Class CryptographyProviders
- Namespace
- Yubico.YubiKey.Cryptography
- Assembly
- Yubico.YubiKey.dll
This class contains properties that specify cryptographic providers.
public static class CryptographyProviders
- Inheritance
-
objectCryptographyProviders
Remarks
During the course of operations, the SDK will need to perform cryptographic operations, such as random number generation, HMAC, Triple-DES encryption, and so on. Any SDK operation that needs crypto will get it from this class.
The properties in this class are delegates. They are functions that can
build objects that will perform the required crypto. The reason these
properties are methods that build objects, rather than objects
themselves, is because the crypto classes implement IDisposable
.
In order to avoid the complex problem of ownership of an object that will
be disposed once it goes out of scope, the SDK will create a new object
each time one is needed. This new object will be in scope only for the
duration of its use in the SDK, and will be disposed immediately when the
SDK is done with it.
This class will return default implementations, but can be replaced. That is, if you do nothing, the SDK will use default C# cryptography. If you want the SDK to use your own implementations, you can do so. See the User's Manual entry on alternate crypto implementations for a detailed description of replacing the defaults. Generally, you will simply need to set the appropriate property with a new function.
Most applications will not replace the defaults, but for those that want the SDK to use a hardware RNG, hardware accelerator, or any other specific implementation for whatever reason, it is possible.
Properties
AesCreator
This property is a delegate (function pointer). The method loaded
will return an instance of AES
.
public static Func<Aes> AesCreator { get; set; }
Property Value
- Func<Aes>
Remarks
When an SDK operation needs to encrypt or decrypt data using
AES, it will do so using an implementation of the
System.Security.Cryptography.AES
abstract class.
However, when it needs the AES class, it will ask this delegate to
build an object, rather than ask for an object itself. This has to do
with the fact that the AES
class implements
IDisposable
. In order to avoid the complex problem of
ownership of an object that will be disposed once it goes out of
scope, the SDK will create a new object each time one is needed. This
new object will be in scope only for the duration of its use in the
SDK, and will be disposed immediately when the SDK is done with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
AES aesObject = CryptographyProviders.AesCreator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.AesCreator = () =>
{
Handle aesHandle = GetHandle();
return AesImpl.GetAesObject(aesHandle);
};
AesGcmPrimitivesCreator
This property is a delegate (function pointer). This method will return an instance of IAesGcmPrimitives.
public static Func<IAesGcmPrimitives> AesGcmPrimitivesCreator { get; set; }
Property Value
- Func<IAesGcmPrimitives>
Remarks
When an SDK operation needs to perform AES-GCM encrypt or decrypt, it will do so using an implementation of the IAesGcmPrimitives interface. However, when it needs an instance, it will this delegate to build an object, rather than build it itself.
For example:
IAesGcmPrimitives aesGcm = CryptographyProviders.AesGcmPrimitivesCreator();
If you want to replace the implementation, you will likely do something like this in your application. The body of the delegate is responsible for creating an instance of AES-GCM based on an implementation of your own choosing.
CryptographyProviders.AesGcmPrimitivesCreator = () =>
{
Handle aesHandle = GetHandle();
return AesGcmImpl.GetAesGcmObject(aesHandle);
}
CmacPrimitivesCreator
This property is a delegate (function pointer). This method will return an instance of ICmacPrimitives, built to use the specified algorithm.
public static Func<CmacBlockCipherAlgorithm, ICmacPrimitives> CmacPrimitivesCreator { get; set; }
Property Value
Remarks
Note that ICmacPrimitives implements IDisposable, so either call
Dispose when done with it, or use the using
keyword.
For example,
using ICmacPrimitives cmacObj =
CryptographyProviders.CmacPrimitivesCreator(CmacBlockCipherAlgorithm.Aes128);
DesCreator
This property is a delegate (function pointer). The method loaded
will return an instance of DES
.
public static Func<DES> DesCreator { get; set; }
Property Value
- Func<DES>
Remarks
When an SDK operation needs to encrypt or decrypt data using
DES, it will do so using an implementation of the
System.Security.Cryptography.DES
abstract class.
