Document Pkcs12Info #2914
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -15,7 +15,7 @@ | |
| </Base> | ||
| <Interfaces /> | ||
| <Docs> | ||
| <summary>Represents the data from PKCS#12 PFX contents.</summary> | ||
| <remarks>To be added.</remarks> | ||
| </Docs> | ||
| <Members> | ||
|
|
@@ -36,8 +36,8 @@ | |
| <ReturnType>System.Collections.ObjectModel.ReadOnlyCollection<System.Security.Cryptography.Pkcs.Pkcs12SafeContents></ReturnType> | ||
| </ReturnValue> | ||
| <Docs> | ||
| <summary>Gets a read-only collection of the SafeContents values present in the PFX AuthenticatedSafe.</summary> | ||
| <value>A read-only collection of the SafeContents values present in the PFX AuthenticatedSafe.</value> | ||
| <remarks>To be added.</remarks> | ||
| </Docs> | ||
| </Member> | ||
|
|
@@ -62,12 +62,25 @@ | |
| <Parameter Name="skipCopy" Type="System.Boolean" /> | ||
| </Parameters> | ||
| <Docs> | ||
| <param name="encodedBytes">The data to interpret as a PKCS#12 PFX.</param> | ||
| <param name="bytesConsumed">When this method returns, contains a value that indicates the number of bytes from <paramref name="encodedBytes"/> which were read by this method. This parameter is treated as uninitialized.</param> | ||
| <param name="skipCopy"><see langword="true"/> to store <paramref name="encodedBytes"/> without making a defensive copy; otherwise <see langword="false"/>. The default is <see langword="false"/>.</param> | ||
| <summary>Reads the provided data as a PKCS#12 PFX and returns an object view of the contents.</summary> | ||
| <returns>An object view of the PKCS#12 PFX decoded from the input.</returns> | ||
| <remarks> | ||
| <format type="text/markdown"><![CDATA[ | ||
|
|
||
| ## Remarks | ||
|
|
||
| The default behavior of this method is to make a defensive copy of the first `bytesConsumed` bytes from `encodedBytes`. | ||
| When the `skipCopy` parameter is `true` this defensive copy is skipped. | ||
| If the defensive copy is skipped and the contents of the first `bytesConsumed` bytes of `encodedBytes` change during the lifetime of the returned value, or any object produced by its | ||
| methods or properties, then methods and properties on those objects may produce nonsense answers or throw exceptions due to the corrupted state. | ||
| Callers are therefore advised to only use a `true` value for the `skipCopy` parameter when they can be reasonably assured that the data will stay intact. | ||
|
|
||
| ]]></format> | ||
| </remarks> | ||
| <exception cref="T:System.Security.Cryptography.CryptographicException">The contents of the <paramref name="encodedBytes"/> parameter were not successfully decoded as a PKCS#12 PFX.</exception> | ||
| </Docs> | ||
| </Member> | ||
| <Member MemberName="IntegrityMode"> | ||
|
|
@@ -87,8 +100,8 @@ | |
| <ReturnType>System.Security.Cryptography.Pkcs.Pkcs12IntegrityMode</ReturnType> | ||
| </ReturnValue> | ||
| <Docs> | ||
| <summary>Gets a value that indicates the type of tamper protection provided for the <see cref="P:System.Security.Cryptography.Pkcs.Pkcs12Info.AuthenticatedSafe"/> contents.</value> | ||
| <value>One of the enumeration members that indicates the type of tamper protection provided for the <see cref="P:System.Security.Cryptography.Pkcs.Pkcs12Info.AuthenticatedSafe"/> contents.</value> | ||
| <remarks>To be added.</remarks> | ||
| </Docs> | ||
| </Member> | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
@@ -112,10 +125,27 @@ | |
| <Parameter Name="password" Type="System.ReadOnlySpan<System.Char>" /> | ||
| </Parameters> | ||
| <Docs> | ||
| <param name="password">The password to use to attempt to verify integrity.</param> | ||
| <summary>Attempts to verify the integrity of the <see cref="P:System.Security.Cryptography.Pkcs12.Pkcs12Info.AuthenticatedSafe"/> contents with a password represented by a <see cref="T:System.ReadOnlySpan{System.Char}"/>.</summary> | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| <returns><see langword="true"/> if the password successfully verifies the integrity of the <see cref="P:System.Security.Cryptography.Pkcs12.Pkcs12Info.AuthenticatedSafe"/> contents; <see langword="false"/> if the password is not correct or the contents have been altered.</returns> | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| <remarks> | ||
| <format type="text/markdown"><![CDATA[ | ||
|
|
||
| ## Remarks | ||
|
There was a problem hiding this comment. The first two paragraphs of each overload are good candidates to put in the MemberGroup section. |
||
|
|
||
| It is not possible to distingush the error of the password being incorrect from the error of the contents having been altered. | ||
|
|
||
| It is usually the case that a password-protected PFX uses the same password for the MAC algorithm providing integrity and the encryption algorithm providing confidentiality, | ||
