Class CryptographyClient | Azure SDK for .NET
Rachel Ross
Published Feb 15, 2026
A client used to perform cryptographic operations with Azure Key Vault keys.
Inheritance
System.Object
CryptographyClient
Namespace: System.Dynamic.ExpandoObject
Assembly: Azure.Security.KeyVault.Keys.dll
Syntax
public class CryptographyClient : Azure.Core.Cryptography.IKeyEncryptionKeyConstructors
CryptographyClient()
Declaration
protected CryptographyClient ();CryptographyClient(JsonWebKey)
Initializes a new instance of the CryptographyClient class. Cryptographic operations will be performed only on the local machine.
Declaration
public CryptographyClient (Azure.Security.KeyVault.Keys.JsonWebKey key);Parameters
Exceptions
| System.ArgumentNullException
|
| System.NotSupportedException The KeyType of |
CryptographyClient(JsonWebKey, LocalCryptographyClientOptions)
Initializes a new instance of the CryptographyClient class. Cryptographic operations will be performed only on the local machine.
Declaration
public CryptographyClient (Azure.Security.KeyVault.Keys.JsonWebKey key, Azure.Security.KeyVault.Keys.Cryptography.LocalCryptographyClientOptions options);Parameters
Exceptions
| System.ArgumentNullException
|
| System.NotSupportedException The KeyType of |
CryptographyClient(Uri, TokenCredential)
Declaration
public CryptographyClient (Uri keyId, Azure.Core.TokenCredential credential);Parameters
| System.Uri keyId The key identifier of the KeyVaultKey which will be used for cryptographic operations. If you have a key System.Uri, use KeyVaultKeyIdentifier to parse the VaultUri and other information. |
| Azure.Core.TokenCredential credential A Azure.Core.TokenCredential used to authenticate requests to the vault, like DefaultAzureCredential. |
Exceptions
| System.ArgumentNullException
|
CryptographyClient(Uri, TokenCredential, CryptographyClientOptions)
Declaration
public CryptographyClient (Uri keyId, Azure.Core.TokenCredential credential, Azure.Security.KeyVault.Keys.Cryptography.CryptographyClientOptions options);Parameters
Exceptions
| System.ArgumentNullException
|
| System.NotSupportedException The Version is not supported. |
Properties
KeyId
Gets the Id of the key used to perform cryptographic operations for the client.
Declaration
public virtual string KeyId { get; }Property Value
| System.String |
Methods
Decrypt(DecryptParameters, CancellationToken)
Decrypts the specified ciphertext.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.DecryptResult Decrypt (Azure.Security.KeyVault.Keys.Cryptography.DecryptParameters decryptParameters, System.Threading.CancellationToken cancellationToken = null);Parameters
| DecryptParameters decryptParameters A DecryptParameters containing the data to decrypt and other parameters for algorithm-dependent decryption. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| DecryptResult The result of the decrypt operation. The returned DecryptResult contains the encrypted data along with information regarding the algorithm and key used to decrypt it. |
Exceptions
| System.ArgumentException The specified algorithm does not match the key corresponding to the key identifier. |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
Decrypt(EncryptionAlgorithm, Byte[], CancellationToken)
Decrypts ciphertext.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.DecryptResult Decrypt (Azure.Security.KeyVault.Keys.Cryptography.EncryptionAlgorithm algorithm, byte[] ciphertext, System.Threading.CancellationToken cancellationToken = null);Parameters
| EncryptionAlgorithm algorithm The EncryptionAlgorithm to use. |
| System.Byte[] ciphertext The encrypted data to decrypt. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| DecryptResult The result of the decrypt operation. The returned DecryptResult contains the encrypted data along with information regarding the algorithm and key used to decrypt it. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
DecryptAsync(EncryptionAlgorithm, Byte[], CancellationToken)
Decrypts the specified ciphertext.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.DecryptResult> DecryptAsync (Azure.Security.KeyVault.Keys.Cryptography.EncryptionAlgorithm algorithm, byte[] ciphertext, System.Threading.CancellationToken cancellationToken = null);Parameters
| EncryptionAlgorithm algorithm The EncryptionAlgorithm to use. |
| System.Byte[] ciphertext The encrypted data to decrypt. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<DecryptResult> The result of the decrypt operation. The returned DecryptResult contains the encrypted data along with information regarding the algorithm and key used to decrypt it. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
DecryptAsync(DecryptParameters, CancellationToken)
Decrypts ciphertext.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.DecryptResult> DecryptAsync (Azure.Security.KeyVault.Keys.Cryptography.DecryptParameters decryptParameters, System.Threading.CancellationToken cancellationToken = null);Parameters
| DecryptParameters decryptParameters A DecryptParameters containing the data to decrypt and other parameters for algorithm-dependent decryption. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<DecryptResult> The result of the decrypt operation. The returned DecryptResult contains the encrypted data along with information regarding the algorithm and key used to decrypt it. |
Exceptions
| System.ArgumentException The specified algorithm does not match the key corresponding to the key identifier. |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
Encrypt(EncryptionAlgorithm, Byte[], CancellationToken)
Encrypts the specified plaintext.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.EncryptResult Encrypt (Azure.Security.KeyVault.Keys.Cryptography.EncryptionAlgorithm algorithm, byte[] plaintext, System.Threading.CancellationToken cancellationToken = null);Parameters
| EncryptionAlgorithm algorithm The EncryptionAlgorithm to use. |
| System.Byte[] plaintext The data to encrypt. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| EncryptResult An EncryptResult containing the encrypted data along with all other information needed to decrypt it. This information should be stored with the encrypted data. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
Encrypt(EncryptParameters, CancellationToken)
Encrypts plaintext.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.EncryptResult Encrypt (Azure.Security.KeyVault.Keys.Cryptography.EncryptParameters encryptParameters, System.Threading.CancellationToken cancellationToken = null);Parameters
| EncryptParameters encryptParameters An EncryptParameters containing the data to encrypt and other parameters for algorithm-dependent encryption. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| EncryptResult An EncryptResult containing the encrypted data along with all other information needed to decrypt it. This information should be stored with the encrypted data. |
Exceptions
| System.ArgumentException The specified algorithm does not match the key corresponding to the key identifier. |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
EncryptAsync(EncryptParameters, CancellationToken)
Encrypts plaintext.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.EncryptResult> EncryptAsync (Azure.Security.KeyVault.Keys.Cryptography.EncryptParameters encryptParameters, System.Threading.CancellationToken cancellationToken = null);Parameters
| EncryptParameters encryptParameters An EncryptParameters containing the data to encrypt and other parameters for algorithm-dependent encryption. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<EncryptResult> An EncryptResult containing the encrypted data along with all other information needed to decrypt it. This information should be stored with the encrypted data. |
Exceptions
| System.ArgumentException The specified algorithm does not match the key corresponding to the key identifier. |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
EncryptAsync(EncryptionAlgorithm, Byte[], CancellationToken)
Encrypts the specified plaintext.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.EncryptResult> EncryptAsync (Azure.Security.KeyVault.Keys.Cryptography.EncryptionAlgorithm algorithm, byte[] plaintext, System.Threading.CancellationToken cancellationToken = null);Parameters
| EncryptionAlgorithm algorithm The EncryptionAlgorithm to use. |
| System.Byte[] plaintext The data to encrypt. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<EncryptResult> An EncryptResult containing the encrypted data along with all other information needed to decrypt it. This information should be stored with the encrypted data. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
Sign(SignatureAlgorithm, Byte[], CancellationToken)
Signs the specified digest.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.SignResult Sign (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] digest, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. |
| System.Byte[] digest The pre-hashed digest to sign. The hash algorithm used to compute the digest must be compatible with the specified algorithm. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| SignResult The result of the sign operation. The returned SignResult contains the signature along with all other information needed to verify it. This information should be stored with the signature. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
SignAsync(SignatureAlgorithm, Byte[], CancellationToken)
Signs the specified digest.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.SignResult> SignAsync (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] digest, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. |
| System.Byte[] digest The pre-hashed digest to sign. The hash algorithm used to compute the digest must be compatible with the specified algorithm. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<SignResult> The result of the sign operation. The returned SignResult contains the signature along with all other information needed to verify it. This information should be stored with the signature. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
SignData(SignatureAlgorithm, Byte[], CancellationToken)
Signs the specified data.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.SignResult SignData (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] data, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. |
| System.Byte[] data The data to sign. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| SignResult The result of the sign operation. The returned SignResult contains the signature along with all other information needed to verify it. This information should be stored with the signature. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
SignData(SignatureAlgorithm, Stream, CancellationToken)
Signs the specified data.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.SignResult SignData (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, System.IO.Stream data, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. |
| System.IO.Stream data The data to sign. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| SignResult The result of the sign operation. The returned SignResult contains the signature along with all other information needed to verify it. This information should be stored with the signature. |
Exceptions
| System.ArgumentException The specified |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
SignDataAsync(SignatureAlgorithm, Stream, CancellationToken)
Signs the specified data.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.SignResult> SignDataAsync (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, System.IO.Stream data, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. |
| System.IO.Stream data The data to sign. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<SignResult> The result of the sign operation. The returned SignResult contains the signature along with all other information needed to verify it. This information should be stored with the signature. |
Exceptions
| System.ArgumentException The specified |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
SignDataAsync(SignatureAlgorithm, Byte[], CancellationToken)
Signs the specified data.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.SignResult> SignDataAsync (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] data, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. |
| System.Byte[] data The data to sign. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<SignResult> The result of the sign operation. The returned SignResult contains the signature along with all other information needed to verify it. This information should be stored with the signature. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
UnwrapKey(KeyWrapAlgorithm, Byte[], CancellationToken)
Decrypts the specified encrypted key.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.UnwrapResult UnwrapKey (Azure.Security.KeyVault.Keys.Cryptography.KeyWrapAlgorithm algorithm, byte[] encryptedKey, System.Threading.CancellationToken cancellationToken = null);Parameters
| KeyWrapAlgorithm algorithm The KeyWrapAlgorithm to use. |
| System.Byte[] encryptedKey The encrypted key. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| UnwrapResult The result of the unwrap operation. The returned UnwrapResult contains the key along with information regarding the algorithm and key used to unwrap it. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
UnwrapKeyAsync(KeyWrapAlgorithm, Byte[], CancellationToken)
Decrypts the specified encrypted key.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.UnwrapResult> UnwrapKeyAsync (Azure.Security.KeyVault.Keys.Cryptography.KeyWrapAlgorithm algorithm, byte[] encryptedKey, System.Threading.CancellationToken cancellationToken = null);Parameters
| KeyWrapAlgorithm algorithm The KeyWrapAlgorithm to use. |
| System.Byte[] encryptedKey The encrypted key. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<UnwrapResult> The result of the unwrap operation. The returned UnwrapResult contains the key along with information regarding the algorithm and key used to unwrap it. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
Verify(SignatureAlgorithm, Byte[], Byte[], CancellationToken)
Verifies the specified signature.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.VerifyResult Verify (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] digest, byte[] signature, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. This must be the same algorithm used to sign the digest. |
| System.Byte[] digest The pre-hashed digest corresponding to the signature. The hash algorithm used to compute the digest must be compatible with the specified algorithm. |
| System.Byte[] signature The signature to verify. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
VerifyAsync(SignatureAlgorithm, Byte[], Byte[], CancellationToken)
Verifies the specified signature.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.VerifyResult> VerifyAsync (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] digest, byte[] signature, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. This must be the same algorithm used to sign the digest. |
| System.Byte[] digest The pre-hashed digest corresponding to the signature. The hash algorithm used to compute the digest must be compatible with the specified algorithm. |
| System.Byte[] signature The signature to verify. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<VerifyResult> The result of the verify operation. If the signature is valid the IsValid property of the returned VerifyResult will be set to true. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
VerifyData(SignatureAlgorithm, Stream, Byte[], CancellationToken)
Verifies the specified signature.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.VerifyResult VerifyData (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, System.IO.Stream data, byte[] signature, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. This must be the same algorithm used to sign the data. |
| System.IO.Stream data The data corresponding to the signature. |
| System.Byte[] signature The signature to verify. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
Exceptions
| System.ArgumentException The specified |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
VerifyData(SignatureAlgorithm, Byte[], Byte[], CancellationToken)
Verifies the specified signature.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.VerifyResult VerifyData (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] data, byte[] signature, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. This must be the same algorithm used to sign the data. |
| System.Byte[] data The data corresponding to the signature. |
| System.Byte[] signature The signature to verify. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
Exceptions
| System.ArgumentException The specified |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
VerifyDataAsync(SignatureAlgorithm, Stream, Byte[], CancellationToken)
Verifies the specified signature.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.VerifyResult> VerifyDataAsync (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, System.IO.Stream data, byte[] signature, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. This must be the same algorithm used to sign the data. |
| System.IO.Stream data The data corresponding to the signature. |
| System.Byte[] signature The signature to verify. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<VerifyResult> The result of the verify operation. If the signature is valid the IsValid property of the returned VerifyResult will be set to true. |
Exceptions
| System.ArgumentException The specified |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
VerifyDataAsync(SignatureAlgorithm, Byte[], Byte[], CancellationToken)
Verifies the specified signature.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.VerifyResult> VerifyDataAsync (Azure.Security.KeyVault.Keys.Cryptography.SignatureAlgorithm algorithm, byte[] data, byte[] signature, System.Threading.CancellationToken cancellationToken = null);Parameters
| SignatureAlgorithm algorithm The SignatureAlgorithm to use. This must be the same algorithm used to sign the data. |
| System.Byte[] data The data corresponding to the signature. |
| System.Byte[] signature The signature to verify. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<VerifyResult> The result of the verify operation. If the signature is valid the IsValid property of the returned VerifyResult will be set to true. |
Exceptions
| System.ArgumentException The specified |
| System.ArgumentNullException
|
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
WrapKey(KeyWrapAlgorithm, Byte[], CancellationToken)
Encrypts the specified key.
