/// <summary> /// Configures keys to be encrypted to a given certificate before being persisted to storage. /// </summary> /// <param name="builder">The <see cref="IDataProtectionBuilder"/>.</param> /// <param name="thumbprint">The thumbprint of the certificate to use when encrypting keys.</param> /// <returns>A reference to the <see cref="IDataProtectionBuilder" /> after this operation has completed.</returns> public static IDataProtectionBuilder ProtectKeysWithCertificate(this IDataProtectionBuilder builder, string thumbprint) { if (builder == null) { throw new ArgumentNullException(nameof(builder)); } if (thumbprint == null) { throw new ArgumentNullException(nameof(thumbprint)); } // Make sure the thumbprint corresponds to a valid certificate. if (new CertificateResolver().ResolveCertificate(thumbprint) == null) { throw Error.CertificateXmlEncryptor_CertificateNotFound(thumbprint); } var services = builder.Services; // ICertificateResolver is necessary for this type to work correctly, so register it // if it doesn't already exist. services.TryAdd(DataProtectionServiceDescriptors.ICertificateResolver_Default()); Use(services, DataProtectionServiceDescriptors.IXmlEncryptor_Certificate(thumbprint)); return(builder); }
/// <summary> /// Configures keys to be encrypted to a given certificate before being persisted to storage. /// </summary> /// <param name="certificate">The certificate to use when encrypting keys.</param> /// <returns>The 'this' instance.</returns> public DataProtectionConfiguration ProtectKeysWithCertificate(X509Certificate2 certificate) { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } Use(DataProtectionServiceDescriptors.IXmlEncryptor_Certificate(certificate)); return(this); }
/// <summary> /// Configures keys to be encrypted to a given certificate before being persisted to storage. /// </summary> /// <param name="builder">The <see cref="IDataProtectionBuilder"/>.</param> /// <param name="certificate">The certificate to use when encrypting keys.</param> /// <returns>A reference to the <see cref="IDataProtectionBuilder" /> after this operation has completed.</returns> public static IDataProtectionBuilder ProtectKeysWithCertificate(this IDataProtectionBuilder builder, X509Certificate2 certificate) { if (builder == null) { throw new ArgumentNullException(nameof(builder)); } if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } Use(builder.Services, DataProtectionServiceDescriptors.IXmlEncryptor_Certificate(certificate)); return(builder); }