Created
July 26, 2017 13:45
-
-
Save panagis/4eee7f85de6a736d190ead2069eaf012 to your computer and use it in GitHub Desktop.
[C#] An interface to the .NET Data Protection API.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| using System.Security; | |
| using System.Security.Cryptography; | |
| using System.Text; | |
| namespace Encryption | |
| { | |
| /// <summary> | |
| /// myDPAPI provides an interface to the Data Protection API which provides useful system-level security tools. | |
| /// </summary> | |
| public static class myDPAPI | |
| { | |
| /// <summary> | |
| /// A UTF-16 encoded secret key. | |
| /// </summary> | |
| private static SecureString _salt = ToSecureString("zXVVV/Rg5HuC63O7iPEKI5MYiYigSMewGmcgW8ITBZg="); | |
| /// <summary> | |
| /// Encrypts the input string using DPAPI with a salt. | |
| /// </summary> | |
| /// <param name="String">UTF-16 encoded text.</param> | |
| /// <returns>Returns a Base64 representation of the encrypted bytes.</returns> | |
| public static string EncryptString(SecureString String) | |
| { | |
| if (string.IsNullOrEmpty(ToInsecureString(String))) | |
| throw new ArgumentNullException("The input string can't be null"); | |
| try | |
| { | |
| byte[] encryptedBytes = ProtectedData.Protect( | |
| Encoding.Unicode.GetBytes(ToInsecureString(String)), | |
| Encoding.Unicode.GetBytes(ToInsecureString(_salt)), | |
| DataProtectionScope.CurrentUser); | |
| return Convert.ToBase64String(encryptedBytes); | |
| } | |
| catch (Exception) | |
| { | |
| throw; | |
| } | |
| } | |
| /// <summary> | |
| /// Decrypts the input string using DPAPI with a salt. | |
| /// </summary> | |
| /// <param name="String">Base64 encoded bytes.</param> | |
| /// <returns>Returns a UTF-16 representation of the decrypted bytes.</returns> | |
| public static SecureString DecryptString(string String) | |
| { | |
| if (String.IsNullOrEmpty(String)) | |
| throw new ArgumentNullException("The input string can't be null"); | |
| try | |
| { | |
| byte[] decryptedBytes = ProtectedData.Unprotect( | |
| Convert.FromBase64String(String), | |
| Encoding.Unicode.GetBytes(ToInsecureString(_salt)), | |
| DataProtectionScope.CurrentUser); | |
| return ToSecureString(Encoding.Unicode.GetString(decryptedBytes)); | |
| } | |
| catch (Exception) | |
| { | |
| throw; | |
| } | |
| } | |
| /// <summary> | |
| /// Converts the given string to SecureString. | |
| /// </summary> | |
| public static SecureString ToSecureString(string String) | |
| { | |
| if (String.IsNullOrEmpty(String)) | |
| throw new ArgumentNullException("The input string can't be null"); | |
| SecureString secureString = new SecureString(); | |
| foreach (char c in String) | |
| secureString.AppendChar(c); | |
| secureString.MakeReadOnly(); | |
| return secureString; | |
| } | |
| /// <summary> | |
| /// Converts the given SecureString to string. | |
| /// </summary> | |
| public static string ToInsecureString(SecureString String) | |
| { | |
| string insecureString = string.Empty; | |
| IntPtr ptr = Marshal.SecureStringToBSTR(String); | |
| try | |
| { | |
| insecureString = Marshal.PtrToStringBSTR(ptr); | |
| } | |
| catch (Exception) | |
| { | |
| throw; | |
| } | |
| finally | |
| { | |
| Marshal.ZeroFreeBSTR(ptr); | |
| } | |
| return insecureString; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment