Pkcs12Builder.SealWithMac Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
SealWithMac(ReadOnlySpan<Char>, HashAlgorithmName, Int32) |
Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a span. |
SealWithMac(String, HashAlgorithmName, Int32) |
Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a string. |
SealWithMac(ReadOnlySpan<Char>, HashAlgorithmName, Int32)
- Source:
- Pkcs12Builder.cs
- Source:
- Pkcs12Builder.cs
Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a span.
public:
void SealWithMac(ReadOnlySpan<char> password, System::Security::Cryptography::HashAlgorithmName hashAlgorithm, int iterationCount);
public void SealWithMac (ReadOnlySpan<char> password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount);
member this.SealWithMac : ReadOnlySpan<char> * System.Security.Cryptography.HashAlgorithmName * int -> unit
Public Sub SealWithMac (password As ReadOnlySpan(Of Char), hashAlgorithm As HashAlgorithmName, iterationCount As Integer)
Parameters
- password
- ReadOnlySpan<Char>
The password to use as a key for computing the MAC.
- hashAlgorithm
- HashAlgorithmName
The hash algorithm to use when computing the MAC.
- iterationCount
- Int32
The iteration count for the Key Derivation Function (KDF) used in computing the MAC.
Exceptions
The iterationCount
parameter is less than or equal to 0.
The PFX is already sealed (IsSealed is true
).
Remarks
Any hash algorithm that this method accepts can be processed by the Pkcs12Info class. Some choices of hash algorithm may cause failures in X509Certificate2 or X509Certificate2Collection.Import on some operating systems, because these methods depend on system libraries for support.
The hash algorithm used on a fresh installation of Windows 7 when exporting via Export as a PKCS#12 PFX is SHA1 with an iteration count of 2000. Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better; however, some PFX readers may only support SHA1.
Applies to
SealWithMac(String, HashAlgorithmName, Int32)
- Source:
- Pkcs12Builder.cs
- Source:
- Pkcs12Builder.cs
Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a string.
public:
void SealWithMac(System::String ^ password, System::Security::Cryptography::HashAlgorithmName hashAlgorithm, int iterationCount);
public void SealWithMac (string? password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount);
public void SealWithMac (string password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount);
member this.SealWithMac : string * System.Security.Cryptography.HashAlgorithmName * int -> unit
Public Sub SealWithMac (password As String, hashAlgorithm As HashAlgorithmName, iterationCount As Integer)
Parameters
- password
- String
The password to use as a key for computing the MAC.
- hashAlgorithm
- HashAlgorithmName
The hash algorithm to use when computing the MAC.
- iterationCount
- Int32
The iteration count for the Key Derivation Function (KDF) used in computing the MAC.
Exceptions
The iterationCount
parameter is less than or equal to 0.
The PFX is already sealed (IsSealed is true
).
Remarks
Any hash algorithm that this method accepts can be processed by the Pkcs12Info class. Some choices of hash algorithm may cause failures in X509Certificate2 or X509Certificate2Collection.Import on some operating systems, because these methods depend on system libraries for support.
The hash algorithm used on a fresh installation of Windows 7 when exporting via X509Certificate.Export as a PKCS#12 PFX is SHA1 with an iteration count of 2000. Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better; however, some PFX readers may only support SHA1.