Added support for password-protected certificates.

Author: Alexander Thurau

ConfigCrypter.Console/Options/CommandlineOptions.cs

@@ -10,6 +10,9 @@ public class CommandlineOptions
         [Option('n', "name", Required = true, HelpText = "The subject name of the certificate (CN). This can only be used in Windows environments.", Group = "CertLocation")]
         public string CertSubjectName { get; set; }
 
+        [Option('s', "password", Required = false, HelpText = "Password of the certificate (if available).", Default = null)]
+        public string CertificatePassword { get; set; }
+
         [Option('k', "key", Required = true, HelpText = "The key to encrypt in the config file.")]
         public string Key { get; set; }
 

ConfigCrypter.Console/Program.cs

@@ -30,7 +30,7 @@ private static ConfigFileCrypter CreateCrypter(CommandlineOptions options)
 
             if (!string.IsNullOrEmpty(options.CertificatePath))
             {
-                certLoader = new FilesystemCertificateLoader(options.CertificatePath);
+                certLoader = new FilesystemCertificateLoader(options.CertificatePath, options.CertificatePassword);
             }
             else if (!string.IsNullOrEmpty(options.CertSubjectName))
             {

ConfigCrypter/CertificateLoaders/FilesystemCertificateLoader.cs

@@ -8,14 +8,17 @@ namespace DevAttic.ConfigCrypter.CertificateLoaders
     public class FilesystemCertificateLoader : ICertificateLoader
     {
         private readonly string _certificatePath;
+        private readonly string _certificatePassword;
 
         /// <summary>
         /// Creates an instance of the certificate loader.
         /// </summary>
         /// <param name="certificatePath">Fully qualified path to the certificate (.pfx file).</param>
-        public FilesystemCertificateLoader(string certificatePath)
+        /// <param name="certificatePassword">Password of the certificate, if available.</param>
+        public FilesystemCertificateLoader(string certificatePath, string certificatePassword = null)
         {
             _certificatePath = certificatePath;
+            _certificatePassword = certificatePassword;
         }
 
         /// <summary>
@@ -24,7 +27,9 @@ public FilesystemCertificateLoader(string certificatePath)
         /// <returns>A X509Certificate2 instance.</returns>
         public X509Certificate2 LoadCertificate()
         {
-            return new X509Certificate2(_certificatePath);
+            return string.IsNullOrEmpty(_certificatePassword) ?
+                new X509Certificate2(_certificatePath) :
+                new X509Certificate2(_certificatePath, _certificatePassword);
         }
     }
 }

ConfigCrypter/ConfigProviders/Json/EncryptedJsonConfigSource.cs

@@ -24,7 +24,10 @@ public class EncryptedJsonConfigSource : JsonConfigurationSource
         /// The subject name of the certificate (Issued for).
         /// </summary>
         public string CertificateSubjectName { get; set; }
-
+        /// <summary>
+        /// The password of the certificate or null, if the certificate has no password.
+        /// </summary>
+        public string CertificatePassword { get; set; } = null;
         /// <summary>
         /// Factory function that is used to create an instance of the crypter.
         /// The default factory uses the RSACrypter and passes it the given certificate loader.

ConfigCrypter/Extensions/ConfigurationBuilderExtensions.cs

@@ -97,7 +97,7 @@ private static void InitializeCertificateLoader(EncryptedJsonConfigSource config
         {
             if (!string.IsNullOrEmpty(config.CertificatePath))
             {
-                config.CertificateLoader = new FilesystemCertificateLoader(config.CertificatePath);
+                config.CertificateLoader = new FilesystemCertificateLoader(config.CertificatePath, config.CertificatePassword);
             }
             else if (!string.IsNullOrEmpty(config.CertificateSubjectName))
             {