Microsoft.Identity.Client.ManagedIdentity.KeyProviders.WindowsCngKeyOperations
Provides CNG-backed cryptographic key operations for Windows platforms, supporting both
CredentialGuard-protected keys (with VBS/TPM integration) and hardware-backed TPM/KSP keys
for managed identity authentication scenarios.
namespace Microsoft.Identity.Client.ManagedIdentity.KeyProviders
{
internal static class WindowsCngKeyOperations
{
public static bool TryGetOrCreateKeyGuard(ILoggerAdapter logger, out RSA rsa);
public static bool TryGetOrCreateHardwareRsa(ILoggerAdapter logger, out RSA rsa);
public static bool IsKeyGuardProtected(CngKey key);
}
}