Exporting Versioned Key
You can export the default version, a specific version, or all key versions.
Enum KeyType is defined as:
public enum KeyType
{
Public = 0,
PublicPrivate = 1,
None = 2
}
For symmetric keys, use KeyType.None
.
For asymmetric keys, use KeyType.Public
to get only the public key.
Use KeyType.PublicPrivate
to get both the public and private components.
To export all versions of a key
Call the
ExportKey
method from theNaeKeyManagement
class.NaeKeyManagement nkm = new NaeKeyManagement(session);
Pass the key name,
allVersions
astrue
, and key type as an argument that you want to export.For symmetric key
var key_allVersions = nkm.ExportKey("Example_Rijndael_key", true, NaeKeyManagement.KeyType.None);
For asymmetric public key
var key_allVersions = nkm.ExportKey("Example_Rijndael_key", true, NaeKeyManagement.KeyType.Public);
For asymmetric public private key
var key_allVersions = nkm.ExportKey("Example_Rijndael_key", true, NaeKeyManagement.KeyType.PublicPrivate);
The return type of an
ExportKey
is an arrayVersionedKey[]
. TheVersionedKey
class consists of the following properties to store the key bytes of a particular version.int Version; byte[] KeyBytes;
To export a specific version of the key
Method 1 - pass the version number as a parameter
Call the
ExportKey
method from theNaeKeyManagement
class.NaeKeyManagement nkm = new NaeKeyManagement(session);
Pass the key name, allVersions as
false
, and key type as an argument that you want to export.For symmetric key
var keyVersion_3 = nkm.ExportKey("Example_Rijndael_key", false, NaeKeyManagement.KeyType.None, 3);
For asymmetric public key
var keyVersion_3 = nkm.ExportKey("Example_Rijndael_key", false, NaeKeyManagement.KeyType.Public, 3);
For asymmetric public private key
var keyVersion_3 = nkm.ExportKey("Example_Rijndael_key", false, NaeKeyManagement.KeyType.PublicPrivate, 3);
The return type of an
ExportKey
is an arrayVersionedKey[]
. TheVersionedKey
class consists of the following properties to store the key bytes of a particular version.int Version; byte[] KeyBytes;
Method 2 - pass the version number with the key name
NaeKeyManagement nkm = new NaeKeyManagement(session);
nkm.ExportKey("Example_RSA_key#2", NaeKeyManagement.KeyType.Public);
Note
When any specific version is not passed in the key export request, the latest active version of that key is exported.
When a key has multiple versions and each version is used to encrypt the data; thereby creating multiple encrypted bytes.
When you decrypt the encrypted bytes and do not pass any version or pass the different version of the key in the request, then the version number is ignored, and the operation automatically identifies the key version from the header of the data.