User Guide
Quick Start
Tasks
- Upgrade from PA/CAP to CADP
- Create an NAE Session
- Setting up SSL with CipherTrust Manager
- Add Multiple CipherTrust Manager Servers
- Key Operations
  - Creating a Key
  - Creating a New Version of the Versioned Key
  - Using a Versioned Key to Decrypt, SignV, and MACV
  - Getting an Instance of a Key Object
  - Alternative Method to Get an Instance of a Key Object
  - Deleting a Key using the Key Name
  - Exporting a Key
  - Exporting a Wrapped Key
  - Setting a Key Mode and Padding
  - Getting Attributes of a Key
  - Exporting Versioned Key
  - Fetching Key Version using ID
- Generate and Verify MAC
- Encrypt a String Using an AES Key
- Decrypt a String Using an AES Key
- Encrypt a String Using an RSA Key
- Decrypt a String Using an RSA Key
- Encrypting/Decrypting a File
- Sign and SignVerify Data using an EC Key
- Sign and SignVerify Data using an RSA Key
- Enable Connection Pooling
- Enable Symmetric Key Caching
- Enable Asymmetric Key Caching
- Set Logging Parameters
- Change the Default Value of Connection Timeout
- Setting Transaction ID in Logs
- Logging to Syslog Server
Advanced Topics
- Configuration
  - Network Configuration Parameters
  - Connection Configuration Parameters
  - Caching Parameters
  - Logging Parameters
  - Syslog Advanced Configuration Parameters
  - SSL Configuration Parameters
  - Miscellaneous Configuration Parameters
- Connection Pooling
- Load Balancing Group
- Multi-tier Load Balancing Group
- Symmetric/Asymmetric Key Caching
- Persistent Key Caching
- Supported Services & Operations
- Supported Algorithms
- NAE Supported Functions
  - Supporting Calls
  - Connection Calls
  - Key-related Calls
  - MAC/Hash-related Calls
  - Security Considerations
- Format Preserving Encryption
- FPE/AES/Unicode Cardinality Block-Size Table
- API Definitions
- Key Permissions on Groups
- CryptoDataUtility
Troubleshooting

Creating a Key

CADP for .NET Core supports creation of the following keys:

AES
DESede
HMAC
RSA
EC

For example, let's create a 128-bit AES key:

Create a new key object of NaeRijndaelKey.


NaeRijndaelKey rijndaelKey = new NaeRijndaelKey(session);

Set the key size to 128-bit.
```
rijndaelKey.KeySize = 128;
```

Set the key properties to make the key deletable and exportable.


rijndaelKey.IsDeletable = true;
rijndaelKey.IsExportable = true;

Generate the key using GenerateKey() function and specify the key name.
```
rijndaelKey.GenerateKey(keyName);
```
It creates a key on the CipherTrust Manager server with the specified key name.

Similarly, you can create DESede, RSA, HMAC, EC, and AES/GCM keys using NaeTripleDesKey, NaeRsaKey, NaeHmacKey,NaeECIESKey, and NaeAesGcm classes respectively.

Note

For AES/GCM key, there is an additional property named as TagLen, range: 12-16 bytes.

To create a versioned key, append the key name with #. For Example, GenerateKey("keyName#");

Suggest A Change

Creating a Key

On this page