//TODO: consider moving protect / unprotect to utils (we have 4 occurances now: db, fs, cs and here) internal static void Unprotect(GlobalSettingsDocument settings) { if (settings.SecuredSettings == null) { settings.SecuredSettings = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase); return; } foreach (var prop in settings.SecuredSettings.ToList()) { if (prop.Value == null) { continue; } var bytes = Convert.FromBase64String(prop.Value); var entrophy = Encoding.UTF8.GetBytes(prop.Key); try { var unprotectedValue = ProtectedData.Unprotect(bytes, entrophy, DataProtectionScope.CurrentUser); settings.SecuredSettings[prop.Key] = Encoding.UTF8.GetString(unprotectedValue); } catch (Exception e) { Logger.WarnException("Could not unprotect secured global config data " + prop.Key + " setting the value to '<data could not be decrypted>'", e); settings.SecuredSettings[prop.Key] = Constants.DataCouldNotBeDecrypted; } } }
internal static void Protect(GlobalSettingsDocument settings) { if (settings.SecuredSettings == null) { settings.SecuredSettings = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase); return; } foreach (var prop in settings.SecuredSettings.ToList()) { if (prop.Value == null) { continue; } var bytes = Encoding.UTF8.GetBytes(prop.Value); var entrophy = Encoding.UTF8.GetBytes(prop.Key); var protectedValue = ProtectedData.Protect(bytes, entrophy, DataProtectionScope.CurrentUser); settings.SecuredSettings[prop.Key] = Convert.ToBase64String(protectedValue); } }