provides a write-only interface and instances handle unencrypted key material, while provides a read+write interface and instances handle encrypted key material.

Stores the given key material to the escrow service.

The id of the key being persisted to escrow. The unencrypted XML element that comprises the key material.

The basic interface for performing key management operations.

Instantiations of this interface are expected to be thread-safe.

Creates a new key with the specified activation and expiration dates and persists the new key to the underlying repository.

The date on which encryptions to this key may begin. The date after which encryptions to this key may no longer take place. The newly-created IKey instance.

Fetches all keys from the underlying repository.

The collection of all keys.

Retrieves a token that signals that callers who have cached the return value of GetAllKeys should clear their caches. This could be in response to a call to CreateNewKey or RevokeKey, or it could be in response to some other external notification. Callers who are interested in observing this token should call this method before the corresponding call to GetAllKeys.

The cache expiration token. When an expiration notification is triggered, any tokens previously returned by this method will become canceled, and tokens returned by future invocations of this method will themselves not trigger until the next expiration event. Implementations are free to return 'CancellationToken.None' from this method. Since this token is never guaranteed to fire, callers should still manually clear their caches at a regular interval.

Revokes a specific key and persists the revocation to the underlying repository.

The id of the key to revoke. An optional human-readable reason for revocation. This method will not mutate existing IKey instances. After calling this method, all existing IKey instances should be discarded, and GetAllKeys should be called again.

Revokes all keys created before a specified date and persists the revocation to the underlying repository.

The revocation date. All keys with a creation date before this value will be revoked. An optional human-readable reason for revocation. This method will not mutate existing IKey instances. After calling this method, all existing IKey instances should be discarded, and GetAllKeys should be called again.

The basic implementation of , where the has already been created.

The basic implementation of .

Gets an aggregate from the underlying . This method may return null if no sinks are registered.

Options that control how an should behave.

Specifies whether the data protection system should auto-generate keys.

If this value is 'false', the system will not generate new keys automatically. The key ring must contain at least one active non-revoked key, otherwise calls to may fail. The system may end up protecting payloads to expired keys if this property is set to 'false'. The default value is 'true'.

Specifies the period before key expiration in which a new key should be generated so that it has time to propagate fully throughout the key ring. For example, if this period is 72 hours, then a new key will be created and persisted to storage approximately 72 hours before expiration.

This value is currently fixed at 48 hours.

Controls the auto-refresh period where the key ring provider will flush its collection of cached keys and reread the collection from backing storage.

This value is currently fixed at 24 hours.

Specifies the maximum clock skew allowed between servers when reading keys from the key ring. The key ring may use a key which has not yet been activated or which has expired if the key's valid lifetime is within the allowed clock skew window. This value can be set to if key activation and expiration times should be strictly honored by this server.

This value is currently fixed at 5 minutes.

Controls the lifetime (number of days before expiration) for newly-generated keys.

The lifetime cannot be less than one week. The default value is 90 days.

A basic implementation of .

A key manager backed by an .

Creates an .

The repository where keys are stored. Configuration for newly-created keys. A provider of optional services.

Wraps both a keyring and its expiration policy.

Returns a new which is identical to 'this' but with a lifetime extended 2 minutes from . The inner cancellation token is also disconnected.

The default key, may be null if no key is a good default candidate.

If this property is non-null, its method will succeed so is appropriate for use with deferred keys.

The fallback key, which should be used only if the caller is configured not to honor the property. This property may be null if there is no viable fallback key.

If this property is non-null, its method will succeed so is appropriate for use with deferred keys.

'true' if a new key should be persisted to the keyring, 'false' otherwise. This value may be 'true' even if a valid default key was found.

Implements policy for resolving the default key from a candidate keyring.

Locates the default key from the keyring.

Provides default implementations of the services required by an .

Gets the default service (could return null).

Gets the default service (must not be null).

The basic interface for accessing a read-only keyring.

The authenticated encryptor that shall be used for new encryption operations.

Activation of the encryptor instance is deferred until first access.

The id of the key associated with .

Returns an encryptor instance for the given key, or 'null' if the key with the specified id cannot be found in the keyring.

Activation of the encryptor instance is deferred until first access.

An error occurred during a cryptographic operation.

The provided buffer is of length {0} byte(s). It must instead be exactly {1} byte(s) in length.

The payload was invalid.

Property {0} cannot be null or empty.

The provided payload could not be decrypted. Refer to the inner exception for more information.

An error occurred while trying to encrypt the provided data. Refer to the inner exception for more information.

The key {0:B} was not found in the key ring.

The key {0:B} has been revoked.

The provided payload cannot be decrypted because it was not protected with this protection provider.

The provided payload cannot be decrypted because it was protected with a newer version of the protection provider.

Value must be non-negative.

The type '{1}' is not assignable to '{0}'.

The new key lifetime must be at least one week.

The key {0:B} already exists in the keyring.

Argument cannot be null or empty.

Property {0} must have a non-negative value.

GCM algorithms require the Windows platform.

A certificate with the thumbprint '{0}' could not be found.

Decrypting EncryptedXml-encapsulated payloads is not yet supported on Core CLR.

The symmetric algorithm block size of {0} bits is invalid. The block size must be between 64 and 2048 bits, inclusive, and it must be a multiple of 8 bits.

The validation algorithm digest size of {0} bits is invalid. The digest size must be between 128 and 2048 bits, inclusive, and it must be a multiple of 8 bits.

The symmetric algorithm key size of {0} bits is invalid. The key size must be between 128 and 2048 bits, inclusive, and it must be a multiple of 8 bits.

The key ring does not contain a valid default protection key. The data protection system cannot create a new key because auto-generation of keys is disabled.

{0} must not be negative

An ephemeral XML repository backed by process memory. This class must not be used for anything other than dev scenarios as the keys will not be persisted to storage.

An XML repository backed by a file system.

Creates a with keys stored at the given directory.

The directory in which to persist key material.

Creates a with keys stored at the given directory.

The directory in which to persist key material. An optional to provide ancillary services.

The default key storage directory, which currently corresponds to "%LOCALAPPDATA%\ASP.NET\DataProtection-Keys".

This property can return null if no suitable default key storage directory can be found, such as the case when the user profile is unavailable.

The directory into which key material will be written.

The provided to the constructor.

The basic interface for storing and retrieving XML elements.

Gets all top-level XML elements in the repository.

All top-level elements in the repository.

Adds a top-level XML element to the repository.

The element to add. An optional name to be associated with the XML element. For instance, if this repository stores XML files on disk, the friendly name may be used as part of the file name. Repository implementations are not required to observe this parameter even if it has been provided by the caller. The 'friendlyName' parameter must be unique if specified. For instance, it could be the id of the key being stored.

An XML repository backed by the Windows registry.

Creates a with keys stored in the given registry key.

The registry key in which to persist key material.

Creates a with keys stored in the given registry key.

The registry key in which to persist key material. The used to resolve services.

The default key storage directory, which currently corresponds to "HKLM\SOFTWARE\Microsoft\ASP.NET\4.0.30319.0\AutoGenKeys\{SID}".

This property can return null if no suitable default registry key can be found, such as the case when this application is not hosted inside IIS.

The registry key into which key material will be written.

The provided to the constructor.

Provides an implementation of the SP800-108-CTR-HMACSHA512 key derivation function. This class assumes at least Windows 7 / Server 2008 R2.

More info at http://csrc.nist.gov/publications/nistpubs/800-108/sp800-108.pdf, Sec. 5.1.

Flags used to control the creation of protection descriptors.

These values correspond to the 'dwFlags' parameter on NCryptCreateProtectionDescriptor. See https://msdn.microsoft.com/en-us/library/windows/desktop/hh706800(v=vs.85).aspx for more information.

No special handling is necessary.

The provided descriptor is a reference to a full descriptor stored in the system registry.

When combined with , uses the HKLM registry instead of the HKCU registry when locating the full descriptor.

An that decrypts XML elements that were encrypted with .

This API is only supported on Windows 8 / Windows Server 2012 and higher.

Creates a new instance of a .

An optional to provide ancillary services.

Decrypts the specified XML element.

An encrypted XML element. The decrypted form of .

A class that can encrypt XML elements using Windows DPAPI:NG.

This API is only supported on Windows 8 / Windows Server 2012 and higher.

Creates a new instance of a .

The rule string from which to create the protection descriptor. Flags controlling the creation of the protection descriptor.

Creates a new instance of a .

The rule string from which to create the protection descriptor. Flags controlling the creation of the protection descriptor. An optional to provide ancillary services.

Encrypts the specified .

The plaintext to encrypt. An that contains the encrypted value of along with information about how to decrypt it.

Creates a rule string tied to the current Windows user and which is transferrable across machines (backed up in AD).

An that decrypts XML elements that were encrypted with .

Creates a new instance of a .

An optional to provide ancillary services.

Decrypts the specified XML element.

An encrypted XML element. The decrypted form of .

An that encrypts XML by using Windows DPAPI.

This API is only supported on Windows platforms.

Creates a given a protection scope.

'true' if the data should be decipherable by anybody on the local machine, 'false' if the data should only be decipherable by the current Windows user account.

Creates a given a protection scope and an .

'true' if the data should be decipherable by anybody on the local machine, 'false' if the data should only be decipherable by the current Windows user account. An optional to provide ancillary services.

Encrypts the specified .

The plaintext to encrypt. An that contains the encrypted value of along with information about how to decrypt it.

Wraps an that contains a blob of encrypted XML and information about the class which can be used to decrypt it.

Creates an instance of an .

A piece of encrypted XML. The class whose method can be used to decrypt .

The class whose method can be used to decrypt the value stored in .

A piece of encrypted XML.

The basic interface for decrypting an XML element.

Decrypts the specified XML element.

An encrypted XML element. The decrypted form of . Implementations of this method must not mutate the instance provided by .

The basic interface for encrypting XML elements.

Encrypts the specified .

The plaintext to encrypt. An that contains the encrypted value of along with information about how to decrypt it. Implementations of this method must not mutate the instance provided by .

An that decrypts XML elements with a null decryptor.

Decrypts the specified XML element.

An encrypted XML element. The decrypted form of .

An that encrypts XML elements with a null encryptor.

Creates a new instance of .

An optional to provide ancillary services.

Encrypts the specified with a null encryptor, i.e., by returning the original value of unencrypted.

The plaintext to echo back. An that contains the null-encrypted value of along with information about how to decrypt it.

Converts an to a so that it can be kept in memory securely or run through the DPAPI routines.

Converts a back into an .

Extension methods for setting up data protection services in an .

Adds data protection services to the specified .

The to add services to.

Adds data protection services to the specified .

The to add services to. An to configure the provided . A reference to this instance after the operation has completed.

Default instances for the Data Protection system.

An backed by the host-provided defaults.

An where the key lifetime is specified explicitly.

An backed by default algorithmic options.

An backed by an .

An backed by the default keyring.

An ephemeral .

An backed by a given implementation type.

The implementation type name is provided as a string so that we can provide activation services.

An backed by the default XML key manager.

An backed by DPAPI.

An backed by DPAPI-NG.

An backed by a file system.

An backed by volatile in-process memory.

An backed by the Windows registry.

Provides access to default Data Protection instances.

Returns a collection of default instances that can be used to bootstrap the Data Protection system.

Helpful extension methods on .

Returns a value stating whether the 'debug' log level is enabled. Returns false if the logger instance is null.

Returns a value stating whether the 'error' log level is enabled. Returns false if the logger instance is null.

Returns a value stating whether the 'information' log level is enabled. Returns false if the logger instance is null.

Returns a value stating whether the 'trace' log level is enabled. Returns false if the logger instance is null.

Returns a value stating whether the 'warning' log level is enabled. Returns false if the logger instance is null.

Helpful logging-related extension methods on .

Retrieves an instance of given the type name . This is equivalent to .

An instance, or null if is null or the cannot produce an .

Retrieves an instance of given the type name . This is equivalent to .

An instance, or null if is null or the cannot produce an .