public async Task ChangeProtectionPasswordAsync(string oldPassword, string newPassword)
{
try
{
if (_protectionBusy)
{
throw new Exception("Data protection is busy.");
}
_protectionBusy = true;
if (!_protectionActivated)
{
throw new Exception("Data protection is not activated");
}
var oldDataProtectionEntity = await ReadDataProtectionEntity();
if (oldDataProtectionEntity == null)
{
throw new Exception("Data protection parameters not found.");
}
var oldKey = new DataProtectionKey(oldDataProtectionEntity.Id, oldDataProtectionEntity.Params);
if (!oldKey.ValidatePassword(oldPassword))
{
throw new Exception("Incorrect old password");
}
using (TransactionScope transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
{
// Creating the key for the new password
var prms = DataProtectionKey.CreateParams(newPassword);
var newDataProtectionEntity = await SaveDataProtectionEntity(prms);
var newKey = new DataProtectionKey(newDataProtectionEntity.Id, newDataProtectionEntity.Params);
newKey.ValidatePassword(newPassword);
await ReencryptDatabase(oldKey, newKey);
// Delete old key
await DeleteDataProtectionEntity(oldKey.KeyId);
// Set new key as a current key
_key = newKey;
transactionScope.Complete();
}
// Set activated if detected the not finished password change operation.
_protectionActivated = true;
}
finally
{
_protectionBusy = false;
}
}
public async Task DisableProtectionAsync(string password)
{
try
{
if (_protectionBusy)
{
throw new Exception("Data protection is busy.");
}
_protectionBusy = true;
if (!_protectionEnabled)
{
throw new Exception("Data protection is not enabled.");
}
if (!_protectionActivated)
{
throw new Exception("Data protection is not activated.");
}
var dataProtectionEntity = await ReadDataProtectionEntity();
if (dataProtectionEntity == null)
{
throw new Exception("Data protection parameters not found.");
}
var key = new DataProtectionKey(dataProtectionEntity.Id, dataProtectionEntity.Params);
if (!key.ValidatePassword(password))
{
throw new Exception("Incorrect password");
}
using (TransactionScope transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
{
await DeleteDataProtectionEntity(key.KeyId);
await DecryptDatabase(key);
transactionScope.Complete();
}
_key = null;
_protectionActivated = false;
_protectionEnabled = false;
}
finally
{
_protectionBusy = false;
}
}
public async Task <bool> ActivateProtectionAsync(string password)
{
try
{
if (_protectionBusy)
{
throw new Exception("Data protection is busy.");
}
_protectionBusy = true;
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentNullException(nameof(password));
}
if (_protectionActivated)
{
throw new Exception("Data protection is already activated.");
}
var dataProtectionEntity = await ReadDataProtectionEntity();
if (dataProtectionEntity == null)
{
throw new Exception("Data protection parameters not found.");
}
_key = new DataProtectionKey(dataProtectionEntity.Id, dataProtectionEntity.Params);
_protectionActivated = _key.ValidatePassword(password);
return(_protectionActivated);
}
finally
{
_protectionBusy = false;
}
}
public async Task EnableProtectionAsync(string password)
{
try
{
if (_protectionBusy)
{
throw new Exception("Data protection is busy.");
}
_protectionBusy = true;
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentNullException(nameof(password));
}
if (_protectionEnabled)
{
throw new Exception("Data protection is already enabled.");
}
var prms = DataProtectionKey.CreateParams(password);
var dataProtectionEntity = await SaveDataProtectionEntity(prms);
_key = new DataProtectionKey(dataProtectionEntity.Id, dataProtectionEntity.Params);
_key.ValidatePassword(password);
await EncryptDatabase(_key);
_protectionEnabled = true;
_protectionActivated = true;
}
finally
{
_protectionBusy = false;
}
}