DataProtectionBuilderExtensions Class¶

Extensions for configuring data protection using an Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder.

Namespace

Microsoft.AspNetCore.DataProtection

Assemblies

Microsoft.AspNetCore.DataProtection

Inheritance Hierarchy ¶

System.Object
Microsoft.AspNetCore.DataProtection.DataProtectionBuilderExtensions

Syntax ¶

public class DataProtectionBuilderExtensions

class Microsoft.AspNetCore.DataProtection.DataProtectionBuilderExtensions

Methods ¶

AddKeyEscrowSink(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink)¶

Registers a Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink to perform escrow before keys are persisted to storage.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. sink (Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink) – The instance of the `Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink` to register.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder AddKeyEscrowSink(this IDataProtectionBuilder builder, IKeyEscrowSink sink)

AddKeyEscrowSink(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.Func<System.IServiceProvider, Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink>)

Registers a Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink to perform escrow before keys are persisted to storage.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. factory (System.Func<System.IServiceProvider>) – A factory that creates the `Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink` instance.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder AddKeyEscrowSink(this IDataProtectionBuilder builder, Func<IServiceProvider, IKeyEscrowSink> factory)

AddKeyEscrowSink<TImplementation>(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder)¶

Registers a Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyEscrowSink to perform escrow before keys are persisted to storage.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder AddKeyEscrowSink<TImplementation>(this IDataProtectionBuilder builder)where TImplementation : class, IKeyEscrowSink

AddKeyManagementOptions(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.Action<Microsoft.AspNetCore.DataProtection.KeyManagement.KeyManagementOptions>)¶

Configures the key management options for the data protection system.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. setupAction (System.Action<Microsoft.AspNetCore.DataProtection.KeyManagement.KeyManagementOptions>) – An System.Action`1 to configure the provided `Microsoft.AspNetCore.DataProtection.KeyManagement.KeyManagementOptions`.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder AddKeyManagementOptions(this IDataProtectionBuilder builder, Action<KeyManagementOptions> setupAction)

DisableAutomaticKeyGeneration(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder)¶

Configures the data protection system not to generate new keys automatically.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder DisableAutomaticKeyGeneration(this IDataProtectionBuilder builder)

PersistKeysToFileSystem(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.IO.DirectoryInfo)¶

Configures the data protection system to persist keys to the specified directory. This path may be on the local machine or may point to a UNC share.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. directory (System.IO.DirectoryInfo) – The directory in which to store keys.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder PersistKeysToFileSystem(this IDataProtectionBuilder builder, DirectoryInfo directory)

PersistKeysToRegistry(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, Microsoft.Win32.RegistryKey)¶

Configures the data protection system to persist keys to the Windows registry.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. registryKey (Microsoft.Win32.RegistryKey) – The location in the registry where keys should be stored.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder PersistKeysToRegistry(this IDataProtectionBuilder builder, RegistryKey registryKey)

ProtectKeysWithCertificate(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.Security.Cryptography.X509Certificates.X509Certificate2)¶

Configures keys to be encrypted to a given certificate before being persisted to storage.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. certificate (System.Security.Cryptography.X509Certificates.X509Certificate2) – The certificate to use when encrypting keys.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder ProtectKeysWithCertificate(this IDataProtectionBuilder builder, X509Certificate2 certificate)

ProtectKeysWithCertificate(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.String)

Configures keys to be encrypted to a given certificate before being persisted to storage.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. thumbprint (System.String) – The thumbprint of the certificate to use when encrypting keys.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder ProtectKeysWithCertificate(this IDataProtectionBuilder builder, string thumbprint)

ProtectKeysWithDpapi(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder)¶

Configures keys to be encrypted with Windows DPAPI before being persisted to storage. The encrypted key will only be decryptable by the current Windows user account.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder ProtectKeysWithDpapi(this IDataProtectionBuilder builder)

ProtectKeysWithDpapi(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.Boolean)

Configures keys to be encrypted with Windows DPAPI before being persisted to storage.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. protectToLocalMachine (System.Boolean) – ‘true’ if the key should be decryptable by any use on the local machine, ‘false’ if the key should only be decryptable by the current Windows user account.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder ProtectKeysWithDpapi(this IDataProtectionBuilder builder, bool protectToLocalMachine)

ProtectKeysWithDpapiNG(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder)¶

Configures keys to be encrypted with Windows CNG DPAPI before being persisted to storage. The keys will be decryptable by the current Windows user account.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder ProtectKeysWithDpapiNG(this IDataProtectionBuilder builder)

