Show / Hide Table of Contents

Class X509Alias

Represents an X509Context, a certificate/key pair and 0 or more secrets encrypted by the certificate/key pair

Inheritance
System.Object
X509Alias
Namespace: Org.X509Crypto
Assembly: EasyPKIView.dll
Syntax
public class X509Alias : IDisposable

Constructors

X509Alias(String, X509Context)

This constructor is intended to load an already-existing X509Alias

Declaration
public X509Alias(string Name, X509Context Context)
Parameters
Type Name Description
System.String Name

The desired identifier for the alias (must be unique within the specified context

X509Context Context

The context in which to create the alias

X509Alias(String, String, X509Context, Boolean)

This constructor is intended to create a new X509Alias pointing to the specified encryption certificate

Declaration
public X509Alias(string Name, string Thumbprint, X509Context Context, bool complainIfExists)
Parameters
Type Name Description
System.String Name

The desired identifier for the alias

System.String Thumbprint

The SHA1 thumbprint of the certificate to be used for cryptographic operations. Must exist in the specified Context

X509Context Context

The context in which to create the alias

System.Boolean complainIfExists

If set to true, an exception is thrown if an existing alias identifier is specified for "Name"

Properties

Certificate

Declaration
public X509Certificate2 Certificate { get; }
Property Value
Type Description
X509Certificate2

Context

The context where cryptographic operations shoudl occur (either system or user)

Declaration
public X509Context Context { get; set; }
Property Value
Type Description
X509Context

FullName

The fully-qualified name of the X509Alias in the format [Context][Name]

Declaration
public string FullName { get; }
Property Value
Type Description
System.String

Name

The identifier assigned to this alias

Declaration
public string Name { get; set; }
Property Value
Type Description
System.String

Thumbprint

The thumbprint of the certificate used for cryptographic operations in this alias

Declaration
public string Thumbprint { get; set; }
Property Value
Type Description
System.String

Methods

AddSecret(KeyValuePair<String, String>, Boolean)

Adds a secret (which has already been encrypted using the certificate associated with this X509Alias) and its identifier to this X509Alias

Declaration
public void AddSecret(KeyValuePair<string, string> tuple, bool overwriteExisting)
Parameters
Type Name Description
KeyValuePair<System.String, System.String> tuple

Key should be the secret identifier, Value should be the encrypted secret

System.Boolean overwriteExisting

Indicates whether an existing secret in the alias with the same value for "Name" as specified may be overwritten

AddSecret(String, X509Alias, Boolean)

Re-encrypts a secret from a different X509Alias and stores it in this X509Alias

Declaration
public string AddSecret(string key, X509Alias OldAlias, bool overwriteExisting)
Parameters
Type Name Description
System.String key

The identifier of the secret as it is stored in the old X509Alias

X509Alias OldAlias

The old X509Alias where the secret is currently encrypted and stored

System.Boolean overwriteExisting

If true, an existing secret in this X509Alias with the same identifier may be overwritten

Returns
Type Description
System.String

A Base64-encoded ciphertext expression

AddSecret(String, String, Boolean)

Encrypts the specified plaintext expression and stores it in this X509Alias

Declaration
public string AddSecret(string key, string plaintext, bool overwriteExisting)
Parameters
Type Name Description
System.String key

The desired identifier for the secret (must be unique within the alias)

System.String plaintext

The plaintext expression to be encrypted

System.Boolean overwriteExisting

Indicates whether an existing secret in the alias with the same value for "Name" as specified may be overwritten

Returns
Type Description
System.String

A Base64-encoded ciphertext string

AliasExists(X509Alias)

Indicates whether there is already a storage path for the specified X509Alias on the system

Declaration
public static bool AliasExists(X509Alias Alias)
Parameters
Type Name Description
X509Alias Alias

The X509Alias for which to check for a storage path

Returns
Type Description
System.Boolean

true if a storage path exists for the specified X509Alias

Commit()

Writes the X509Alias to the local file system for later retrieval

Declaration
public void Commit()

DecryptFile(String, String, Int32)

Recovers the specified encrypted file

Declaration
public void DecryptFile(string inFile, string outFile, int wipeTimesToWrite = 0)
Parameters
Type Name Description
System.String inFile

The path to the encrypted file to be recovered. Path must exist

System.String outFile

The path in which to write the recovered plaintext file

System.Int32 wipeTimesToWrite

Performs n-pass forensic wipe of the disk sectors where the input file was stored.

DecryptText(String)

Decrypts the specified Base64-encoded ciphertext expression

Declaration
public string DecryptText(string ciphertext)
Parameters
Type Name Description
System.String ciphertext

The Base64-encoded ciphertext expression to be decrypted

Returns
Type Description
System.String

A recovered plaintext string

Dispose()

X509Alias Destructor

Declaration
public void Dispose()

DumpSecrets(SecretDumpFormat, Boolean)

Generates a data structure, in the selected format of all secret names and values contained within the X509Alias

Declaration
public dynamic DumpSecrets(SecretDumpFormat selectedFormat, bool reveal)
Parameters
Type Name Description
Org.X509Crypto.SecretDumpFormat selectedFormat

The desired fromat in which to return the data

System.Boolean reveal

indicates whether the encrypted value for each secret should be decrypted and included with the output.