However, when it needs the DES class, it will ask this
delegate to build an object, rather than ask for an object itself.
This has to do with the fact that the DES
class
implements IDisposable
. In order to avoid the complex problem
of ownership of an object that will be disposed once it goes out of
scope, the SDK will create a new object each time one is needed. This
new object will be in scope only for the duration of its use in the
SDK, and will be disposed immediately when the SDK is done with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
DES desObject = CryptographyProviders.DesCreator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.DesCreator = () =>
{
Handle desHandle = GetHandle();
return DesImpl.GetDesObject(desHandle);
};
EcdhPrimitivesCreator
This property is a delegate (function pointer). This method will return an instance of IEcdhPrimitives.
public static Func<IEcdhPrimitives> EcdhPrimitivesCreator { get; set; }
Property Value
- Func<IEcdhPrimitives>
Remarks
When an SDK operation needs to perform compute the ECDH shared secret, it will do so using an implementation of the IEcdhPrimitives interface. However, when it needs an instance, it will as this delegate to build an object, rather than build it itself.
If you want to replace the implementation, you will likely do something like this in your application. The body of the delegate is responsible for creating an instance of ECDH based on an implementation of your own choosing.
CryptographyProviders.EcdhPrimitivesCreator = () =>
{
Handle ecdhHandle = GetHandle();
return EcdhImpl.GetEcdhObject(ecdhHandle);
}
HmacCreator
This property is a delegate (function pointer). This method will return
an instance of HMAC
.
public static Func<string, HMAC> HmacCreator { get; set; }
Property Value
- Func<string, HMAC>
RngCreator
This property is a delegate (function pointer). The method loaded
will return an instance of RandomNumberGenerator
.
public static Func<RandomNumberGenerator> RngCreator { get; set; }
Property Value
- Func<RandomNumberGenerator>
Remarks
When an SDK operation needs random numbers it will generate them
using an implementation of the
System.Security.Cryptography.RandomNumberGenerator
abstract
class. However, when it needs the RNG class, it will ask this
delegate to build an object, rather than ask for an object itself.
This has to do with the fact that the RandomNumberGenerator
class implements IDisposable
. In order to avoid the complex
problem of ownership of an object that will be disposed once it goes
out of scope, the SDK will create a new object each time one is
needed. This new object will be in scope only for the duration of its
use in the SDK, and will be disposed immediately when the SDK is done
with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
RandomNumberGenerator randomObject =
CryptographyProviders.RngCreator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.RngCreator = () =>
{
Handle rngHandle = RngImpl.GetRngHandle();
return RngImpl.GetRandomObject(rngHandle);
};
Sha1Creator
This property is a delegate (function pointer). The method loaded
will return an instance of SHA1
.
public static Func<SHA1> Sha1Creator { get; set; }
Property Value
- Func<SHA1>
Remarks
When an SDK operation needs to digest data using SHA-1, it will do so
using an implementation of the
System.Security.Cryptography.SHA1
abstract class. However,
when it needs the SHA1 class, it will ask this delegate to build an
object, rather than ask for an object itself. This has to do with the
fact that the SHA1
class implements IDisposable
. In
order to avoid the complex problem of ownership of an object that
will be disposed once it goes out of scope, the SDK will create a new
object each time one is needed. This new object will be in scope only
for the duration of its use in the SDK, and will be disposed
immediately when the SDK is done with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
SHA1 sha1Object = CryptographyProviders.Sha1Creator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.Sha1Creator = () =>
{
Handle sha1Handle = Sha1Impl.GetSha1Handle();
return Sha1Impl.GetSha1Object(sha1Handle);
};
Sha256Creator
This property is a delegate (function pointer). The method loaded
will return an instance of SHA256
.
