daohualiuxiang
/
AspNetCore.Docs
mirror of https://github.com/dotnet/AspNetCore.Docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated documentation to include PersistKeysToDbContext (#22003) 

* Updated documentation to include PersistKeysToDbContext in aspnetcore > security > data-protection > configuration > overview

* fixed formatting

* Update aspnetcore/security/data-protection/configuration/overview.md

Co-authored-by: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com>

* Update aspnetcore/security/data-protection/configuration/overview.md

Co-authored-by: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com>

Co-authored-by: Mark McGookin <mark@markmcgookin.com>
Co-authored-by: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com>
pull/22191/head
Mark McGookin 2021-05-02 17:43:06 +01:00 committed by GitHub
parent 2f00739f4e
commit a2d1199f48
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
aspnetcore/security/data-protection/configuration/overview.md
View File

@ -96,6 +96,26 @@ public void ConfigureServices(IServiceCollection services)
> [!WARNING]
> If you change the key persistence location, the system no longer automatically encrypts keys at rest, since it doesn't know whether DPAPI is an appropriate encryption mechanism.
## PersistKeysToDbContext
To store keys in a database using EntityFramework, configure the system with the [Microsoft.AspNetCore.DataProtection.EntityFrameworkCore](https://www.nuget.org/packages/Microsoft.AspNetCore.DataProtection.EntityFrameworkCore/) package:
```csharp
public void ConfigureServices(IServiceCollection services)
{
services.AddDataProtection()
.PersistKeysToDbContext<DbContext>()
}
```
The preceding code stores the keys in the configured database. The database context being used must implement `IDataProtectionKeyContext`. `IDataProtectionKeyContext` exposes the property `DataProtectionKeys`
```csharp
public DbSet<DataProtectionKey> DataProtectionKeys { get; set; }
```
This property represents the table in which the keys are stored. Create the table manually or with `DbContext` Migrations. See <xref:Microsoft.AspNetCore.DataProtection.EntityFrameworkCore.DataProtectionKey> for more information.
## ProtectKeysWith\*
You can configure the system to protect keys at rest by calling any of the [ProtectKeysWith\*](/dotnet/api/microsoft.aspnetcore.dataprotection.dataprotectionbuilderextensions) configuration APIs. Consider the example below, which stores keys on a UNC share and encrypts those keys at rest with a specific X.509 certificate: