Edit

Share via


Pkcs12Builder.SealWithMac Method

Definition

Overloads

SealWithMac(ReadOnlySpan<Char>, HashAlgorithmName, Int32)

Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a span.

SealWithMac(String, HashAlgorithmName, Int32)

Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a string.

SealWithMac(ReadOnlySpan<Char>, HashAlgorithmName, Int32)

Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs

Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a span.

public:
 void SealWithMac(ReadOnlySpan<char> password, System::Security::Cryptography::HashAlgorithmName hashAlgorithm, int iterationCount);
public void SealWithMac (ReadOnlySpan<char> password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount);
member this.SealWithMac : ReadOnlySpan<char> * System.Security.Cryptography.HashAlgorithmName * int -> unit
Public Sub SealWithMac (password As ReadOnlySpan(Of Char), hashAlgorithm As HashAlgorithmName, iterationCount As Integer)

Parameters

password
ReadOnlySpan<Char>

The password to use as a key for computing the MAC.

hashAlgorithm
HashAlgorithmName

The hash algorithm to use when computing the MAC.

iterationCount
Int32

The iteration count for the Key Derivation Function (KDF) used in computing the MAC.

Exceptions

The iterationCount parameter is less than or equal to 0.

The PFX is already sealed (IsSealed is true).

Remarks

Any hash algorithm that this method accepts can be processed by the Pkcs12Info class. Some choices of hash algorithm may cause failures in X509Certificate2 or X509Certificate2Collection.Import on some operating systems, because these methods depend on system libraries for support.

The hash algorithm used on a fresh installation of Windows 7 when exporting via Export as a PKCS#12 PFX is SHA1 with an iteration count of 2000. Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better; however, some PFX readers may only support SHA1.

Applies to

SealWithMac(String, HashAlgorithmName, Int32)

Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs
Source:
Pkcs12Builder.cs

Seals the PFX against further changes by applying a password-based Message Authentication Code (MAC) over the contents with a password from a string.

public:
 void SealWithMac(System::String ^ password, System::Security::Cryptography::HashAlgorithmName hashAlgorithm, int iterationCount);
public void SealWithMac (string? password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount);
public void SealWithMac (string password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount);
member this.SealWithMac : string * System.Security.Cryptography.HashAlgorithmName * int -> unit
Public Sub SealWithMac (password As String, hashAlgorithm As HashAlgorithmName, iterationCount As Integer)

Parameters

password
String

The password to use as a key for computing the MAC.

hashAlgorithm
HashAlgorithmName

The hash algorithm to use when computing the MAC.

iterationCount
Int32

The iteration count for the Key Derivation Function (KDF) used in computing the MAC.

Exceptions

The iterationCount parameter is less than or equal to 0.

The PFX is already sealed (IsSealed is true).

Remarks

Any hash algorithm that this method accepts can be processed by the Pkcs12Info class. Some choices of hash algorithm may cause failures in X509Certificate2 or X509Certificate2Collection.Import on some operating systems, because these methods depend on system libraries for support.

The hash algorithm used on a fresh installation of Windows 7 when exporting via X509Certificate.Export as a PKCS#12 PFX is SHA1 with an iteration count of 2000. Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better; however, some PFX readers may only support SHA1.

Applies to