Worked on security hardening within the systemd/systemd repository by addressing a vulnerability in the AddSigningKey path. The solution involved restructuring the execution flow so that Polkit authorization is always performed before any cryptographic operations with OpenSSL, ensuring that sensitive data is only processed after proper access control checks. This change mitigated the risk of crafted inputs reaching cryptographic routines without authorization. The work required a strong understanding of access control, cryptography, and system programming, and was implemented in C. The targeted fix improved the security posture of the systemd project by aligning cryptographic usage with best practices for authorization.