0

I want to generate a cypher text by using DpapiProtectedConfigurationProvider. All the codes I am seeing on the internet are do this inside a app.config. I know it is the reason this is originally build for. But I have a different usage. I have interface where user has to enter the text in a textbox and with a a click of button I need to generate the cpher text by using DpapiProtectedConfigurationProvider. How to achieve this?

Currently I am generating this inside the app.config by using following code. But this is not what I want

  Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
        //Configuration config = ConfigurationManager.OpenExeConfiguration(exefilePath);

        ConfigurationSection section = config.GetSection(sectionKey);

        if (section != null)
        {
            if (section.ElementInformation.IsLocked)
            {
                Console.WriteLine("Section: {0} is locked", sectionKey);
            }
            else
            {
                if (!section.SectionInformation.IsProtected)
                {
                    //%windir%\system32\Microsoft\Protect\S-1-5-18
                    section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
                    section.SectionInformation.ForceSave = true;
                    Console.WriteLine("Encrypting: {0} {1}", section.SectionInformation.Name, section.SectionInformation.SectionName);

                }
                else
                { // display values for current config application name value pairs
                   
                    //
                    section.SectionInformation.UnprotectSection();
                    section.SectionInformation.ForceSave = true;
                    Console.WriteLine("Decrypting: {0} {1}", section.SectionInformation.Name, section.SectionInformation.SectionName);
                }
            }
        }
        else
        {
            Console.WriteLine("Section: {0} is null", sectionKey);
        }

        //
        config.Save(ConfigurationSaveMode.Full);
        Console.WriteLine("Saving file: {0}", config.FilePath);

How I do this?

Prageeth Liyanage
  • 1,612
  • 2
  • 19
  • 41

1 Answers1

0

The DpapiProtectedConfigurationProvider class "uses the Windows built-in cryptographic services and can be configured for either machine-specific or user-account-specific protection."

Depending on the flags used, data encrypted using DPAPI can only be decrypted by code running on the same machine where it was encrypted, or code running under the same user account where it was encrypted.

The precise algorithm used may vary depending on the version of Windows being used. From what I can see, the CryptProtectData function uses either 3DES or AES256:

c# - Which encryption algorithm does the ProtectData class use? - Stack Overflow
c# - Which Encryption algorithm does ProtectedData use? - Stack Overflow

Richard Deeming
  • 29,830
  • 10
  • 79
  • 151