Export (0) Print
Expand All

Create Method (OfflineWebApplicationConnection, String, String, String, String, IList(HealthRecordItem))

HealthVault
Represents a package of user data that is created by HealthVault in order to be retrieved by a user using the HealthVault Shell.

Namespace: Microsoft.Health.Package
Assembly: Microsoft.Health (in Microsoft.Health.dll) Version: 2.1.0.0 (1.15.1003.9505)

public static string Create(
	OfflineWebApplicationConnection connection,
	string friendlyName,
	string securityQuestion,
	string securityAnswer,
	string applicationPatientId,
	IList<HealthRecordItem> packageContents
)

Parameters

connection
Type: Microsoft.Health.Web..::..OfflineWebApplicationConnection
The application connection to HealthVault. The application ID in the connection is used when making the patient connection.
friendlyName
Type: System..::..String
A friendly name for the patient connection which will be shown to the user when they go to HealthVault Shell to validate the connection.
securityQuestion
Type: System..::..String
A question (usually provided by the patient) to which the patient must provide the securityAnswer when they go to validate the connection in the HealthVault Shell.
securityAnswer
Type: System..::..String
The answer to the securityQuestion which the patient must use when adding the package to their record via HealthVault Shell. The answer is case-insensitive but otherwise must match exactly. Additionally, it must be at least 6 characters long.
applicationPatientId
Type: System..::..String
The application specific identifier for the user. This identifier is used to uniquely identify the user in the application data storage, whereas the HealthVault person ID is used to identify the person in HealthVault.
packageContents
Type: System.Collections.Generic..::..IList<(Of <(<'HealthRecordItem>)>)>
The list of HealthRecordItems that will be encrypted and added to the package that the user will claim via HealthVault Shell.

Return Value

A token that the application must give to the patient to use when validating the connection request.

Package encryption is delegated to the .NET Crypto classes. The encryption algorithm supported by default is AES256. If TripleDES is required, the caller should create the custom Password Protected Package and call Create(OfflineWebApplicationConnection, String, String, String, PasswordProtectedPackage).

The answer key provided is not the actual key to the decryption. A key is derived using the answer, the salt, and the number of hash iterations (via the Rfc2898DeriveBytes class). To ensure case-insensitivity, the answer is lower cased using ToLowerInvariant()()()() (culturally-agnostic) prior to generating the derived key.

The algorithm used has the following parameters:
  • Mode = CipherMode.CBC
  • Padding = PaddingMode.ISO10126


The salt supplied is used as the salt to the derived key as well as the key to the supplied HMAC. The data must be appended to the hash, then encrypted and then Base64 encoded.

ExceptionCondition
System..::..ArgumentNullException If connection is null.
System..::..ArgumentException If friendlyName, securityQuestion, securityAnswer, applicationPatientId or any element in packageContents are null or empty.
System..::..ArgumentOutOfRangeException If securityAnswer is less than 6 characters.
System..::..NotSupportedException One of the items in packageContents is signed and contains streamed blobs. This is not supported.
Microsoft.Health..::..HealthServiceException If an error occurs when contacting HealthVault.
Show:
© 2014 Microsoft