| but the file format does not make that a requirement. | ||
| Therefore, there is no guarantee that a password which results in a `true` return from this method will succeed on a call to <xref:System.Security.Cryptography.Pkcs12.Pkcs12SafeContents.Decrypt%2A>. | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| In the PKCS#12 specification a distinction is made between a `null` password and an "empty" password, and that difference is reflected in the return value of this method. | ||
| <xref:System.ReadOnlySpan{System.Char}.Empty> represents the `null` password and `String.Empty.AsSpan()` represents the "empty" password. If one of those two values returns `true` the other will not. | ||
|
|
||
| ]]></format> | ||
| </remarks> | ||
| <exception cref="T:System.InvalidOperationException">The <see cref="P:System.Security.Cryptography.Pkcs12.Pkcs12Info.IntegrityMode"/> value is not <see cref="F:System.Security.Cryptography.Pkcs12.Pkcs12IntegrityMode.Password"/>.</exception> | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| <exception cref="T:System.Security.Cryptography.CryptographicException">The hash algorithm option specified by the PKCS#12 PFX contents could not be identified or is not supported by this platform.</exception> | ||
| </Docs> | ||
| </Member> | ||
| <Member MemberName="VerifyMac"> | ||
|
There was a problem hiding this comment. @mairaw or @rpetrusha : This file doesn't have a MethodGroup entry for this overloaded member (and I feel like I've seen other new API in that state). I don't know if that means a) we're not bothering with them, b) there's an error in the ingestor which results in it not producing them c) there's an error in the validator that makes it not report them as missing d) other e) some multiple combination of a-d. There was a problem hiding this comment. You mean the MemberGroup element to add summary, remarks, etc. that apply to all overloads? When we want to avoid repeating the same text, we manually add them. If I misunderstood, please let me know. There was a problem hiding this comment. It seems, though, that the <summary> element of a member group is ignored if there aren't some <AssemblyInfo> elements present. |
||
|
|
@@ -138,11 +168,28 @@ | |
| <Parameter Name="password" Type="System.String" /> | ||
| </Parameters> | ||
| <Docs> | ||
| <param name="password">The password to use to attempt to verify integrity.</param> | ||
| <summary>Attempts to verify the integrity of the <see cref="P:System.Security.Cryptography.Pkcs12.Pkcs12Info.AuthenticatedSafe"/> contents with a password represented by a <see cref="T:System.String"/>.</summary> | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| <returns><see langword="true"/> if the password successfully verifies the integrity of the <see cref="P:System.Security.Cryptography.Pkcs12.Pkcs12Info.AuthenticatedSafe"/> contents; <see langword="false"/> if the password is not correct or the contents have been altered.</returns> | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| <remarks> | ||
| <format type="text/markdown"><![CDATA[ | ||
|
|
||
| ## Remarks | ||
|
|
||
| It is not possible to distingush the error of the password being incorrect from the error of the contents having been altered. | ||
|
|
||
| It is usually the case that a password-protected PFX uses the same password for the MAC algorithm providing integrity and the encryption algorithm providing confidentiality, | ||
| but the file format does not make that a requirement. | ||
| Therefore, there is no guarantee that a password which results in a `true` return from this method will succeed on a call to <xref:System.Security.Cryptography.Pkcs12.Pkcs12SafeContents.Decrypt%2A>. | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| In the PKCS#12 specification a distinction is made between a `null` password and an "empty" password, and that difference is reflected in the return value of this method. | ||
| If the `null` string returns `true` then <xref:System.String.Empty> will return `false`, and vice versa. | ||
|
|
||
| ]]></format> | ||
| </remarks> | ||
| <exception cref="T:System.InvalidOperationException">The <see cref="P:System.Security.Cryptography.Pkcs12.Pkcs12Info.IntegrityMode"/> value is not <see cref="F:System.Security.Cryptography.Pkcs12.Pkcs12IntegrityMode.Password"/>.</exception> | ||
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
bartonjs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| <exception cref="T:System.Security.Cryptography.CryptographicException">The hash algorithm option specified by the PKCS#12 PFX contents could not be identified or is not supported by this platform.</exception> | ||
| </Docs> | ||
| </Member> | ||
| </Members> | ||
| </Type> | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.