Returns
Type Description
System.Object

EncryptFile(String, String, Int32)

Encrypts the specified file. All file types are supported.

Declaration
public void EncryptFile(string inFile, string outFile, int wipeTimesToWrite = 0)
Parameters
Type Name Description
System.String inFile

The path to the file to be encrypted. Path must exist.

System.String outFile

he path in which to write the encrypted file.

System.Int32 wipeTimesToWrite

Performs n-pass forensic wipe of the disk sectors where the input file was stored.

EncryptText(String)

Encrypts the specified text expression

Declaration
public string EncryptText(string plaintext)
Parameters
Type Name Description
System.String plaintext

the text expression to be encrypted

Returns
Type Description
System.String

Base64-encoded ciphertext string

Exists()

Indicates whether the X509Alias already exists on the local system (meaning committed to storage)

Declaration
public bool Exists()
Returns
Type Description
System.Boolean

True if the X509Alias already exists on the local system

Export(ref String, Boolean, Boolean)

Exports this X509Alias to a Json-formatted file Note: This method does NOT export the encryption certificate or the associated key pair.

Declaration
public void Export(ref string exportPath, bool includeCert, bool overwriteExisting = false)
Parameters
Type Name Description
System.String exportPath

The path where the export file should be written (a .json extension is added if no file extension is specified)

System.Boolean includeCert
System.Boolean overwriteExisting

Indicates whether an existing file may be overwritten if a file should exist at the indicated export path

ExportCert(String)

Exports the encryption certificate contained in this alias to a Base64-encoded text file. The private key is not exported.

Declaration
public void ExportCert(string path)
Parameters
Type Name Description
System.String path

The fully-qualified path where the export file should be written

GetSecret(String)

Gets the ciphertext value for the specified secret from the current X509Alias

Declaration
public string GetSecret(string key)
Parameters
Type Name Description
System.String key

The identifier of the secret

Returns
Type Description
System.String

A Base64-encoded ciphertext expression

HasCert(X509Context)

Declaration
public bool HasCert(X509Context Context)
Parameters
Type Name Description
X509Context Context
Returns
Type Description
System.Boolean

Import(String, X509Context, String)

Imports the X509Alias from the specified Json file Note: This method does not import the encryption certificate or its associated key pair needed to work with the X509Alias.

Declaration
public static X509Alias Import(string importPath, X509Context Context, string newName = "")
Parameters
Type Name Description
System.String importPath

The path where the json file is located

X509Context Context

The X509Context in which to load the alias

System.String newName

If specified, the alias will be identified by the specified expression. Otherwise, the alias name imported from the json file will be used.

Returns
Type Description
X509Alias

RecoverSecret(String)

Recovers a secret from an X509Alias with the specified identifier

Declaration
public string RecoverSecret(string key)
Parameters
Type Name Description
System.String key

The identifier of the secret to be recovered

Returns
Type Description
System.String

The recovered, plaintext secret

ReEncrypt(String, X509Context)

Updates this X509Alias to use a new encryption certificate and key pair. The old certificate and key pair must still be available to perform this operation.

Declaration
public void ReEncrypt(string newThumbprint, X509Context newContext = null)
Parameters
Type Name Description
System.String newThumbprint

The SHA1 thumbprint of the new encryption certificate. The certificate and associated key pair must exist and be available in the specified X509Context

X509Context newContext

The X509Context where the new encryption certificate and key pair is located

ReEncryptFile(String, X509Alias)

Re-encrypts the specified file using this X509Alias

Declaration
public void ReEncryptFile(string inFile, X509Alias OldAlias)
Parameters
Type Name Description
System.String inFile

The path to the ciphertext file to re-encrypt

X509Alias OldAlias

The X509Alias which was previously used to encrypt the file

ReEncryptSecret(String, X509Alias)

Re-Encrypts a secret that is stored in a different X509Alias

Declaration
public string ReEncryptSecret(string secretName, X509Alias OldAlias)
Parameters
Type Name Description
System.String secretName

The identifier of the secret to be re-encrypted

X509Alias OldAlias

The X509Alias where the secret is stored

Returns
Type Description
System.String

A Base64-encoded ciphtertext string

ReEncryptText(String, X509Alias)

Re-Encrypts a ciphertext expression, currently encrypted in a different X509Alias, using this X509Alias

Declaration
public string ReEncryptText(string ciphertext, X509Alias OldAlias)
Parameters
Type Name Description
System.String ciphertext

The ciphertext expression to be reencrypted

X509Alias OldAlias

The identifier of the X509Alias where the input secret is located

Returns
Type Description
System.String

A Bas64-encoded ciphertext string

Remove(Boolean)

Removes this X509Alias from the file system

Declaration
public void Remove(bool deleteCert = false)
Parameters
Type Name Description
System.Boolean deleteCert

SecretExists(String)

Indicates whether a secret with the specified identifier exists within this X509Alias

Declaration
public bool SecretExists(string key)
Parameters
Type Name Description
System.String key

The secret identifier to check the X509Alias for

Returns
Type Description
System.Boolean

true if a secret with the specified identifier is found in this X509Alias

Back to top Generated by DocFX