public static Func<SHA256> Sha256Creator { get; set; }
Property Value
- Func<SHA256>
Remarks
When an SDK operation needs to digest data using SHA-256, it will do
so using an implementation of the
System.Security.Cryptography.SHA256
abstract class. However,
when it needs the SHA256 class, it will ask this delegate to build an
object, rather than ask for an object itself. This has to do with the
fact that the SHA256
class implements IDisposable
. In
order to avoid the complex problem of ownership of an object that
will be disposed once it goes out of scope, the SDK will create a new
object each time one is needed. This new object will be in scope only
for the duration of its use in the SDK, and will be disposed
immediately when the SDK is done with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
SHA256 sha256Object = CryptographyProviders.Sha256Creator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.Sha256Creator = () =>
{
Handle sha256Handle = Sha256Impl.GetSha256Handle();
return Sha256Impl.GetSha256Object(sha256Handle);
};
Sha384Creator
This property is a delegate (function pointer). The method loaded
will return an instance of SHA384
.
public static Func<SHA384> Sha384Creator { get; set; }
Property Value
- Func<SHA384>
Remarks
When an SDK operation needs to digest data using SHA-384, it will do
so using an implementation of the
System.Security.Cryptography.SHA384
abstract class. However,
when it needs the SHA384 class, it will ask this delegate to build an
object, rather than ask for an object itself. This has to do with the
fact that the SHA384
class implements IDisposable
. In
order to avoid the complex problem of ownership of an object that
will be disposed once it goes out of scope, the SDK will create a new
object each time one is needed. This new object will be in scope only
for the duration of its use in the SDK, and will be disposed
immediately when the SDK is done with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
SHA384 sha384Object = CryptographyProviders.Sha384Creator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.Sha384Creator = () =>
{
Handle sha384Handle = Sha384Impl.GetSha384Handle();
return Sha384Impl.GetSha384Object(sha384Handle);
};
Sha512Creator
This property is a delegate (function pointer). The method loaded
will return an instance of SHA512
.
public static Func<SHA512> Sha512Creator { get; set; }
Property Value
- Func<SHA512>
Remarks
When an SDK operation needs to digest data using SHA-512, it will do
so using an implementation of the
System.Security.Cryptography.SHA512
abstract class. However,
when it needs the SHA512 class, it will ask this delegate to build an
object, rather than ask for an object itself. This has to do with the
fact that the SHA512
class implements IDisposable
. In
order to avoid the complex problem of ownership of an object that
will be disposed once it goes out of scope, the SDK will create a new
object each time one is needed. This new object will be in scope only
for the duration of its use in the SDK, and will be disposed
immediately when the SDK is done with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
SHA512 sha512Object = CryptographyProviders.Sha512Creator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.Sha512Creator = () =>
{
Handle sha512Handle = Sha512Impl.GetSha512Handle();
return Sha512Impl.GetSha512Object(sha512Handle);
};
TripleDesCreator
This property is a delegate (function pointer). The method loaded
will return an instance of TripleDES
.
public static Func<TripleDES> TripleDesCreator { get; set; }
Property Value
- Func<TripleDES>
Remarks
When an SDK operation needs to encrypt or decrypt data using
Triple-DES, it will do so using an implementation of the
System.Security.Cryptography.TripleDES
abstract class.
However, when it needs the Triple-DES class, it will ask this
delegate to build an object, rather than ask for an object itself.
This has to do with the fact that the TripleDES
class
implements IDisposable
. In order to avoid the complex problem
of ownership of an object that will be disposed once it goes out of
scope, the SDK will create a new object each time one is needed. This
new object will be in scope only for the duration of its use in the
SDK, and will be disposed immediately when the SDK is done with it.
The method loaded will return an object. This class is initialized with a method that will build and return an instance of the C# default implementation. For example, it could be used as follows.
TripleDES tripleDesObject = CryptographyProviders.TripleDesCreator();
If you want to replace the implementation, you will likely do something like this in your application.
CryptographyProviders.TripleDesCreator = () =>
{
Handle tripleDesHandle = GetHandle();
return TDesImpl.GetTripleDesObject(tripleDesHandle);
};