3.0 KiB
About
System.Security.Cryptography.ProtectedData offers a simplified interface for utilizing Microsoft Windows DPAPI's CryptProtectData and CryptUnprotectData functions.
Note: Since it relies on Windows DPAPI, this package is only supported on Windows platforms. For more complex cryptographic operations or cross-platform support, consider the System.Security.Cryptography namespace.
Key Features
- Built upon the robust and secure Windows Data Protection API (DPAPI).
- Data can be protected either for current process or for any process on the machine.
- Scope of protection can be defined either to the current user or the local machine.
How to Use
Utilizing this package is quite simple, and it mainly revolves around two methods: Protect and Unprotect.
Here, originalData is the data you want to protect, optionalEntropy is an additional byte array used to increase encryption complexity, and DataProtectionScope specifies whether the data protection should apply to the current user or the machine.
using System.Security.Cryptography;
using System.Text;
byte[] originalData = Encoding.UTF8.GetBytes("This is a secret");
byte[] optionalEntropy = new byte[64];
Random.Shared.NextBytes(optionalEntropy);
// To protect:
byte[] encryptedData = ProtectedData.Protect(
originalData,
optionalEntropy,
DataProtectionScope.CurrentUser);
// To unprotect:
byte[] decryptedData = ProtectedData.Unprotect(
encryptedData,
optionalEntropy,
DataProtectionScope.CurrentUser);
Main Types
The main type provided by this library is:
System.Security.Cryptography.ProtectedData
Additional Documentation
Related Packages
- PKCS and CMS algorithms: System.Security.Cryptography.Pkcs
Feedback & Contributing
System.Security.Cryptography.ProtectedData is released as open source under the MIT license. Bug reports and contributions are welcome at the GitHub repository.