Declaration
public virtual Azure.Security.KeyVault.Keys.Cryptography.WrapResult WrapKey (Azure.Security.KeyVault.Keys.Cryptography.KeyWrapAlgorithm algorithm, byte[] key, System.Threading.CancellationToken cancellationToken = null);Parameters
| KeyWrapAlgorithm algorithm The KeyWrapAlgorithm to use. |
| System.Byte[] key The key to encrypt. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| WrapResult The result of the wrap operation. The returned WrapResult contains the wrapped key along with all other information needed to unwrap it. This information should be stored with the wrapped key. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
WrapKeyAsync(KeyWrapAlgorithm, Byte[], CancellationToken)
Encrypts the specified key.
Declaration
[System.Diagnostics.DebuggerStepThrough]
public virtual System.Threading.Tasks.Task<Azure.Security.KeyVault.Keys.Cryptography.WrapResult> WrapKeyAsync (Azure.Security.KeyVault.Keys.Cryptography.KeyWrapAlgorithm algorithm, byte[] key, System.Threading.CancellationToken cancellationToken = null);Parameters
| KeyWrapAlgorithm algorithm The KeyWrapAlgorithm to use. |
| System.Byte[] key The key to encrypt. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken to cancel the operation. |
Returns
| System.Threading.Tasks.Task<WrapResult> The result of the wrap operation. The returned WrapResult contains the wrapped key along with all other information needed to unwrap it. This information should be stored with the wrapped key. |
Exceptions
| System.ArgumentException The specified |
| System.Security.Cryptography.CryptographicException The local cryptographic provider threw an exception. |
| System.InvalidOperationException The key is invalid for the current operation. |
| System.NotSupportedException The operation is not supported with the specified key. |
| Azure.RequestFailedException The server returned an error. See System.Exception.Message for details returned from the server. |
Explicit Interface Implementations
IKeyEncryptionKey.UnwrapKey(String, ReadOnlyMemory<Byte>, CancellationToken)
Decrypts the specified encrypted key using the specified algorithm.
Declaration
byte[] IKeyEncryptionKey.UnwrapKey (string algorithm, ReadOnlyMemory<byte> encryptedKey, System.Threading.CancellationToken cancellationToken);Parameters
| System.String algorithm The key wrap algorithm which was used to encrypt the specified encrypted key. |
| System.ReadOnlyMemory<System.Byte> encryptedKey The encrypted key to be decrypted. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken controlling the request lifetime. |
Returns
| System.Byte[] The decrypted key bytes. |
IKeyEncryptionKey.UnwrapKeyAsync(String, ReadOnlyMemory<Byte>, CancellationToken)
Decrypts the specified encrypted key using the specified algorithm.
Declaration
[System.Diagnostics.DebuggerStepThrough]
System.Threading.Tasks.Task<byte[]> IKeyEncryptionKey.UnwrapKeyAsync (string algorithm, ReadOnlyMemory<byte> encryptedKey, System.Threading.CancellationToken cancellationToken);Parameters
| System.String algorithm The key wrap algorithm which was used to encrypt the specified encrypted key. |
| System.ReadOnlyMemory<System.Byte> encryptedKey The encrypted key to be decrypted. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken controlling the request lifetime. |
Returns
| System.Threading.Tasks.Task<System.Byte[]> The decrypted key bytes. |
IKeyEncryptionKey.WrapKey(String, ReadOnlyMemory<Byte>, CancellationToken)
Encrypts the specified key using the specified algorithm.
Declaration
byte[] IKeyEncryptionKey.WrapKey (string algorithm, ReadOnlyMemory<byte> key, System.Threading.CancellationToken cancellationToken);Parameters
| System.String algorithm The key wrap algorithm used to encrypt the specified key. |
| System.ReadOnlyMemory<System.Byte> key The key to be encrypted. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken controlling the request lifetime. |
Returns
| System.Byte[] The encrypted key bytes. |
IKeyEncryptionKey.WrapKeyAsync(String, ReadOnlyMemory<Byte>, CancellationToken)
Encrypts the specified key using the specified algorithm.
Declaration
[System.Diagnostics.DebuggerStepThrough]
System.Threading.Tasks.Task<byte[]> IKeyEncryptionKey.WrapKeyAsync (string algorithm, ReadOnlyMemory<byte> key, System.Threading.CancellationToken cancellationToken);Parameters
| System.String algorithm The key wrap algorithm used to encrypt the specified key. |
| System.ReadOnlyMemory<System.Byte> key The key to be encrypted. |
| System.Threading.CancellationToken cancellationToken A System.Threading.CancellationToken controlling the request lifetime. |
Returns
| System.Threading.Tasks.Task<System.Byte[]> The encrypted key bytes. |
