IKeyManager Interface

The basic interface for performing key management operations.

Namespace
Microsoft.AspNetCore.DataProtection.KeyManagement
Assemblies
  • Microsoft.AspNetCore.DataProtection

Syntax

public interface IKeyManager
interface Microsoft.AspNetCore.DataProtection.KeyManagement.IKeyManager

Methods

CreateNewKey(System.DateTimeOffset, System.DateTimeOffset)

Creates a new key with the specified activation and expiration dates and persists the new key to the underlying repository.

Arguments:
  • activationDate (System.DateTimeOffset) – The date on which encryptions to this key may begin.
  • expirationDate (System.DateTimeOffset) – The date after which encryptions to this key may no longer take place.
Return type:

Microsoft.AspNetCore.DataProtection.KeyManagement.IKey
Returns:

The newly-created IKey instance.

 
IKey CreateNewKey(DateTimeOffset activationDate, DateTimeOffset expirationDate)
GetAllKeys()

Fetches all keys from the underlying repository.

Return type:System.Collections.Generic.IReadOnlyCollection<Microsoft.AspNetCore.DataProtection.KeyManagement.IKey>
Returns:The collection of all keys. 
IReadOnlyCollection<IKey> GetAllKeys()
GetCacheExpirationToken()

Retrieves a token that signals that callers who have cached the return value of GetAllKeys should clear their caches. This could be in response to a call to CreateNewKey or RevokeKey, or it could be in response to some other external notification. Callers who are interested in observing this token should call this method before the corresponding call to GetAllKeys.

Return type:System.Threading.CancellationToken
Returns:The cache expiration token. When an expiration notification is triggered, any tokens previously returned by this method will become canceled, and tokens returned by future invocations of this method will themselves not trigger until the next expiration event. 
CancellationToken GetCacheExpirationToken()
RevokeAllKeys(System.DateTimeOffset, System.String)

Revokes all keys created before a specified date and persists the revocation to the underlying repository.

Arguments:
  • revocationDate (System.DateTimeOffset) – The revocation date. All keys with a creation date before this value will be revoked.
  • reason (System.String) – An optional human-readable reason for revocation.
 
void RevokeAllKeys(DateTimeOffset revocationDate, string reason = null)
RevokeKey(System.Guid, System.String)

Revokes a specific key and persists the revocation to the underlying repository.

Arguments:
  • keyId (System.Guid) – The id of the key to revoke.
  • reason (System.String) – An optional human-readable reason for revocation.
 
void RevokeKey(Guid keyId, string reason = null)