R
rcangus
Hi,
I was wondering if there was anyone else who is having some
difficulties using the DPAPI Crypto calls of WM 2003 SE/ WM 5.0.
What I am doing
=============
I am creating a library that wraps the provides RSA, 3DES, and RijnDael
cryptoghraphic providers. As a part of this, the use of symmetric keys
for the 3DES and RijnDael presents me with an interesting problem: how
to securely store the symmetrtic key.
To this end, I have gone down the path of using the DPAPI Crypto
unmanaged API. I have tried using P/Invoke, as well as using the
OpenNETCF 1.3 ProtectedData classes, but to no avail.
The encrypt works great, and produces encrypted data nicely. However, I
run into problems when I try to Unprotect the data. After much cursing
and gnashing of teeth, I found the error message:
"The data is invalid."
The following is the code that I am using:
Imports OpenNETCF.Security.Cryptography
....
saltBytes = Encoding.ASCII.GetBytes(desParams.SaltValue)
derivedPassword = New PasswordDeriveBytes(desParams.Password,
saltBytes)
derivedKeyBytes = derivedPassword.GetBytes(DEFAULT_KEY_SIZE)
encryptedKeyBytes = ProtectedData.Protect(derivedKeyBytes, saltBytes,
DataProtectionScope.LocalMachine)
decryptedKeyBytes = ProtectedData.Unprotect(encryptedKeyBytes,
saltBytes, DataProtectionScope.LocalMachine)
desParams.saltValue = "1Password!"
desParams.Password = "1Password!"
DEFAULT_KEY_SIZE = 16
I am using the OpenNETCF 1.3, with CF 2.0.
I have also tried using P/Invoke API calls, and get the same problems.
Any one out there have any ideas?
Cheers
I was wondering if there was anyone else who is having some
difficulties using the DPAPI Crypto calls of WM 2003 SE/ WM 5.0.
What I am doing
=============
I am creating a library that wraps the provides RSA, 3DES, and RijnDael
cryptoghraphic providers. As a part of this, the use of symmetric keys
for the 3DES and RijnDael presents me with an interesting problem: how
to securely store the symmetrtic key.
To this end, I have gone down the path of using the DPAPI Crypto
unmanaged API. I have tried using P/Invoke, as well as using the
OpenNETCF 1.3 ProtectedData classes, but to no avail.
The encrypt works great, and produces encrypted data nicely. However, I
run into problems when I try to Unprotect the data. After much cursing
and gnashing of teeth, I found the error message:
"The data is invalid."
The following is the code that I am using:
Imports OpenNETCF.Security.Cryptography
....
saltBytes = Encoding.ASCII.GetBytes(desParams.SaltValue)
derivedPassword = New PasswordDeriveBytes(desParams.Password,
saltBytes)
derivedKeyBytes = derivedPassword.GetBytes(DEFAULT_KEY_SIZE)
encryptedKeyBytes = ProtectedData.Protect(derivedKeyBytes, saltBytes,
DataProtectionScope.LocalMachine)
decryptedKeyBytes = ProtectedData.Unprotect(encryptedKeyBytes,
saltBytes, DataProtectionScope.LocalMachine)
desParams.saltValue = "1Password!"
desParams.Password = "1Password!"
DEFAULT_KEY_SIZE = 16
I am using the OpenNETCF 1.3, with CF 2.0.
I have also tried using P/Invoke API calls, and get the same problems.
Any one out there have any ideas?
Cheers
I have been going around in circles for the last week