====== CryptoConfig Class ======

Static configuration class for global PQ crypto settings.

----

===== Definition =====

<code csharp>
namespace WvdS.System.Security.Cryptography

public static class CryptoConfig
</code>

----

===== Properties =====

^  Name  ^  Type  ^  Description  ^
| DefaultMode | [[.:cryptomode|CryptoMode]] | Global crypto mode for all operations. Default: ''CryptoMode.Classic'' |
| OpenSslPath | string? | Optional path to OpenSSL 3.6 library |

----

==== DefaultMode Property ====

Gets or sets the global crypto mode.

<code csharp>
public static CryptoMode DefaultMode { get; set; }
</code>

| Type | [[.:cryptomode|CryptoMode]] |
| Default Value | ''CryptoMode.Classic'' |

This property determines the default behavior of all extension methods when no explicit ''CryptoMode'' is passed.

^  Value  ^  Behavior  ^
| Classic | No PQ extensions |
| Hybrid | RSA/ECDSA + ML-DSA |
| PostQuantum | ML-DSA/ML-KEM only |

**Example:**

<code csharp>
// At application startup
CryptoConfig.DefaultMode = CryptoMode.Hybrid;

// All subsequent operations use Hybrid
var cert = request.CreateSelfSigned(notBefore, notAfter);
// cert.HasPqSignature() == true
</code>

----

==== OpenSslPath Property ====

Gets or sets the path to the OpenSSL library.

<code csharp>
public static string? OpenSslPath { get; set; }
</code>

| Type | ''string?'' |
| Default Value | ''null'' (automatic search) |

When ''null'', the library automatically searches for OpenSSL:

^  Platform  ^  Search Paths  ^
| Windows x64 | ''libcrypto-3-x64.dll'' in application directory, PATH |
| Linux | ''libcrypto.so.3'' in LD_LIBRARY_PATH, /usr/lib |
| macOS | ''libcrypto.3.dylib'' in DYLD_LIBRARY_PATH, /opt/homebrew/lib |

<WRAP round important>
OpenSSL **3.6.0 or higher** is required for ML-DSA and ML-KEM support.
</WRAP>

**Platform Examples:**

<code csharp>
// Windows
CryptoConfig.OpenSslPath = @"C:\OpenSSL-3.6\bin\libcrypto-3-x64.dll";

// Linux
CryptoConfig.OpenSslPath = "/opt/openssl-3.6/lib64/libcrypto.so.3";

// macOS
CryptoConfig.OpenSslPath = "/opt/homebrew/opt/openssl@3/lib/libcrypto.3.dylib";
</code>

----

===== Methods =====

^  Name  ^  Description  ^
| EnablePostQuantum(CryptoMode) | Enables PQ cryptography and initializes OpenSSL |

----

==== EnablePostQuantum Method ====

Enables post-quantum cryptography and initializes the OpenSSL interop.

<code csharp>
public static void EnablePostQuantum(CryptoMode mode = CryptoMode.Hybrid)
</code>

**Parameters:**

^  Name  ^  Type  ^  Description  ^
| mode | [[.:cryptomode|CryptoMode]] | The mode to enable. Default: ''CryptoMode.Hybrid'' |

This method is a convenience function that:
  - Sets ''DefaultMode'' to the specified value
  - Initializes OpenSSL and checks the version
  - Loads the crypto provider

Equivalent to:
<code csharp>
CryptoConfig.DefaultMode = mode;
CryptoProviderFactory.GetProvider().Initialize();
</code>

**Examples:**

<code csharp>
// Enables Hybrid mode (default)
CryptoConfig.EnablePostQuantum();

// Only for fully PQ-capable environments
CryptoConfig.EnablePostQuantum(CryptoMode.PostQuantum);
</code>

**Exceptions:**

| DllNotFoundException | OpenSSL library not found |
| InvalidOperationException | OpenSSL version < 3.6 or PQ algorithms not available |

----

===== Thread Safety =====

Changes to ''DefaultMode'' and ''OpenSslPath'' are thread-safe. Ideally, change these values only at application startup.

----

===== Remarks =====

''CryptoConfig'' is the central configuration point for the entire library. Settings apply globally to all threads.

<code csharp>
// Recommended initialization in Program.cs or Startup
CryptoConfig.DefaultMode = CryptoMode.Hybrid;
CryptoConfig.OpenSslPath = @"C:\OpenSSL\bin\libcrypto-3-x64.dll";
</code>

----

===== See Also =====

  * [[.:cryptomode|CryptoMode Enum]]
  * [[.:providers:start|Providers Namespace]]
  * [[.:start|API Overview]]

{{tag>class configuration static}}

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//