Defines the cryptographic mode for all operations.
namespace WvdS.System.Security.Cryptography public enum CryptoMode
| Name | Value | Description |
|---|---|---|
| Classic | 0 | Classic algorithms only (RSA, ECDSA). No PQ extensions. |
| Hybrid | 1 | Classic + PQ combined. RSA/ECDSA signature plus ML-DSA signature. Recommended. |
| PostQuantum | 2 | PQ algorithms only (ML-DSA, ML-KEM). No classic algorithms. |
Uses only standard .NET cryptography. No change to the behavior of extended methods.
Creates hybrid signatures and certificates:
Classic clients can validate hybrid certificates (ignoring the PQ extension).
Uses exclusively PQ algorithms. Only for environments where all participants are PQ-capable.
using WvdS.System.Security.Cryptography; // Set globally CryptoConfig.DefaultMode = CryptoMode.Hybrid; // Or per operation var cert = request.CreateSelfSigned( notBefore, notAfter, CryptoMode.PostQuantum);
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional