/****************************************************************************/ public async Task <IKey> GetEncryptionKey() { try { // Get all keys in encryption store var keys = await _encryptStore.GetAll(); if (keys != null) { var expiredKeys = new List <Guid>(); try { // Find one that isn't expired foreach (var key in keys) { if (!key.Policy.IsExpired) { return(key); } expiredKeys.Add(key.Id); } } finally { // If we found expired keys then remove them if (expiredKeys.Count > 0) { var tasks = new List <Task>(); foreach (var id in expiredKeys) { tasks.Add(RemoveKey(id)); } await Task.WhenAll(tasks); } } } } catch (Exception ex) { _ = ex; } // Create a brand new key var newKey = new Key(_policyTemplate.Clone(_expires)); newKey.Policy.IsReadOnly = true; // Save to both stores await _decryptStore.Add(newKey); // Make sure it's saved here successfully before putting it in encrypt store await _encryptStore.Add(newKey); return(newKey); }