dotConnect for PostgreSQL Documentation
Devart.Data.PostgreSql Namespace / MemCryptStorage Class
Members Example

In This Topic
    MemCryptStorage Class
    In This Topic
    This class represents an in-memory storage for keys and certificates for establishing a protected SSL or SSH connection. It allows you to upload certificates and keys into memory once when the application starts and don't load certificate and key from some external sources (for example, files) each time when a connection is opened.
    Syntax
    'Declaration
     
    Public Class MemCryptStorage 
    public class MemCryptStorage 
    Remarks

    Using memory to store certificates and keys improves security because user does not need to specify the place where the certificates are stored, only the certificates itself.

    Certificates and keys are passed to the MemCryptStorage class in the PEM format as binary raw or string. They can contain LF, CR/LF, or no line break as displayed below.

    1. *****BEGIN CERT....****\n
      AAAAAAAAAAAAAAAAAAAA\n
      BBBBBBBBBBBBBBBBBBBBBB\n
      ...
      *****END...*******\n
      
    2. *****BEGIN CERT....****\r\n
      AAAAAAAAAAAAAAAAAAAA\r\n
      BBBBBBBBBBBBBBBBBBBBBB\r\n
      ...
      *****END...*******\r\n
      
    3. *****BEGIN CERT....****AAAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBBBB...*****END...*******
      

    However, we don't recommend changing the original format of certificates. It is better to pass them as is.

    You can specify the certificates, stored in memory, in the connection string by using "memory://" storage, and the certificate or key id. For example: SSL CA Cert="memory://my_ca_id"

    Example
    This example demonstrates how to use MemCryptStorage .
    // add certificates and keys to the memory storage from files from temp directory
    MemCryptStorage.AddCa("my_ca", File.ReadAllBytes("D:\\Temp\\root.crt"));  
    MemCryptStorage.AddCert("my_cert", File.ReadAllBytes("D:\\Temp\\postgresql.crt"));  
    MemCryptStorage.AddKey("my_key", File.ReadAllBytes("D:\\Temp\\postgresql.key"));
    
    // now certificates can be removed from the disk
    
    // use specific id in memory instead real certificates in the ssl connection parameters
    
    string str = "host=localhost;port=5438;userid=postgres;pwd=postgres;database=test;schema=public;" +
    "Ssl Mode=Require; CA Cert=\"memory://my_ca\"; SSl Cert=\"memory://my_cert\";SSL Key=\"memory://my_key\"";
    PgSqlConnection conn = new PgSqlConnection(str);
    conn.Open();
    
    
    // Or you can use SSLOptions
    
    conn.SslOptions.SslMode = SslMode.Require;
    conn.SslOptions.CACert = "memory://my_ca";
    conn.SslOptions.Cert = "memory://my_cert";
    conn.SslOptions.Key = "memory://my_key";
    ' add certificates and keys to the memory storage from files from temp directory
    
    MemCryptStorage.AddCa("my_ca", File.ReadAllBytes("D:\Temp\root.crt"))
    MemCryptStorage.AddCert("my_cert", File.ReadAllBytes("D:\Temp\postgresql.crt"))
    MemCryptStorage.AddKey("my_key", File.ReadAllBytes("D:\Temp\postgresql.key"))
    
    ' now certificates can be removed from the disk
    
    ' use specific id in memory instead real certificates in the ssl connection parameters
    
    Dim str As String = "host=localhost;port=5438;userid=postgres;pwd=postgres;database=test;schema=public;" & _
            " CA Cert=""memory://my_ca""; SSl Cert=""memory://my_cert"";SSL Key=""memory://my_key"""
    Dim conn As New PgSqlConnection(str)
    conn.Open()
    
    
    ' Or you can use SSLOptions
    
    conn.SslOptions.SslMode = SslMode.Require
    conn.SslOptions.CACert = "memory://my_ca"
    conn.SslOptions.Cert = "memory://my_cert"
    conn.SslOptions.Key = "memory://my_key"
    Inheritance Hierarchy

    System.Object
       Devart.Data.PostgreSql.MemCryptStorage

    Requirements

    Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

    See Also