ProtectedData.Protect


R

rcangus

Hi,
I was wondering if there was anyone else who is having some
difficulties using the DPAPI Crypto calls of WM 2003 SE/ WM 5.0.

What I am doing
=============
I am creating a library that wraps the provides RSA, 3DES, and RijnDael
cryptoghraphic providers. As a part of this, the use of symmetric keys
for the 3DES and RijnDael presents me with an interesting problem: how
to securely store the symmetrtic key.

To this end, I have gone down the path of using the DPAPI Crypto
unmanaged API. I have tried using P/Invoke, as well as using the
OpenNETCF 1.3 ProtectedData classes, but to no avail.

The encrypt works great, and produces encrypted data nicely. However, I
run into problems when I try to Unprotect the data. After much cursing
and gnashing of teeth, I found the error message:

"The data is invalid."

The following is the code that I am using:

Imports OpenNETCF.Security.Cryptography

....

saltBytes = Encoding.ASCII.GetBytes(desParams.SaltValue)
derivedPassword = New PasswordDeriveBytes(desParams.Password,
saltBytes)
derivedKeyBytes = derivedPassword.GetBytes(DEFAULT_KEY_SIZE)
encryptedKeyBytes = ProtectedData.Protect(derivedKeyBytes, saltBytes,
DataProtectionScope.LocalMachine)
decryptedKeyBytes = ProtectedData.Unprotect(encryptedKeyBytes,
saltBytes, DataProtectionScope.LocalMachine)

desParams.saltValue = "1Password!"
desParams.Password = "1Password!"
DEFAULT_KEY_SIZE = 16


I am using the OpenNETCF 1.3, with CF 2.0.
I have also tried using P/Invoke API calls, and get the same problems.

Any one out there have any ideas?

Cheers
 
Ad

Advertisements

R

rcangus

Casey,
Thanks a heap :) I have been going around in circles for the last week
on this one (and the answer was staring me in the face).

Do you know if the OpenNETCF people are going to fix the ProtectedData
class? I noticed that your implementation in the cfAES is a lot simpler
than the one in the OpenNETCF 1.3/1.4 ProtectedData class.

Once again, thanks a heap

Richard
 
Ad

Advertisements

C

casey chesnut

doh! ... i wrote the one in OpenNETCF years ago.
so i should have fixed it, but never got to it
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top