MemCryptStorage Class

In This Topic

Syntax
Remarks
Example
Inheritance Hierarchy
Requirements
See Also

This class represents an in-memory storage for keys and certificates for establishing a protected SSL or SSH connection. It allows you to upload certificates and keys into memory once when the application starts and don't load certificate and key from some external sources (for example, files) each time when a connection is opened.

Syntax

Visual Basic
C#

public class MemCryptStorage

'Declaration
 
Public Class MemCryptStorage

Remarks

Using memory to store certificates and keys improves security because user does not need to specify the place where the certificates are stored, only the certificates itself.

Certificates and keys are passed to the MemCryptStorage class in the PEM format as binary raw or string. They can contain LF, CR/LF, or no line break as displayed below.

*****BEGIN CERT....****\n
AAAAAAAAAAAAAAAAAAAA\n
BBBBBBBBBBBBBBBBBBBBBB\n
...
*****END...*******\n

*****BEGIN CERT....****\r\n
AAAAAAAAAAAAAAAAAAAA\r\n
BBBBBBBBBBBBBBBBBBBBBB\r\n
...
*****END...*******\r\n

*****BEGIN CERT....****AAAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBBBB...*****END...*******

However, we don't recommend changing the original format of certificates. It is better to pass them as is.

You can specify the certificates, stored in memory, in the connection string by using "memory://" storage, and the certificate or key id. For example: SSL CA Cert="memory://my_ca_id"

Example

This example demonstrates how to use MemCryptStorage .

csharp

// add certificates and keys to the memory storage from files from temp directory
MemCryptStorage.AddCa("my_ca", File.ReadAllBytes("D:\\Temp\\root.crt"));  
MemCryptStorage.AddCert("my_cert", File.ReadAllBytes("D:\\Temp\\postgresql.crt"));  
MemCryptStorage.AddKey("my_key", File.ReadAllBytes("D:\\Temp\\postgresql.key"));

// now certificates can be removed from the disk

// use specific id in memory instead real certificates in the ssl connection parameters

string str = "host=localhost;port=5438;userid=postgres;pwd=postgres;database=test;schema=public;" +
"Ssl Mode=Require; CA Cert=\"memory://my_ca\"; SSl Cert=\"memory://my_cert\";SSL Key=\"memory://my_key\"";
PgSqlConnection conn = new PgSqlConnection(str);
conn.Open();


// Or you can use SSLOptions

conn.SslOptions.SslMode = SslMode.Require;
conn.SslOptions.CACert = "memory://my_ca";
conn.SslOptions.Cert = "memory://my_cert";
conn.SslOptions.Key = "memory://my_key";

Visual Basic

' add certificates and keys to the memory storage from files from temp directory

MemCryptStorage.AddCa("my_ca", File.ReadAllBytes("D:\Temp\root.crt"))
MemCryptStorage.AddCert("my_cert", File.ReadAllBytes("D:\Temp\postgresql.crt"))
MemCryptStorage.AddKey("my_key", File.ReadAllBytes("D:\Temp\postgresql.key"))

' now certificates can be removed from the disk

' use specific id in memory instead real certificates in the ssl connection parameters

Dim str As String = "host=localhost;port=5438;userid=postgres;pwd=postgres;database=test;schema=public;" & _
        " CA Cert=""memory://my_ca""; SSl Cert=""memory://my_cert"";SSL Key=""memory://my_key"""
Dim conn As New PgSqlConnection(str)
conn.Open()


' Or you can use SSLOptions

conn.SslOptions.SslMode = SslMode.Require
conn.SslOptions.CACert = "memory://my_ca"
conn.SslOptions.Cert = "memory://my_cert"
conn.SslOptions.Key = "memory://my_key"

Inheritance Hierarchy

System.Object
Devart.Data.PostgreSql.MemCryptStorage

Requirements

Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

Reference

MemCryptStorage Members
Devart.Data.PostgreSql Namespace

Send Feedback