Added Ability to encrypt variables with RSA Certificate.#38
Added Ability to encrypt variables with RSA Certificate.#38erothFEI wants to merge 3 commits intoOctopusDeploy:masterfrom
Conversation
| try | ||
| { | ||
|
|
||
| var certificate = new X509Certificate2(Convert.FromBase64String(arguments[0])); |
There was a problem hiding this comment.
The certificate is not disposed. Also we should think what key set to use and which store. Ephemeral seems to be a good choice in this, but I'm not sure of that.
There was a problem hiding this comment.
Looks like the Ephemeral key store is not natively availabe in .Net Standard 1.3 or .Net Framework 4.0. It seems to work if I use:new X509Certificate2(Convert.FromBase64String(arguments[0]), (string)null, (X509KeyStorageFlags)32) but I am not confident it would work on a machine that does not have a later version of .Net installed.
| { | ||
| } | ||
|
|
||
| return null; |
There was a problem hiding this comment.
This should be inside the catch statement
There was a problem hiding this comment.
I was just using the FormatFunction as an example for this. Would it be preferable for me to just allow the exception to bubble up?
|
|
3 participants
Was curious to see if this feature was a viable option to consider adding?
We do this type of thing manually right now with variables that store the encrypted text and it is a pain when updating certificates.
I can flush out the .Net Framework 4.5.2 tests plus additional test cases if needed.