Table of Contents

Class ManagedKeySigningOptions

Namespace
AsiBackbone.Signing.ManagedKey
Assembly
AsiBackbone.Signing.ManagedKey.dll

Configures the managed-key signing provider.

public sealed class ManagedKeySigningOptions
Inheritance
ManagedKeySigningOptions
Inherited Members

Remarks

The options carry provider-neutral key references and operational behavior. They must not contain private keys, credentials, connection strings, client secrets, or managed identity tokens.

Fields

DefaultHashAlgorithm

Gets the default supported hash algorithm descriptor.

public const string DefaultHashAlgorithm = "SHA-256"

Field Value

string

DefaultProviderName

Gets the default provider descriptor returned in signing metadata.

public const string DefaultProviderName = "managed-key"

Field Value

string

DefaultSignatureAlgorithm

Gets the default provider-neutral signature algorithm descriptor.

public const string DefaultSignatureAlgorithm = "RSASSA-PKCS1-v1_5-SHA256-MANAGED-KEY"

Field Value

string

Properties

HashAlgorithm

Gets or sets the hash algorithm expected on incoming signing requests.

public string HashAlgorithm { get; set; }

Property Value

string

KeyId

Gets or sets the managed key identifier or key URI reference.

public string KeyId { get; set; }

Property Value

string

KeyVersion

Gets or sets the managed key version expected for signing.

public string? KeyVersion { get; set; }

Property Value

string

MaxRetryAttempts

Gets or sets the maximum number of retry attempts after the initial managed-key signing call.

public int MaxRetryAttempts { get; set; }

Property Value

int

ProviderName

Gets or sets the provider descriptor returned in signing metadata.

public string ProviderName { get; set; }

Property Value

string

RequireKeyVersion

Gets or sets a value indicating whether signing requests must specify or resolve a key version.

public bool RequireKeyVersion { get; set; }

Property Value

bool

RetryDelay

Gets or sets the delay between retry attempts.

public TimeSpan RetryDelay { get; set; }

Property Value

TimeSpan

ReturnUnsignedOnFailure

Gets or sets a value indicating whether signing failures should return unsigned metadata instead of throwing.

public bool ReturnUnsignedOnFailure { get; set; }

Property Value

bool

SignatureAlgorithm

Gets or sets the provider-neutral signature algorithm descriptor requested from the managed-key client.

public string SignatureAlgorithm { get; set; }

Property Value

string

Methods

Create(string, string?, string?, string?, string?, bool, bool, int, TimeSpan?)

Creates managed-key signing options.

public static ManagedKeySigningOptions Create(string keyId, string? keyVersion = null, string? providerName = null, string? signatureAlgorithm = null, string? hashAlgorithm = null, bool requireKeyVersion = true, bool returnUnsignedOnFailure = true, int maxRetryAttempts = 2, TimeSpan? retryDelay = null)

Parameters

keyId string
keyVersion string
providerName string
signatureAlgorithm string
hashAlgorithm string
requireKeyVersion bool
returnUnsignedOnFailure bool
maxRetryAttempts int
retryDelay TimeSpan?

Returns

ManagedKeySigningOptions

Validate()

Validates the managed-key signing options.

public void Validate()