From 9b15e296dfb0fef0a31977cfe58d12fac01abfa8 Mon Sep 17 00:00:00 2001 From: Khwezi Mngoma Date: Sun, 14 Jun 2026 11:26:20 +0200 Subject: [PATCH] Added certificate protected data protection keys --- LiteCharms.Features/Extensions/Api.cs | 4 ++++ LiteCharms.Features/Extensions/Postgres.cs | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/LiteCharms.Features/Extensions/Api.cs b/LiteCharms.Features/Extensions/Api.cs index 77b1968..f430d4e 100644 --- a/LiteCharms.Features/Extensions/Api.cs +++ b/LiteCharms.Features/Extensions/Api.cs @@ -5,6 +5,7 @@ using LiteCharms.Features.Api.Sdk; using LiteCharms.Features.Postgres; using Microsoft.AspNetCore.Hosting; using System.Runtime.InteropServices; +using System.Security.Cryptography.X509Certificates; namespace LiteCharms.Features.Extensions; @@ -56,7 +57,10 @@ public static class Api public static IServiceCollection AddLiteCharmsWebSecurity(this IServiceCollection services, IConfiguration configuration) { + var certificate = X509CertificateLoader.LoadPkcs12(Convert.FromBase64String(configuration["DataProtection:Certificate"]!), configuration["DataProtection:Password"]); + services.AddDataProtection().PersistKeysToDbContext() + .ProtectKeysWithCertificate(certificate) .SetApplicationName("LiteCharmsApp"); var configSection = configuration.GetSection(nameof(LiteCharmsSettings)); diff --git a/LiteCharms.Features/Extensions/Postgres.cs b/LiteCharms.Features/Extensions/Postgres.cs index 8defd2c..ed2fd6c 100644 --- a/LiteCharms.Features/Extensions/Postgres.cs +++ b/LiteCharms.Features/Extensions/Postgres.cs @@ -9,7 +9,7 @@ public static class Postgres public static IServiceCollection AddDataProtectionDatabase(this IServiceCollection services, IConfiguration configuration) { - var connectionString = configuration.GetConnectionString(DataProtectionDbConfigName); + var connectionString = configuration.GetConnectionString(DataProtectionDbConfigName); services.AddPooledDbContextFactory(options => options.UseNpgsql(connectionString));