private static void InitPromptstruct(ref NativeMethods.CryptProtectPromptStruct ps)
{
ps.Size = Marshal.SizeOf(typeof(NativeMethods.CryptProtectPromptStruct));
ps.PromptFlags = 0;
ps.AppWindowHandle = IntPtr.Zero;
ps.Prompt = null;
}
private byte[] EncryptInternal(byte[] plaintext, byte[] entropy)
{
NativeMethods.DataBlob plainTextBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob cipherBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob entropyBlob = new NativeMethods.DataBlob();
//BUG: possible bug here, do we need to clean up the prompt struct?
// don't think so, but check...
NativeMethods.CryptProtectPromptStruct prompt = new NativeMethods.CryptProtectPromptStruct();
InitPromptstruct(ref prompt);
int flags;
byte[] cipherText = null;
try
{
plainTextBlob.DataPointer = Marshal.AllocHGlobal(plaintext.Length);
plainTextBlob.Size = plaintext.Length;
Marshal.Copy(plaintext, 0, plainTextBlob.DataPointer, plaintext.Length);
if (DpapiStorageMode.Machine == storeMode)
{
// Using the machine store, should be providing entropy.
flags = CryptProtectLocalMachine | CryptProtectUIForbidden;
entropyBlob.DataPointer = Marshal.AllocHGlobal(entropy.Length);
Marshal.Copy(entropy, 0, entropyBlob.DataPointer, entropy.Length);
entropyBlob.Size = entropy.Length;
}
else
{
// Using the user store
flags = CryptProtectUIForbidden;
}
if (!NativeMethods.CryptProtectData(ref plainTextBlob, String.Empty, ref entropyBlob, IntPtr.Zero, ref prompt, flags, ref cipherBlob))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
cipherText = new byte[cipherBlob.Size];
Marshal.Copy(cipherBlob.DataPointer, cipherText, 0, cipherBlob.Size);
}
finally
{
// Free the blob and entropy.
if (IntPtr.Zero != cipherBlob.DataPointer)
{
Marshal.FreeHGlobal(cipherBlob.DataPointer);
}
if (IntPtr.Zero != entropyBlob.DataPointer)
{
Marshal.FreeHGlobal(entropyBlob.DataPointer);
}
if (IntPtr.Zero != plainTextBlob.DataPointer)
{
Marshal.FreeHGlobal(plainTextBlob.DataPointer);
}
}
return cipherText;
}
private byte[] DecryptInternal(byte[] cipherText, byte[] entropy)
{
NativeMethods.DataBlob plainTextBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob cipherBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob entropyBlob = new NativeMethods.DataBlob();
NativeMethods.CryptProtectPromptStruct prompt = new NativeMethods.CryptProtectPromptStruct();
InitPromptstruct(ref prompt);
int flags = 0;
byte[] plainText = null;
try
{
cipherBlob.DataPointer = Marshal.AllocHGlobal(cipherText.Length);
cipherBlob.Size = cipherText.Length;
Marshal.Copy(cipherText, 0, cipherBlob.DataPointer, cipherText.Length);
if (DpapiStorageMode.Machine == storeMode)
{
// Using the machine store, should be providing entropy.
flags = CryptProtectLocalMachine | CryptProtectUIForbidden;
entropyBlob.DataPointer = Marshal.AllocHGlobal(entropy.Length);
entropyBlob.Size = entropy.Length;
Marshal.Copy(entropy, 0, entropyBlob.DataPointer, entropy.Length);
}
else
{
// Using the user store; therefore don't build entropy
flags = CryptProtectUIForbidden;
}
if (!NativeMethods.CryptUnprotectData(ref cipherBlob, null, ref entropyBlob, IntPtr.Zero, ref prompt, flags, ref plainTextBlob))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
plainText = new byte[plainTextBlob.Size];
Marshal.Copy(plainTextBlob.DataPointer, plainText, 0, plainTextBlob.Size);
}
finally
{
// Free the blob and entropy.
