C# (CSharp) IDataProtectionBuilder.ProtectKeysWithDpapiNG 예제들

예제 #1

 private static void ConfigureWindowsDpApiNg(IDataProtectionBuilder builder, KeyProtectionOptions protectOptions)
 {
     if (!string.IsNullOrEmpty(protectOptions.WindowsDpApiNgCerticate))
     {
         builder.ProtectKeysWithDpapiNG($"CERTIFICATE=HashId:{protectOptions.WindowsDpApiNgCerticate}", flags: DpapiNGProtectionDescriptorFlags.None);
         return;
     }
     if (!string.IsNullOrEmpty(protectOptions.WindowsDpApiNgSid))
     {
         builder.ProtectKeysWithDpapiNG($"SID={protectOptions.WindowsDpApiNgSid}", flags: DpapiNGProtectionDescriptorFlags.None);
         return;
     }
     builder.ProtectKeysWithDpapiNG();
 }

예제 #2

파일: Startup.cs 프로젝트: lithnet/access-manager

        private void ConfigureDataProtection(IServiceCollection services, IAmsLicenseManager licenseManager)
        {
            var provider = services.BuildServiceProvider();
            var dataProtectionOptions = provider.GetService <IOptions <Server.Configuration.DataProtectionOptions> >();

            IDataProtectionBuilder builder = services.AddDataProtection(options =>
            {
                options.ApplicationDiscriminator = "lithnetams";
            });

            SecurityIdentifier sid = WindowsIdentity.GetCurrent().User;

            RegistryKey key = Registry.LocalMachine.CreateSubKey($"Software\\Lithnet\\Access Manager Service\\Parameters\\Keys\\{sid}");

            builder.PersistKeysToRegistry(key);

            if (dataProtectionOptions.Value.EnableClusterCompatibleSecretEncryption && licenseManager.IsFeatureEnabled(LicensedFeatures.DpapiNgSecretEncryption))
            {
                if (dataProtectionOptions.Value.EnableClusterCompatibleSecretEncryption && licenseManager.IsFeatureEnabled(LicensedFeatures.DpapiNgSecretEncryption))
                {
                    builder.ProtectKeysWithDpapiNG($"SID={sid}", Microsoft.AspNetCore.DataProtection.XmlEncryption.DpapiNGProtectionDescriptorFlags.None);
                }
                else
                {
                    builder.ProtectKeysWithDpapi(false);
                }
            }
        }

예제 #3

        protected internal override void AddInternal(IDataProtectionBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            if (this.ProtectionDescriptorRule == null)
            {
                builder.ProtectKeysWithDpapiNG();
            }
            else
            {
                builder.ProtectKeysWithDpapiNG(this.ProtectionDescriptorRule, this.Flags);
            }
        }

예제 #4

    public static IDataProtectionBuilder ProtectKeysWithDpapiNG(this IDataProtectionBuilder builder)
    {
        if (builder == null)
        {
            throw new ArgumentNullException(nameof(builder));
        }

        return(builder.ProtectKeysWithDpapiNG(
                   protectionDescriptorRule: DpapiNGXmlEncryptor.GetDefaultProtectionDescriptorString(),
                   flags: DpapiNGProtectionDescriptorFlags.None));
    }