ProtectKeysWithDpapiNG(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.String, Microsoft.AspNetCore.DataProtection.XmlEncryption.DpapiNGProtectionDescriptorFlags)

Configures keys to be encrypted with Windows CNG DPAPI before being persisted to storage.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. protectionDescriptorRule (System.String) – The descriptor rule string with which to protect the key material. flags (Microsoft.AspNetCore.DataProtection.XmlEncryption.DpapiNGProtectionDescriptorFlags) – Flags that should be passed to the call to ‘NCryptCreateProtectionDescriptor’. The default value of this parameter is `Microsoft.AspNetCore.DataProtection.XmlEncryption.DpapiNGProtectionDescriptorFlags.None`.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder ProtectKeysWithDpapiNG(this IDataProtectionBuilder builder, string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags)

SetApplicationName(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.String)¶

Sets the unique name of this application within the data protection system.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. applicationName (System.String) – The application name.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder SetApplicationName(this IDataProtectionBuilder builder, string applicationName)

SetDefaultKeyLifetime(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, System.TimeSpan)¶

Sets the default lifetime of keys created by the data protection system.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. lifetime (System.TimeSpan) – The lifetime (time before expiration) for newly-created keys. See `Microsoft.AspNetCore.DataProtection.KeyManagement.KeyManagementOptions.NewKeyLifetime` for more information and usage notes.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder SetDefaultKeyLifetime(this IDataProtectionBuilder builder, TimeSpan lifetime)

UseCryptographicAlgorithms(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.AuthenticatedEncryptionSettings)¶

Configures the data protection system to use the specified cryptographic algorithms by default when generating protected payloads.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. settings (Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.AuthenticatedEncryptionSettings) – Information about what cryptographic algorithms should be used.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder UseCryptographicAlgorithms(this IDataProtectionBuilder builder, AuthenticatedEncryptionSettings settings)

UseCustomCryptographicAlgorithms(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.CngCbcAuthenticatedEncryptionSettings)¶

Configures the data protection system to use custom Windows CNG algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.EncryptionAlgorithm and Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ValidationAlgorithm enumerations.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. settings (Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.CngCbcAuthenticatedEncryptionSettings) – Information about what cryptographic algorithms should be used.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

[EditorBrowsable(EditorBrowsableState.Advanced)]
public static IDataProtectionBuilder UseCustomCryptographicAlgorithms(this IDataProtectionBuilder builder, CngCbcAuthenticatedEncryptionSettings settings)

UseCustomCryptographicAlgorithms(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.CngGcmAuthenticatedEncryptionSettings)

Configures the data protection system to use custom Windows CNG algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.EncryptionAlgorithm and Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ValidationAlgorithm enumerations.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. settings (Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.CngGcmAuthenticatedEncryptionSettings) – Information about what cryptographic algorithms should be used.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

[EditorBrowsable(EditorBrowsableState.Advanced)]
public static IDataProtectionBuilder UseCustomCryptographicAlgorithms(this IDataProtectionBuilder builder, CngGcmAuthenticatedEncryptionSettings settings)

UseCustomCryptographicAlgorithms(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder, Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ManagedAuthenticatedEncryptionSettings)

Configures the data protection system to use custom algorithms. This API is intended for advanced scenarios where the developer cannot use the algorithms specified in the Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.EncryptionAlgorithm and Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ValidationAlgorithm enumerations.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`. settings (Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ManagedAuthenticatedEncryptionSettings) – Information about what cryptographic algorithms should be used.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

[EditorBrowsable(EditorBrowsableState.Advanced)]
public static IDataProtectionBuilder UseCustomCryptographicAlgorithms(this IDataProtectionBuilder builder, ManagedAuthenticatedEncryptionSettings settings)

UseEphemeralDataProtectionProvider(Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder)¶

Configures the data protection system to use the Microsoft.AspNetCore.DataProtection.EphemeralDataProtectionProvider for data protection services.

Arguments:	builder (Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder) – The `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder`.
Return type:	Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder
Returns:	A reference to the `Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder` after this operation has completed.

public static IDataProtectionBuilder UseEphemeralDataProtectionProvider(this IDataProtectionBuilder builder)

DataProtectionBuilderExtensions Class¶

Inheritance Hierarchy¶

Syntax¶

Methods¶

Inheritance Hierarchy ¶

Syntax ¶

Methods ¶