if (IntPtr.Zero != cipherBlob.DataPointer)
{
Marshal.FreeHGlobal(cipherBlob.DataPointer);
}
if (IntPtr.Zero != entropyBlob.DataPointer)
{
Marshal.FreeHGlobal(entropyBlob.DataPointer);
}
if (IntPtr.Zero != plainTextBlob.DataPointer)
{
Marshal.FreeHGlobal(plainTextBlob.DataPointer);
}
}
return plainText;
}
private byte[] DecryptInternal(byte[] cipherText, byte[] entropy)
{
NativeMethods.DataBlob plainTextBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob cipherBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob entropyBlob = new NativeMethods.DataBlob();
NativeMethods.CryptProtectPromptStruct prompt = new NativeMethods.CryptProtectPromptStruct();
InitPromptstruct(ref prompt);
int flags = 0;
byte[] plainText = null;
try
{
cipherBlob.DataPointer = Marshal.AllocHGlobal(cipherText.Length);
cipherBlob.Size = cipherText.Length;
Marshal.Copy(cipherText, 0, cipherBlob.DataPointer, cipherText.Length);
if (DpapiStorageMode.Machine == storeMode)
{
// Using the machine store, should be providing entropy.
flags = CryptProtectLocalMachine | CryptProtectUIForbidden;
entropyBlob.DataPointer = Marshal.AllocHGlobal(entropy.Length);
entropyBlob.Size = entropy.Length;
Marshal.Copy(entropy, 0, entropyBlob.DataPointer, entropy.Length);
}
else
{
// Using the user store; therefore don't build entropy
flags = CryptProtectUIForbidden;
}
if (!NativeMethods.CryptUnprotectData(ref cipherBlob, null, ref entropyBlob, IntPtr.Zero, ref prompt, flags, ref plainTextBlob))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
plainText = new byte[plainTextBlob.Size];
Marshal.Copy(plainTextBlob.DataPointer, plainText, 0, plainTextBlob.Size);
}
finally
{
// Free the blob and entropy.
if (IntPtr.Zero != cipherBlob.DataPointer)
{
Marshal.FreeHGlobal(cipherBlob.DataPointer);
}
if (IntPtr.Zero != entropyBlob.DataPointer)
{
Marshal.FreeHGlobal(entropyBlob.DataPointer);
}
if (IntPtr.Zero != plainTextBlob.DataPointer)
{
Marshal.FreeHGlobal(plainTextBlob.DataPointer);
}
}
return(plainText);
}
private byte[] EncryptInternal(byte[] plaintext, byte[] entropy)
{
NativeMethods.DataBlob plainTextBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob cipherBlob = new NativeMethods.DataBlob();
NativeMethods.DataBlob entropyBlob = new NativeMethods.DataBlob();
//BUG: possible bug here, do we need to clean up the prompt struct?
// don't think so, but check...
NativeMethods.CryptProtectPromptStruct prompt = new NativeMethods.CryptProtectPromptStruct();
InitPromptstruct(ref prompt);
int flags;
byte[] cipherText = null;
try
{
plainTextBlob.DataPointer = Marshal.AllocHGlobal(plaintext.Length);
plainTextBlob.Size = plaintext.Length;
Marshal.Copy(plaintext, 0, plainTextBlob.DataPointer, plaintext.Length);
if (DpapiStorageMode.Machine == storeMode)
{
// Using the machine store, should be providing entropy.
flags = CryptProtectLocalMachine | CryptProtectUIForbidden;
entropyBlob.DataPointer = Marshal.AllocHGlobal(entropy.Length);
Marshal.Copy(entropy, 0, entropyBlob.DataPointer, entropy.Length);
entropyBlob.Size = entropy.Length;
}
else
{
// Using the user store
flags = CryptProtectUIForbidden;
}
if (!NativeMethods.CryptProtectData(ref plainTextBlob, String.Empty, ref entropyBlob, IntPtr.Zero, ref prompt, flags, ref cipherBlob))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
cipherText = new byte[cipherBlob.Size];
Marshal.Copy(cipherBlob.DataPointer, cipherText, 0, cipherBlob.Size);
}
finally
{
// Free the blob and entropy.
if (IntPtr.Zero != cipherBlob.DataPointer)
{
Marshal.FreeHGlobal(cipherBlob.DataPointer);
}
if (IntPtr.Zero != entropyBlob.DataPointer)
{
Marshal.FreeHGlobal(entropyBlob.DataPointer);
}
if (IntPtr.Zero != plainTextBlob.DataPointer)
{
Marshal.FreeHGlobal(plainTextBlob.DataPointer);
}
}
return(cipherText);
}