User Tools

Site Tools


notes:csharp:cryptography

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
notes:csharp:cryptography [2018/01/09]
leszek
notes:csharp:cryptography [2018/01/09] (current)
leszek
Line 75: Line 75:
 makecert -n "CN = WBS" -sr currentuser -ss MyCertStore ​ makecert -n "CN = WBS" -sr currentuser -ss MyCertStore ​
 </​code>​ </​code>​
 +
 +The //​ProtectedData//​ and //​ProtectedMemory//​ classes are managed wrappers around Data Protection Application Programming Interface (**DPAPI**):​
 +
 +  * //​ProtectedData//​ - Provides methods for encrypting and decrypting data. 
 +  * //​ProtectedMemory//​ - Provides methods for protecting and unprotecting memory.
 +
 +The //​ProtectedData.Protect//​ method does not modify the input data. The //​ProtectedMemory.Protect//​ method modifies the input data. The length of the input byte array has to be a multiple of 16.
  
  
Line 353: Line 360:
             ​             ​
             return certificate;​             return certificate;​
 +        }
 +    }
 +}
 +</​code>​
 +
 +
 +Example: Generate an encrypted representation of a byte array using DPAPI:
 +<code csharp>
 +using System;
 +using System.Security.Cryptography;​
 +
 +namespace CSharpTest
 +{
 +    class EntryPoint
 +    {
 +        public static void Main()
 +        {
 +            byte[] secretData = new byte[] { 120, 34, 56, 88, 230, 23, 45, 89,
 +                                             34, 234, 106, 78, 46, 203, 109, 3};
 +
 +            // Only the current user can decrypt the data.
 +            // The input byte array is not modified.
 +            byte[] data1 = ProtectedData.Protect(secretData,​ null, DataProtectionScope.CurrentUser);​
 +
 +            // Any user on the current computer can decrypt the data. It is useful when data is 
 +            // stored on a network share and there are multiple users on the same computer who 
 +            // need access the data.
 +            // The input byte array is not modified.
 +            byte[] data2 = ProtectedData.Protect(secretData,​ null, DataProtectionScope.LocalMachine);​
 +
 +            // Only the user who encypted data can decrypt it.
 +            // The input byte array is modified. ​
 +            ProtectedMemory.Protect(secretData,​ MemoryProtectionScope.SameLogon);​
 +
 +            // All threads in the same process can decrypt the data.
 +            // The input byte array is modified. ​
 +            ProtectedMemory.Protect(secretData,​ MemoryProtectionScope.SameProcess);​
         }         }
     }     }
notes/csharp/cryptography.txt ยท Last modified: 2018/01/09 by leszek