System.Security.Cryptography and OpenNETCF.Security.Cryptography

[Jeffry van de Vuurst]

Hi,

I would like to use the ProtectedData.Protect() and Unprotect() features to
securely store sensitive info on the pda. I noticed that these methods are
not available for the compact framework. So ofcourse I went looking into the
OpenNETCF namespaces and fortunately I found them there.

A few questions:
- Daniel Moth mentions in his blog
(http://blog.opennetcf.org/dmoth/PermaLink,guid,29233388-f9a9-4056-bc97-2b90035cf542.aspx)
that the OpenNETCF.Security.Cryptography.* types are dropped due to
enhancements in CF 2.0. However, I still see them. Should I use them or not?
- I tried to use the Protect and Unprotect methods from OpenNETCF, but
whatever I do, the Unprotect method keeps throwing a CryptographicException.
Does anybody have a working example on how to use these? I basically do the
following:
Encrypt:
ApplicationSettings["EncryptedPassword"] =
Convert.ToBase64String(ProtectedData.Protect(Encoding.UTF8.GetBytes(value),
null, DataProtectionScope.LocalMachine));
Decrypt:
byte[] arrDecrypted =
ProtectedData.Unprotect(Convert.FromBase64String(ApplicationSettings["EncryptedPassword"]),
null, DataProtectionScope.LocalMachine);

The exception occurs when I try to Unprotect it. I tried it with and without
the entropy bytes.

Also, how does the enum DataProtectionScope apply to the compact framework?
MSDN says that with the CurrentUser enum the data is associated with the
current user. Only threads running under the current user context can
unprotect the data. For LocalMachine, any process can unprotect the data.
I'm not sure how this would work on a pda. Is there something like a current
user context and a machine context?

Thanks,

 

[Guest]

Some of the stuff was dropped - basically if CF 2.0 has it, we removed it.
Everything else is fair game and will only be removed in future versions if
a CF version adds it. I can look around and see if we have a sample, but it
should work like the full framework's version so a desktop sample should be
applicable.

 

[Jeffry van de Vuurst]

Thanks, I will try a desktop version and see if I can get it working.

--
Jeffry van de Vuurst
CWR Mobility
www.cwrmobility.com
--

Some of the stuff was dropped - basically if CF 2.0 has it, we removed it.
Everything else is fair game and will only be removed in future versions
if a CF version adds it. I can look around and see if we have a sample,
but it should work like the full framework's version so a desktop sample
should be applicable.


--
Chris Tacke
OpenNETCF Consulting
Managed Code in the Embedded World
www.opennetcf.com
--

Hi,

I would like to use the ProtectedData.Protect() and Unprotect() features
to securely store sensitive info on the pda. I noticed that these methods
are not available for the compact framework. So ofcourse I went looking
into the OpenNETCF namespaces and fortunately I found them there.

A few questions:
- Daniel Moth mentions in his blog
(http://blog.opennetcf.org/dmoth/PermaLink,guid,29233388-f9a9-4056-bc97-2b90035cf542.aspx)
that the OpenNETCF.Security.Cryptography.* types are dropped due to
enhancements in CF 2.0. However, I still see them. Should I use them or
not?
- I tried to use the Protect and Unprotect methods from OpenNETCF, but
whatever I do, the Unprotect method keeps throwing a
CryptographicException. Does anybody have a working example on how to use
these? I basically do the following:
Encrypt:
ApplicationSettings["EncryptedPassword"] =
Convert.ToBase64String(ProtectedData.Protect(Encoding.UTF8.GetBytes(value),
null, DataProtectionScope.LocalMachine));
Decrypt:
byte[] arrDecrypted =
ProtectedData.Unprotect(Convert.FromBase64String(ApplicationSettings["EncryptedPassword"]),
null, DataProtectionScope.LocalMachine);

The exception occurs when I try to Unprotect it. I tried it with and
without the entropy bytes.

Also, how does the enum DataProtectionScope apply to the compact
framework? MSDN says that with the CurrentUser enum the data is
associated with the current user. Only threads running under the current
user context can unprotect the data. For LocalMachine, any process can
unprotect the data. I'm not sure how this would work on a pda. Is there
something like a current user context and a machine context?

Thanks,

 

[Jeffry van de Vuurst]

BTW, I'm reading an article on how DPAPI works and it says that a key is
generated from the user credentials, e.g. the user's password. How does that
work on the pocketpc? I'm not aware of any user credentials there.

--
Jeffry van de Vuurst
CWR Mobility
www.cwrmobility.com
--

Some of the stuff was dropped - basically if CF 2.0 has it, we removed it.
Everything else is fair game and will only be removed in future versions
if a CF version adds it. I can look around and see if we have a sample,
but it should work like the full framework's version so a desktop sample
should be applicable.


--
Chris Tacke
OpenNETCF Consulting
Managed Code in the Embedded World
www.opennetcf.com
--

Hi,

I would like to use the ProtectedData.Protect() and Unprotect() features
to securely store sensitive info on the pda. I noticed that these methods
are not available for the compact framework. So ofcourse I went looking
into the OpenNETCF namespaces and fortunately I found them there.

A few questions:
- Daniel Moth mentions in his blog
(http://blog.opennetcf.org/dmoth/PermaLink,guid,29233388-f9a9-4056-bc97-2b90035cf542.aspx)
that the OpenNETCF.Security.Cryptography.* types are dropped due to
enhancements in CF 2.0. However, I still see them. Should I use them or
not?
- I tried to use the Protect and Unprotect methods from OpenNETCF, but
whatever I do, the Unprotect method keeps throwing a
CryptographicException. Does anybody have a working example on how to use
these? I basically do the following:
Encrypt:
ApplicationSettings["EncryptedPassword"] =
Convert.ToBase64String(ProtectedData.Protect(Encoding.UTF8.GetBytes(value),
null, DataProtectionScope.LocalMachine));
Decrypt:
byte[] arrDecrypted =
ProtectedData.Unprotect(Convert.FromBase64String(ApplicationSettings["EncryptedPassword"]),
null, DataProtectionScope.LocalMachine);

The exception occurs when I try to Unprotect it. I tried it with and
without the entropy bytes.

Also, how does the enum DataProtectionScope apply to the compact
framework? MSDN says that with the CurrentUser enum the data is
associated with the current user. Only threads running under the current
user context can unprotect the data. For LocalMachine, any process can
unprotect the data. I'm not sure how this would work on a pda. Is there
something like a current user context and a machine context?

Thanks,