Merged PR 22201: Add remarks and links to example in KeyCredentialManager API docs

Add remarks and links to example in KeyCredentialManager API docs.

----
#### AI description  (iteration 1)
#### PR Classification
Documentation update to enhance the KeyCredentialManager API docs with detailed remarks and example links.

#### PR Summary
This pull request enriches the API documentation for key credential management by adding clear explanations on RSA 2048-bit key usage, export/parsing, attestation details, and operational behavior of various methods.
- **`keycredentialmanager_requestcreateasync_1254045680.md`**: Added detailed remarks describing RSA 2048-bit key creation, key export and parsing steps, and provided a sample link.
- **`keycredentialmanager.md`**: Expanded the documentation with comprehensive key specifications, attestation data formats, and verification instructions.
- **`keycredentialmanager_openasync_1404306189.md`, `keycredentialmanager_deleteasync_333495081.md`, `keycredentialmanager_issupportedasync_2134939103.md`, and `keycredentialmanager_renewattestationasync_1621496073.md`**: Updated remarks to clarify key retrieval, deletion irreversibility, device support requirements, and attestation renewal processes.
<!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot -->

Author: alvinashcraft

windows.security.credentials/keycredentialmanager.md

@@ -16,8 +16,33 @@ Contains methods for basic management of key credentials.
 
 ## -remarks
 
+The `KeyCredentialManager` class provides methods to manage key credentials, which are RSA 2048-bit keys. These keys are used for secure authentication and cryptographic operations.
+
+#### Key Information
+
+- **Key Type**: RSA 2048-bit
+- **Signature Format**: PKCS #1 RSA PSS with SHA256
+- **Attestation Data**: The attestation data is a binary blob that includes metadata about the key, such as its origin and security properties.
+
+#### Attestation Data Format
+
+The attestation data is encoded in a binary format. It includes:
+
+1. **Key Metadata**: Information about the key's origin and properties.
+1. **Certificate Chain**: A chain of certificates that can be used to verify the authenticity of the attestation.
+
+#### Verifying Attestation Data
+
+To verify the attestation data:
+
+1. Parse the binary blob to extract the metadata and certificate chain.
+1. Use the certificate chain to validate the authenticity of the attestation.
+1. Ensure the metadata matches the expected properties of the key.
+
+For more details, refer to the [KeyCredentialManager sample](https://github.com/Microsoft/Windows-universal-samples/tree/main/Samples/KeyCredentialManager).
+
 ## -examples
 
 ## -see-also
 
-[KeyCredentialManager sample](https://github.com/Microsoft/Windows-universal-samples/tree/master/Samples/KeyCredentialManager)
+[KeyCredentialManager sample](https://github.com/Microsoft/Windows-universal-samples/tree/main/Samples/KeyCredentialManager)

windows.security.credentials/keycredentialmanager_deleteasync_333495081.md

@@ -11,17 +11,23 @@ public Windows.Foundation.IAsyncAction DeleteAsync(System.String name)
 # Windows.Security.Credentials.KeyCredentialManager.DeleteAsync
 
 ## -description
+
 Deletes a previously provisioned user identity key for the current user and application.
 
 ## -parameters
+
 ### -param name
+
 The name of the key to delete.
 
 ## -returns
+
 This method does not return a value.
 
 ## -remarks
 
+The `DeleteAsync` method removes a previously provisioned key credential. This operation is irreversible and ensures that the key is no longer accessible.
+
 ## -examples
 
 ## -see-also

windows.security.credentials/keycredentialmanager_issupportedasync_2134939103.md

@@ -11,17 +11,19 @@ public Windows.Foundation.IAsyncOperation<bool> IsSupportedAsync()
 # Windows.Security.Credentials.KeyCredentialManager.IsSupportedAsync
 
 ## -description
+
 Determines if the current device and user is capable of provisioning a key credential.
 
 ## -returns
+
 When this method completes, it returns true if the current device and user is capable of provisioning a key credential. Otherwise, it returns false.
 
 ## -remarks
 
-An application cannot provision a key credential until the user has successfully done the following:
+The `IsSupportedAsync` method checks if the current device and user can provision a key credential. This requires:
 
-+ Connected their user account to their Microsoft account.
-+ Provided an unlock gesture (PIN or biometric) to protect the container that stores their key credential.
+1. A Microsoft account linked to the user.
+1. An unlock gesture (PIN or biometric) set up to protect the key container.
 
 
 ## -examples

windows.security.credentials/keycredentialmanager_openasync_1404306189.md

@@ -11,17 +11,30 @@ public Windows.Foundation.IAsyncOperation<Windows.Security.Credentials.KeyCreden
 # Windows.Security.Credentials.KeyCredentialManager.OpenAsync
 
 ## -description
+
 Retrieves a key credential for the current user and application.
 
 ## -parameters
+
 ### -param name
+
 The name of the key credential to open.
 
 ## -returns
+
 When this method completes, it returns the results of the key credential retrieval.
 
 ## -remarks
 
+The `OpenAsync` method retrieves an existing key credential. The retrieved key can be used for cryptographic operations such as signing and encryption.
+
+#### Key Usage
+
+The key is an RSA 2048-bit key. It supports operations like:
+
+- Generating signatures in PKCS #1 RSA PSS format with SHA256.
+- Encrypting data using appropriate padding schemes such as PKCS #1 OAEP.
+
 ## -examples
 
 ## -see-also

windows.security.credentials/keycredentialmanager_renewattestationasync_1621496073.md

@@ -11,13 +11,21 @@ public Windows.Foundation.IAsyncAction RenewAttestationAsync()
 # Windows.Security.Credentials.KeyCredentialManager.RenewAttestationAsync
 
 ## -description
+
 Renews an attestation for a key credential.
 
 ## -returns
+
 This method does not return a value.
 
 ## -remarks
 
+The `RenewAttestationAsync` method renews the attestation for an existing key credential. This ensures that the attestation remains valid and up-to-date.
+
+#### Attestation Renewal
+
+The renewed attestation includes updated metadata and a refreshed certificate chain. This can be used to verify the key's authenticity and properties.
+
 ## -examples
 
 ## -see-also

windows.security.credentials/keycredentialmanager_requestcreateasync_1254045680.md

@@ -11,20 +11,36 @@ public Windows.Foundation.IAsyncOperation<Windows.Security.Credentials.KeyCreden
 # Windows.Security.Credentials.KeyCredentialManager.RequestCreateAsync
 
 ## -description
+
 Creates a new key credential for the current user and application.
 
 ## -parameters
+
 ### -param name
+
 The name of the key credential to create.
 
 ### -param option
+
 Options for the creation operation.
 
 ## -returns
+
 When this method completes, it returns the results of the key credential creation.
 
 ## -remarks
 
+The `RequestCreateAsync` method generates a new RSA 2048-bit key credential. The generated key is stored securely and can be used for cryptographic operations.
+
+#### Key Export and Parsing
+
+The public key can be exported in a binary format. To parse the parameters of the public key:
+
+1. Use the `BCrypt` library to extract the key blob.
+1. Parse the key blob to retrieve the modulus and exponent.
+
 ## -examples
 
+Refer to the [KeyCredentialManager sample](https://github.com/Microsoft/Windows-universal-samples/tree/main/Samples/KeyCredentialManager) for an example of exporting and parsing the public key.
+
 ## -see-also