-
Notifications
You must be signed in to change notification settings - Fork 1
IServiceCollectionExtensions.AddDataProtectionServices
- Creates Singleton for DataProtectionProvider using configuration section ConfigOptions:Cryptography
- Creates Singleton for ICryptoHelper using the DataProtectionProvider
public static void AddDataProtectionServices(IServiceCollection services, IConfiguration config)config IConfiguration
Instance of IConfiguration - must contain configuration section ConfigOptions:Cryptography
These settings are required to initialize cryptography services so they must be in plain text.
{
"ConfigOptions": {
"Cryptography": {
"ClientScope": "SharedSecretForClientAccess",
"EncValPrefix": "<(*_*)>",
"KeyStore": "\\\\localhost\\Share\\temp-keys"
}
}
}
ClientScope string
Client-based purpose string that is used to create the Data Protection Provider. The decrypting client must present the same ClientScope string as the encrypting client for the decryption operation to succeed.
EncValPrefix String
This string prefix is automatically added to the encrypted value after encryption, and automatically removed prior to decryption. It is used by the library to identify encrypted values in the configuration during the process of configuration decryption. If the encrypted value does not have the prefix, it will not be decrypted.
KeyStore String
UNC shared folder path for key storage. All encrypting and decrypting clients require folder access. DPAPI automatically manages and protects the keys. This shared UNC folder is required for the examples and unit tests in this project.