Interface IPoPCryptoProvider

Namespace: Microsoft.Identity.Client.AuthScheme.PoP

Assembly: Microsoft.Identity.Client.dll

An abstraction over an the asymmetric key operations needed by POP, that encapsulates a pair of public and private keys and some typical crypto operations. All symmetric operations are SHA256.

public interface IPoPCryptoProvider

Remarks

Important: The 2 methods on this interface will be called at different times but MUST return details of the same private / public key pair, i.e. do not change to a different key pair mid way. Best to have this class immutable.

Ideally there should be a single public / private key pair associated with a machine, so implementers of this interface should consider exposing a singleton.

Properties

CannonicalPublicKeyJwk

The canonical representation of the JWK.
See https://tools.ietf.org/html/rfc7638#section-3

string CannonicalPublicKeyJwk { get; }

Property Value

string

CryptographicAlgorithm

Algorithm used to sign proof of possession request. See EC algorithms for ECD. See RSA algorithms for RSA.

string CryptographicAlgorithm { get; }

Property Value

string

Methods

Sign(byte[])

Signs the byte array using the private key

byte[] Sign(byte[] data)

Parameters

data byte[]

Returns

byte[]

Table of Contents

Interface IPoPCryptoProvider

Remarks

Properties

CannonicalPublicKeyJwk

Property Value

CryptographicAlgorithm

Property Value

Methods

Sign(byte[])

Parameters

Returns